Smarttelefonen - en säkerhetsrisk i samhället

Engberg, Emelie, Landerup, Marina

January 1900

Den tekniska utvecklingen i samhället går fortare och fortare framåt. Idag är det inte ovanligt att mobiltelefonerna används för att göra bankärenden, hantera e-post och vara aktiv på sociala medier. Tekniker och lösningar som utvecklas ska vara kostnadseffektiva och användarvänliga, men är detta på bekostnad av informationssäkerheten? Frågeställningar som har besvarat handlar om vilka sårbarheter i tekniken som angripare kan utnyttja för att ta sig in i en telefon, hur det upptäcks och vilka proaktiva åtgärder som kan implementeras. Dessutom har det undersökts hur personer använder sina smarta telefoner och hur pass insatta personer är inom telefonernas säkerhet. På vilka sätt en mobiltelefon kan innebära en säkerhetsrisk i samhället har undersökts genom att en fallstudie utförts. Studien är kvantitativ då bland annat en enkät har skickats ut på ett socialt medie för att undersöka allmänhetens medvetenhet och kunskap gällande mobiltelefoners informationssäkerhet. I studien har hela 210 respondenter deltagit, av dessa är det exempelvis endast 17 % som tycker det är självklart att använda antivirusprogram på mobiltelefonen. Dessutom är det enbart 27 % som prioriterar säkerheten före pris, utseende och popularitet, när de ska ladda ner en app. Genom att räkna ut korrelationer mellan respondenternas svar så kunde flertalet samband fastställas, exempelvis påvisas det att personer som anser sig ha bra koll på informationssäkerhet inte använder anti-virus på sin smarttelefon. Allmänhetens insikt och beteende gällande informationssäkerhet är i många avseenden direkt avgörande när det kommer till tekniska lösningars säkerhet. Om en anslutning har säkerhetsbrister är det extra viktigt att enheter används på ett korrekt och skyddande sätt, så att inte informationsläckage uppstår. Resultatet av studien kan användas som underlag för vidare forskning inom arbetet med mobiltelefoners informationssäkerhet. Fallstudien har gjorts på uppdrag av två utvecklingsingenjörer, vilka har utvecklat Portiér, ett portlås som ska låsas upp med hjälp av användarens mobiltelefon. Informationssäkerheten i portlåset har undersökts på det sättet att riskidentifiering och konsekvensbedömning har sammansats till en riskanalys. Genom fallstudien kunde frågan kring huruvida smarttelefonen utgör en säkerhetsrisk i samhället eller inte besvaras. / The technical development of society goes faster and faster. Today it is not rare that we use mobile phones to make banking transactions, manage email and be active on social media. Technologies and solutions that are developed should be cost-effective and user-friendly, but is it at the expense of information security? It ́s important to consider how unauthorized persons can penetrate a mobile phone, how it ́s detected and what proactive measures can be implemented. Moreover, in this study it has been investigated how people use their smart phones and how familiar people are in the phones' security. In what ways a cell phone can cause a security issue in modern society has also been raised in a case study. This study performed a quantitative analysis where a questionnaire was sent via social media to examine public awareness regarding mobile phones information. In the study, 210 respondents participated, of these, for example, only 17% responded that it ́s obvious to use antivirus program on their mobile phone. Moreover, only 27% that prioritize safety before price, appearance and popularity, when considering downloading an app. By calculating correlations between respondents' answers, several pertience established. Among other things, demonstrated correlation between people who, although they claimed to have good eye of information security, they did not use anti-virus on your smart phone. Public awareness and behavior regarding information security is in many respects crucial when it comes to technical solutions, security. If a connection involves security flaws, it ́s especially important that the devices are used correctly and in protective manner, to avoid information leakage. The results of the study can be used as a basis for further research and work in the field of mobile phone information security. The case study has been conducted in collaboration with two development engineers, who have developed a modern door lock which can be unlocked using a mobile phone. The information security in the door lock has been investigated and analyzied in the way that risk identification and impact assessment has the same batch to a risk analysis. The question to be answered through the case study is the one regarding whether the smartphone constitute a security risk in the society or not.

Informationssecurity

malware

smartphone

bluetooth

security threats.

Informationssäkerhet

skadlig kod

smarttelefon

blåtand

säkerhetshot.

Evaluation of Different Radio-Based Indoor Positioning Methods

Ahlberg, Sven

January 2014

Today, positioning with GPS and the advantages this entails are almost infinitive, which means that the technology can be utilized in a variety of applications. Unfortunately, there exists a lot of limitations in conjunction with the signals from the GPS can’t reach inside e.g. buildings or underground. This means that an alternative solution that works indoors needs to be developed. The report presents the four most common radio-based technologies, Bluetooth,Wi-Fi, UWB and RFID, which can be used to determine a position. These all have different advantages in cost, accuracy and latency, which means that there exist a number of different applications. The radio-based methods use the measurement techniques, RSSI, TOA, TDOA, Cell-ID, PD or AOA to gather data. The choice of measurement technique is mainly dependent of which radio-based method being used, since their accuracy depends on the quality of the measurements and the size of the detection area, which means that all measurement techniques have different advantages and disadvantages. The measurement data is processed with one of the positioning methods, LS, NLS, ML, Cell-ID, WC or FP, to estimate a position. The choice of positioning method also depends on the quality of the measurements in combination with the size of the detection area. To evaluate the different radio-based methods together with measurement techniques and positioning methods, accuracy, latency and cost are being compared. This is used as the basis for the choice of positioning method, since a general solution can get summarized by finding the least expensive approach which can estimate an unknown position with sufficiently high accuracy.

Indoor positioning

TOA

TDOA

RSSI

cell-ID

AOA

fingerprinting

probability detection

UWB

Bluetooth

Wi-Fi

RFID

Topology construction and fair scheduling in bluetooth scatternets and related wireless ad hoc networks with channel separated links

Baatz, Simon.

January 2004

Zugl.: Bonn, Univ., Diss., 2004

An enhanced method for the existing bluetooth pairing protocol to avoid impersonation attacks

Mendoza, Patricia A.,

January 2009

Thesis (M.S.)--University of Texas at El Paso, 2009. / Title from title screen. Vita. CD-ROM. Includes bibliographical references. Also available online.

Wireless communications infrastructure for collaboration in common space /

Metingu, Kivanc.

January 2004

Thesis (M.S. in Computer Science)--Naval Postgraduate School, March 2004. / Thesis advisor(s): Curtis Blais. Includes bibliographical references (p. 49-50). Also available online.

Design of 2.4 GHz and 5 GHz RFIC front-end components in CMOS and SiGe HBT technologies

Kodkani, Rahul M.

January 1900

Thesis (M.S.)--West Virginia University, 2002. / Title from document title page. Document formatted into pages; contains x, 113 p. : ill. (some col.). Includes abstract. Includes bibliographical references (p. 108-113).

Hur kan virus, maskar och trojaner i mobila enheter påverka informationssäkerheten i datorbaserade system genom Bluetooth som kommunikationsväg?

Lilja, Adam

January 2005

<p>Denna rapport undersöker en frågeställning som kom upp efter virusutvecklingen som skedde 2004 med illasinnad kod som spreds mellan mobila enheter via Bluetooth. Rapporten undersöker vilka hot som finns om Smartphones och handdatorer sprider illasinnad kod via Bluetooth till datorbaserade system.</p><p>Undersökningen som gjordes var en hermeneutisk explorativ undersökning. Sammanlagt gjordes tre intervjuer med experter inom områdena informationssäkerhet, mobila enheter och Bluetooth.</p><p>Resultatet visade att illasinnad kod i Smartphones och handdatorer som sprids till datorbaserade system skulle kunna utgöra samma hot mot informationssäkerheten som traditionell illasinnad kod, det vill säga virus, maskar och trojaner som sprids mellan datorer. Därmed bör den illasinnade kod som rapporten behandlar betraktas lika allvarligt som traditionell illasinnad kod.</p>

Informationssäkerhet

Bluetooth

Illasinnad kod

Smartphone

Handdator

Computer and systems science

Data- och systemvetenskap

Optimized network access in heterogeneous wireless networks

Hildebrand, Matthias.

January 2005

University, Diss., 2005--Kassel. / Download lizenzpflichtig.

Ανάπτυξη δομών μιγαδικών φίλτρων στο πεδίο του υπερβολικού ημιτόνου για ασύρματους πομποδέκτες Bluetooth/Zigbee

Σκότης, Γεώργιος-Δρόσος

07 June 2013

Τα ασύρματα δίκτυα μικρής εμβέλειας (short-range wireless networks) γνωρίζουν σήμερα μεγάλη ανάπτυξη. Ένα βασικό δομικό στοιχείο των ασύρματων δικτύων είναι οι δέκτες (receivers), οι οποίοι περιλαμβάνουν μεταξύ των άλλων συστήματα για τον υποβιβασμό της συχνότητας του σήματος (down conversion) σε χαμηλότερες ενδιάμεσες συχνότητες (Intermediate Frequencies-IF). Κατά τη διαδικασία αυτή δημιουργείται το πρόβλημα της εμφάνισης ενός ειδώλου συχνότητας (image frequency), το οποίο συνυπάρχει με το σήμα προς επεξεργασία και θα πρέπει να απομακρυνθεί με χρήση κατάλληλων ηλεκτρονικών μιγαδικών φίλτρων (complex filters). Στόχος της Μεταπτυχιακής Διπλωματικής Εργασίας είναι η ανάπτυξη νέων δομών μιγαδικών φίλτρων τα οποία χρησιμοποιούνται σε δέκτες που λειτουργούν με τα πρότυπα Bluetooth/Zigbee. Κύρια πλεονεκτήματα αποτελούν η δυνατότητα λειτουργίας σε χαμηλή τάση τροφοδοσίας (1.2V), η ρύθμιση των χαρακτηριστικών τους με το ρεύμα πόλωσης, καθώς και η απουσία αντιστατών. Η εξομοίωση της λειτουργίας καθώς και η φυσική τους σχεδίαση έγιναν με χρήση του λογισμικού Cadence, σε τεχνολογία AMS 0.35μm. / Short-range wireless networks nowadays find great development. A basic structural component of wireless networks is the receivers, which include among others systems for down conversion of the signal into lower Intermediate Frequencies (IF). The problem of image frequency is created due to this procedure, which coexists with the under process signal and it should be removed through suitable electronic complex filters. The objective of this diploma Thesis is the development of new complex filters structures which are compatible with the Bluetooth/ZigBee standards. The main advantages are the operation availability in low-voltage supply (1.2V) environment, the adjustment of its characteristics through the dc bias current, and also the absence of resistors. The simulation of the filter and, also, the physical layout design were performed through the utilization of the Cadence with AMS BiCMOS 0.35um design kit.

Μιγαδικά φίλτρα

Υπερβολικό ημίτονο

621.384 13

Complex filters

Hyperbolic functions

Zigbee

Bluetooth

Sinh

Controle de fluxo adaptativo para Gateways Bluetooth Low-Energy aplicado a sistemas de monitoramento remoto de pacientes.

SANTOS, Danilo Freire de Souza.

05 June 2018

Submitted by Maria Medeiros (maria.dilva1@ufcg.edu.br) on 2018-06-05T13:24:22Z No. of bitstreams: 1 DANILO FREIRE DE SOUZA SANTOS - TESE (PPGCC) 2016.pdf: 5841474 bytes, checksum: ce59e0fd3d574e6d3b893f98154075e4 (MD5) / Made available in DSpace on 2018-06-05T13:24:22Z (GMT). No. of bitstreams: 1 DANILO FREIRE DE SOUZA SANTOS - TESE (PPGCC) 2016.pdf: 5841474 bytes, checksum: ce59e0fd3d574e6d3b893f98154075e4 (MD5) Previous issue date: 2016 / Capes / O cenário introduzido pela Internet das Coisas potencializa a criação de um novo conjunto de aplicações e serviços, onde diversos dispositivos interagem entre si através da Internet. Esse cenário viabiliza o advento de novas tecnologias de transmissão sem fio de baixo consumo, como o Bluetooth Low-Energy (BLE), as quais viabilizam a criação de redes pessoais (PAN) sem fio. Em paralelo, com a crescente disponibilidade de Dispositivos Pessoais de Saúde com capacidade de comunicação, um cenário onde informações de saúde podem ser disponibilizadas na Internet surge, viabilizando a criação de sistemas de Saúde Conectada. Entretanto, ao viabilizar a criação de redes PAN interconectando diversos dispositivos, a Qualidade de Serviço na rede necessária para o correto funcionamento desses dispositivos de saúde pode ser afetada, dado que redes PAN BLE não oferecem mecanismos para a diferenciação da Qualidade de Serviço entre os dispositivos conectados. Considerando esse contexto de compartilhamento de uma rede PAN entre diversos dispositivos, nesse trabalho propõe-se uma abordagem para o controle do fluxo adaptativo em Gateways BLE utilizando um mecanismo de distribuição de créditos temporal entre os clientes de uma rede PAN. Para essa priorização, informações fornecidas por aplicações são utilizadas para a distribuição e configuração dos parâmetros de conectividade dos dispositivos da rede PAN. Também são apresentados detalhes sobre o projeto e evolução arquitetural do controlador adaptativo, detalhando suas características de controle de fluxo com prioridade temporal. São apresentados resultados experimentais do funcionamento do controlador adaptativo em diferentes cenários. Esses resultados demonstram que o mesmo é capaz de garantir a Qualidade de Serviço de rede necessária para dispositivos específicos em um ambiente compartilhado. Para a validação desse trabalho em um cenário mais amplo, é apresentada uma arquitetura para Sistemas de Monitoramento Remoto de Pacientes padronizado para a Internet das Coisas. Esse sistema serve como base para a implantação e avaliação experimental do controlador de fluxo adaptativo em um Smart-Gateways BLE, onde informações de serviços e aplicações em saúde são utilizadas para priorizar Dispositivos Pessoais de Saúde a depender do seu contexto de uso. / The Internet of Things paradigm enables a new set of applications and services to be available in the Internet. This scenario makes possible the development of new low-power communication technologies, such asBluetooth Low-Energy (BLE), which creates wireless Personal Area Networks (PAN). At the same time, the rising availability of Personal Health Devices (PHD) capable of PAN communication and the desire of keeping a high quality of live are the ingredients of the Connected Health vision. However, as the number of PHDs increase, the number of other peripherals connected in the PAN also increases. Therefore, PHDs are now competing for medium access with other devices, decreasing the network Quality of Service of health applications in the BLE PAN, as these networks do not guarantee Quality of Service requirements for connected devices. In this context, where a BLEPAN is shared with multiple devices, it is where this work is immersed. In this work is presented an approach for adaptive flow-control of BLE Gateways using a temporal credit distribution mechanism between clients in a PAN. For this distribution, application context information is used for network prioritization and parameter configuration of PAN devices. In this work is detailed how the adaptive flow-control was designed and how was its architectural evolution, detailing how its temporal mechanism works. Experimental results are presented showing the controller behavior in different scenarios. These results show that using the proposed approach it is possible to guarantee Quality of Service requirements for target devices using a prioritization process in a shared medium. In order to validate this work in a broad scenario, it is also presented a standard-based Remote Patient Monitoring System architecture for the Internet of Things. This system is used as base infrastructure for prioritization of PHDs connections based on their state and requirements by the use of a Smart BLE Gateway. An implementation was developed showing the relevance of the problem and how a BLE adaptive controller can assist in the prioritization of devices in the context of healthcare services and applications.

Ciências

Ciência da Computação

Redes Sem Fio

Internet

Bluetooth

Controle de Fluxo

Qualidade de Serviço