1 / 28

Mobile Computing - Security Issues -

Mobile Computing - Security Issues -. Advisor : Dr. Celeste Team Number : 6 941633 張耕瑋 941634 黃峻亨 941636 楊銘鴻 941641 李昌諭 941718 吳政穎 941635 陳建廷. Outline. Introduction to Mobile Computing Security Issues of Mobile Computing Security Policies Security Prevent

troypierce
Télécharger la présentation

Mobile Computing - Security Issues -

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile Computing- Security Issues - Advisor : Dr. Celeste Team Number : 6 941633 張耕瑋 941634 黃峻亨 941636 楊銘鴻941641 李昌諭 941718 吳政穎 941635 陳建廷

  2. Outline • Introduction to Mobile Computing • Security Issues of Mobile Computing • Security Policies • Security Prevent • Applications and Enterprise Case

  3. Introduction • Definition • Mobile computing & Ubiquitous computing • Features • Technical and other limitations of mobile computing • Insufficient bandwidth • Security standards • Power consumption • Transmission interferences • Potential health hazards • Human interface with device • Wireless communication and network

  4. Why Security Is Important in Mobile Computing? Data is cited from www.SearchMobileComputing.com

  5. What Security Issues We Concern about? Data is cited from www.SearchMobileComputing.com

  6. Security Issues of Wireless Network • Security is major issue • Protection of Mobile Devices • Software Security – program vulnerabilities • Security Protocols - authentication • Different architecture has different security vulnerabilities

  7. Information Security Threat • Common security threat in wireless network can be categorized into two types: • Passive - difficult to detect • Active – possible to detect

  8. Information Transfer Attacks • Interception • Modification • Fabrication • Interruption

  9. Information Attacks • Virus and Worms • Denial of Service • Intrusion

  10. Instances • 911 Virus • PalmOS/LibertyCrack

  11. How to Prevent? • Security policies! • Symbian: Protect your data, not just your device • Technical support

  12. Basic Concepts in Security • Confidentiality • Integrity • Availability • Authorization • Dependability and Reliability • Accountability

  13. Securities Policies We need • A process when devices be stole • Security policy between wired network and wireless network • A mechanism to manage carrier who has secret data • Standard to control virus, worm… • Hierarchy certificate mechanism

  14. Security Policies • Information security • Networksecurity • Devicesecurity • People training

  15. Security Policy in Hotspot • Hotspot • Hotspotis the location supply LAN that is open for public. • Data transfer don’t encrypt. • Hotspot Security • Establish system to prevent fake Hotspot Service • Turn off the Ad-hoc network mode • Don’t set auto-connect to AP • Pre-set to use VPN • Mobile Computing Security • Don’t use trusted networkand un-trusted network at same time

  16. Prevention Encrypt Signature + CA Signature + CA Digital Signature Types of Attack Interception Fabrication Interruption Modification Attack Prevention

  17. BS SS authentication informationX.509 certificate authorization requestX.509 certificate, capability, Basic CID AK exchange authorization replyencrypted AK, SAIDs, SQNAK,… key requestSAID, HMAC-Digest,… key replyencrypted TEK, CBC IV, HMAC-Digest,… TEK exchange Data exchange( encrypt by TEK) WiMAX PKM Protocol

  18. WAYs To Prevent • Encrypt • Separate risks • Firewall • Redact

  19. Encrypt • EFS (Encrypting file system) symmetric encryption: asymmetric encryption :

  20. Encrypt • Two-factor authentication password IC Card + Or others :

  21. Separate risks CD-Rom Notebook Server USB flash drive

  22. Firewall

  23. Redact Document 2. Employees 1. coping sensitive record into removable disk before employees carry documents out . Sensitive data

  24. Enterprise case Notebook computer PDA

  25. The Security in Mobile Phone • Beginning of Mobile Phone Virus • Recent Viruses • The Way Viruses Infect • Problems of Anti-Virus

  26. Main Reference • Wikipedia • www.searchmobilecomputing.com • www.ZDnet.com.tw • Security in Distributed, Grid, Mobile, and Pervasive Computing by Yang Xiao • www.cert.org.tw/index.php • www.cio.com

  27. Thank you for listening! 

More Related