The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Because of the rapid growth in e-commerce, we can buy things walking around. Its not the expensive items, but the small and cheap items such as text files, music files, movies that we buy while walking around. As this kind of e-commerce grows, micro-payment system develop these days. Since its so convenient, and simple, more and more people use it. Despite its merit, it has some problems to be solved...
Authentication is the first line of defense against compromising confidentiality and integrity. Though traditional login/password based schemes are easy to implement, they have been subjected to several attacks. As an alternative, token and biometric based authentication systems were introduced. However, they have not improved substantially to justify the investment. Thus, a variation to the login/password...
Wireless Local Area Networks (WLANs) based on the IEEE 802.11 standards are becoming increasingly popular in businesses, governments, educations, public and individual. However, when transmissions are broadcast over radio waves, interception and masquerading becomes trivial to anyone with a radio, and so there is a need to employ additional mechanisms to protect the communication. In this paper, we...
Mobile IPv6 has been developed for quite a few years now, but it has yet to bring its constant connectivity and global reachability benefits to mobile devices in real world scenarios, mainly due to lack of trouble-free and secure network access and data transmission for devices as they roam. In this paper we propose a Unified Architecture that combines the strengths of Mobile IPv6 and AAA services...
In this paper, we propose a security framework, looking at different policies for data access control in the mobile environments. We have started with extending the Platform for Privacy Preferences (P3P) policy for controlling the data access. The aim is to modify the P3P policy and to use it in the security capsule of a mobile handset. The service provider can publish the P3P policy in the WebServices...
Mobile ad hoc Networks refers to the infrastructure less, resource poor wireless networks whose interaction is unplanned in such a way that location of participating nodes and parties can not be identifiable. The mobile devices are used by people to access services in various environments. Before two or more mobile networks ready to interact, they must trust that each will satisfy the security and...
With the requirements of mobility, flexibility, and rapid response, public safety Mesh networks are widely used for emergency services to improve the efficiency of public safety communication to prevent or respond to incidents that harm or endanger persons or property. This special field communication brings new security challenges. In this paper, we propose a key agreement scheme with voting receiver...
Over the last decade, the mobile device has become a ubiquitous tool within everyday life. Unfortunately, whilst the popularity of mobile devices has increased, a corresponding increase can also be identified in the threats being targeted towards these devices. Security countermeasures such as AV and firewalls are being deployed, however, the increasing sophistication of the attacks requires additional...
AJAX applications provide new learning possibilities through its support to dynamic interaction, knowledge sharing, and collaboration. Developers should be weary of new insecurities introduced by these capabilities. The mobile industry in particular has not made better use of AJAX because of the complexities involved dealing with open source XMLized documents such as SVGs. Such documents are becoming...
The generation of young people who do not remember life before the Internet, who grew up surrounded by computing technology and mobile phones, are often referred to as `digital natives'. This generation has a special affinity to mobile devices - young people often carry their mobile phones with them at all times to keep a constant connection with their friends while also consuming and creating digital...
Authorization means using techniques to establish identity, based on the knowledge and information you know, have or are. A user name and a password is the knowledge people know, for example. Subscriber Identity Module (SIM) card in your mobile or a security ID card is what people have. Biometrics information, such as iris, fingerprint or face structure are what people are. The main theme of this...
This paper analyzes the processes of the mobile payment, and proposes that secure communication between user mobile terminal and mobile payment platform is the key element of the mobile payment system. Then it presents a TTP-based security mobile payment model and from the two aspects secure including authentication and information transmission it analyzes security policy of the model that can achieve...
Recently, Lee et al. proposed a delegation-based authentication protocol which provides secure and private roaming service for portable communication systems in global mobility networks. In this paper, we show that 1) Lee et al.'s protocol cannot protect users' privacy even though the protocol provides the user identity privacy; and 2) the unlinkability is required for delegation-based authentication...
There are multiple administrative domains in a grid environment where each domain has a policy space of their own. Generally, a mobile process usually travels from one policy space to another. However, current grid security infrastructure lacks in support of mobile processes in grid environment. This paper presents a credit quantitative criterion for a mobile process, and realizes security information...
Authentication is a mechanism to establish proof of identities. Traditional password authentication could not provide enough security for the information system when it faces the most modern means of attack. The problem could be solved by taking token authentication, but as a new authentication system, it is difficult connecting with existed authentication systems, especially in the authorized access...
The focus of this paper is on access security aspects of 3G-WLAN interworking. Firstly, the authentication entities which do not rely on the concrete heterogeneous network are abstracted by analyzing 3G-WLAN multi-kind heterogeneous network model. And then a common authentication model is established and a novel access authentication and key agreement scheme combined elliptic curve cryptographic techniques...
Security has become a critical requirement of MIPv6 which will play an important role in next generation mobile network. Although some effective solutions have been proposed, but there is still a serious problem existed which concerns about security compatibility between MIPv6 node (MN) and the access network (AN). A policy-based distributed security management method is presented to solve this problem...
IMSI (International Mobile Station Identity) is a unique number associated with all GSM and UMTS network mobile phone user. IMSI filtering - a prefix filtering, is an important function in the 3G firewall. It is an indefinite filtering which affects the efficiency of the security device. This paper brings forward a parallel processing method which uses vector coding and structure of bloom filter....
With the development of mobile network and computer technology, MIPv6 is brought to the internet. Taking care of the security concerns about network connection, we bring AAA system into the mobile network. In order to be permitted in the integrated architecture of MIPv6 and AAA systems, the users have to get network access permission and AAA response from AAAH. This paper presents an optimization...
This paper presents a qualitative risk analysis of the General Packet Radio Service (GPRS) technology. GPRS presents several essential security weaknesses which may lead to security attacks that can compromise the network operation and the data transfer. We perform a detailed threat analysis by identifying the possible attacks that may result from the GPRS security weaknesses. The analyzed threats...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.