Security and Privacy in Mobile Information and Communication Systems - First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers

Preface

Organization

Table of Contents

On Trust Evaluation in Mobile Ad Hoc Networks

Introduction

Related Work

Definition of Trust

Accuracy of Trust Evaluation

Estimation of a Node’s Capacities

Number of Observations Required

Trust and Network Connectivity

Connectivity of Trust-Based Networks

Validation

Conclusion

References

A Distributed Data Storage Scheme for Sensor Networks

Introduction

Proposed Data Partitioning Scheme

A Stronger Variation to the Protocol Modulo a Composite Number

Addressing the Data Partitions

Future Work and Other Applications

Conclusions

References

A Rich Client-Server Based Framework for Convenient Security and Management of Mobile Applications

Introduction

State of the Art

A Framework for Secured Applications

A Sample Scenario

The Use Case

The Authentication Services

Architecture of the Plaform

Risk Analysis

The Open and Secure Mobile System

OSMOSYS Client and Companion

OSMOSYS Server

Conclusion and Future Work

References

A Robust Conditional Privacy-Preserving Authentication Protocol in VANET

Introduction

Security Requirements

SystemModel

Proposed Protocol

Setup

Registration

Multiple Anonymous Certificates Generation

Safety Message Authentication

OBU’s Real ID Trace

Discussion

Security

Efficiency

Conclusion

References

An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response

Introduction

Trusted Computing

Mobile Agents

Related Work

Mobile Agent Security in Disaster-Relief Scenarios

Local Attestation

Operational Challenges

An Attestation Based Key Release Protocol

The AAT Hardware Architecture

Conclusion

References

An ECDLP-Based Threshold Proxy Signature Scheme Using Self-Certified Public Key System

Introduction

The Proposed Scheme

Registration

Proxy Share Generation

Proxy Signature Issuing without Revealing Proxy Shares

Proxy Signature Verification

Correctness of the Proposed Scheme

Security Analysis

Performance Evaluation

Conclusions

References

Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms

Introduction

Security Goals

Our Approach

Secure Boot

Secure Runtime

Putting Together: IntegrityMeasurement and Protection

Implementation

Related Work

Conclusion

References

Context-Aware Monitoring of Untrusted Mobile Applications

Introduction

Mobile Malware Defence

Execution Monitoring

Paper Structure

Modelling Application Behaviour

Approach Summary

Application Behaviour Modelling Language (ABML)

Demonstration

Existing Device Protection

Attacks and Countermeasures

Policy Compilation and Enforcement

Synthesising Monitors from ABML Specifications

ABML Policy Enforcement

Performance Analysis

Related Work

Conclusion

References

Extending the Belgian eID Technology with Mobile Security Functionality

Introduction

Belgian Electronic Identity Card Technology

Notations

Mobile Access to Secrets

Proxying the Belgian eID

Discussion

A Mobile and Secure e-mail Client

Requirements

Protocols

Evaluation

Conclusion

References

Filtering SPAM in P2PSIP Communities with Web of Trust

Introduction

A P2P SIP System

Trust in a Distributed System

Beyond the First Hop

Trusted Pathfinder Service

Implementation of the Pathfinder

Performance

Wotsap PGP Signature Data-Set

Measurements

Conclusion

References

Generating Random and Pseudorandom Sequences in Mobile Devices

Introduction

Requirements on Random Data

Qualitative Requirements

Quantitative Requirements

Randomness in Mobile Devices

Sources of Randomness in Mobile Devices

Secure Pseudorandom Numbers

Integration into Symbian OS

ANSI X9.31 PRNG

Fortuna PRNG

Conclusions and Future Work

References

A Context-Aware Security Framework for Next Generation Mobile Networks

Introduction

Related Work

Context-Aware Security Framework

Security Context

Security Actions

Context-Based Security Policies

Architectural Model

Conclusions

References

Information Reconciliation Using Reliability in Secret Key Agreement Scheme with ESPAR Antenna

Introduction

Secret Key Agreement Scheme Using ESPAR Antenna

Cascade Protocol

Cascade Using Reliability

Simulation Setting

System Model

Simulation Model

Simulation Results

The Number of Disclosed Bits

The Number of Communications

The Efficiency of Protocol

Conclusion

References

Protecting Privacy and Securing the Gathering of Location Proofs – The Secure Location Verification Proof Gathering Protocol

Introduction

Related Work

A System for the Secure Verification of Location Claims

System Model and Assumptions

Threat Model

The Role of the Verifier

The Use of Distance Bounding in the SLVPGP

The Secure Location Verification Proof Gathering Protocol (SLVPGP)

Protocol Outline

Protocol Discussion

Extending the Protocol

The SLVPGP: Extension 1

The SLVPGP: Extension 2

The SLVPGP: Extension 3

Overall Analysis

Cost Analysis

Security Analysis

Future Work

Conclusion

References

Providing Strong Security and High Privacy in Low-Cost RFID Networks

Introduction

The RFID Technology

A New Problematic

Privacy Threats

Related Works

Proposed Solution

A Few Assumptions

The Protocol

Security Evaluation

Security Analysis

Privacy Analysis

Conclusion

References

Safe, Fault Tolerant and Capture-Resilient Environmental Parameters Survey Using WSNs

Introduction

Model Architecture and Network Functioning

Tree Construction

Tree Maintenance and Convergence

Routing Tree

Nodes Querying

Automatic Rejoining

Data Integrity and Authenticity

Nodes Initialization

Data Collection and Hashchains

Capture-Resilience

Conclusion

References

SAVAH: Source Address Validation with Host Identity Protocol

Introduction

Background on Host Identity Protocol

Related Work

SAVAH Design and Implementation

SAVAH Architecture

SAVAH Router Discovery

Packet Authentication

Source Address Validation

Deployment and Integration with General SAVA Architecture

Performance Evaluation

Conclusions

References

Secure Service Invocation in a Peer-to-Peer Environment Using JXTA-SOAP

Introduction

Background

JXTA-SOAP

JXTA-SOAP for Java Standard Edition (J2SE)

JXTA-SOAP for Java Micro Edition (J2ME)

Secure Service Invocation

DefaultTLSTransport

DefaultWSSMessage

MIKEYPolicy for Mobile Applications

Conclusions

References

Security Aspects of Smart Cards vs. Embedded Security in Machine-to-Machine (M2M) Advanced Mobile Network Applications

Introduction

M2M Requirements

The Options for a TRE to Host Secure, Downloadable MCIMs

Smart Card Security in Mobile Networks: Why Is the Smart Card a Trusted Anchor?

Meeting M2M Requirements with UICCs

Security Analysis and Comparison: Can an Embedded TRE Ever Be as Secure as a Smart Card?

Conclusions

References

Simple Peer-to-Peer SIP Privacy

Introduction

Problem Scope

SolutionModel

Storage Key Obfuscation

Usability Considerations

Implementation

Technology

Prototype Overview

Privacy Enhancements

Evaluation

Discussion

Summary and Future Work

References

On Modeling Viral Diffusion in Heterogeneous Wireless Networks

Introduction

Related Works and Motivation

Modeling Disease with Heterogeneity of Nodes

Assumptions

Elaborate Models

Discussion on the Models

Assumption and Parameter Discussion

Analysis of Disease Extent

Simulation Results

Conclusions and Future Works

References

Mobile WiMAX Network Security

Introduction

WiMAX Network Architecture

Network Access Authentication

Authentication Scenarios

Subscription Authentication

Device Authentication and Subscription Provisioning

Key Management for Mobility Support

Summary and Outlook

References

LoPSiL: A Location-Based Policy-Specification Language

Introduction

LoPSiL

Core Linguistic Constructs

Example Policies

A LoPSiL Compiler

Compiler Architecture

Experiential Observations

Conclusions and Future Work

References

Impersonation Attacks on a Mobile Security Protocol for End-to-End Communications

Introduction

The LYH Mobile End-to-End Authentication and Secrecy Protocol

Certification Phase

Authentication Phase

Analyzing the LYH Protocol

Forging Certificates for the LYH Protocol

An Attack to Impersonate a Mobile User

An Attack to Impersonate a Base Station

Fixing the LYH Protocol

Using the Elgamal Signature Scheme in the LYH Protocol

Resistance of Fixed Protocol to the Presented Impersonation Attacks

Conclusions

References

Author Index