Mobile commerce over GSM: A banking perspective on security

Van der Merwe, Pieter Ben

20 July 2004

GSM has changed the face of communication and information exchange, much as the Internet did. With the advances made in the mobile technology arena, new opportunities are created. Mobile Commerce (m-Commerce) is one such opportunity. Each new advance in technology brings with it associated risks. This dissertation focuses on the risks involved with m-Commerce for the banking industry. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m-Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels. This dissertation provides a detailed overview of basic services that any m-Commerce application should provide to the banking industry. These principles provide the foundation for securing any financial transaction over untrusted networks. Several mechanisms to provide these services are also discussed. Examples of such mechanisms include hash functions, Message Authentication Codes and Digital Signatures. The security of GSM networks has come under attack in the past. This is largely due to the fact that the GSM consortium opted to develop their security technologies in secret, rather than in the public domain. This dissertation aims to evaluate the security offered by GSM and assess potential attacks in order to further understand risks associated with m Commerce applications over GSM. In recent years there have been significant additions to the GSM enabling technology family. The arrival of the SIM Application Toolkit and the Wireless Application Protocol promised to again change the face of commerce. Although market acceptance of these technologies proved to be initially slow, usage is set to increase exponentially within the next couple of years. A detailed analysis of these enabling technologies is presented in the dissertation. Possible attacks on these technologies are discussed in the latter part or this document. Based on the findings of the research, some changes to either the application architectures or the processing of the data have been suggested in order to enhance the security offered by these services. It is not the intent of this dissertation to redesign these applications, but to rather leverage off the current technologies in order to enable secure m-Commerce over these channels. / Dissertation (M.Sc (Electronics))--University of Pretoria, 2005. / Electrical, Electronic and Computer Engineering / unrestricted

M-commerce

Mobile commerce security

Wireless application protocol

Wap

Wireless internet gateway

Wig

Stk

Sim application toolkit

Cryptographuy

Mobile commerce

Gsm security

Gsm

UCTD

Routing protocols for indoor wireless ad-hoc networks: a cross-layer perspective

Dricot, Jean-Michel

01 June 2007

The all-over trend for an universal access and ubiquitous access to the Internet is driving a revolution in our societies. In order to support this era of nomadic applications, new flexible network architectures have emerged. They are referred to as “wireless ad-hoc networks.” <p><p>Since human-operated devices will more likely be used indoor, it leads to many issues related to the strength of the fading in this environment. Recently, it has been suggested that a possible interaction might exist between various parameters of the ad-hoc networks and, more precisely, between the propagation model and the routing protocol. <p><p>To address this question, we present in this dissertation a cross-layer perspective of the analysis of these indoor ad-hoc networks. Our reasoning is made of four stages. First, the cross-layer interactions are analyzed by the means of multivariate statistical techniques. Since a cross-layering between the physical layer and the routing protocol has been proven to be significant, we further investigate the possible development a physical layer-constrained routing algorithm. <p><p>Second, fundamental equations governing the wireless telecommunications systems are developed in order to provide insightful informations on how a reliable routing strategy should be implemented in a strongly-faded environment. After that, and in order to allow a better spatial reuse, the routing protocol we propose is further enhanced by the adjonction of a power control algorithm. This last feature is extensively analyzed and a closed-form expression of the link probability of outage in presence of non-homogeneous transmission powers is given. Numerous simulations corroborate the applicability and the performance of the derived protocol. Also, we evaluate the gain, in terms of radio channel ressources, that has been achieved by the means of the power control algorithm. <p><p>Third, an architecture for the interconnection with a cellular network is investigated. A closed-form expression of the relaying stability of a node is given. This equation expresses the minimal requirement that a relaying node from the ad-hoc network must fullfil in order to bridge properly the connections to the base-station. <p><p>Finally, a real-life implementation is provided as a validation of the applicability of this novel ad-hoc routing protocol. It is concluded that, both from the performance and the spatial re-use point-of-views, it can be taken advantage from the cross-layering between the physical and the routing layers to positively enhance the networking architectures deployed in an indoor environment. / Doctorat en sciences appliquées / info:eu-repo/semantics/nonPublished

Sciences de l'ingénieur

Informatique générale

Routing (Computer network management)

Wireless LANs

Wireless Internet

Réseaux locaux sans fil

Internet mobile

cross-layering

routing protocols

protocols

wireless networks

ad-hoc networks

Proposta de implementação de uma arquitetura para a Internet de nova geração / An implementation proposal of a next generation internet architecture

Wong, Walter

07 November 2007

Orientadores: Mauricio Ferreira Magalhães, Fabio Luciano Verdi / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Eletrica e Computação / Made available in DSpace on 2018-08-09T14:41:11Z (GMT). No. of bitstreams: 1 Wong_Walter_M.pdf: 1265045 bytes, checksum: 15a2435e5676b973ffe726e4757323e4 (MD5) Previous issue date: 2007 / Resumo: A concepção original da arquitetura da Internet foi baseada em uma rede fixa e confiável. Hoje em dia, a Internet se tornou dinâmica e vulnerável aos ataques de segurança. Também não era prevista a necessidade de integração de tecnologias heterogêneas nem de ambientes sem fio. A arquitetura atual apresenta uma série de barreiras técnicas para prover estes serviços, sendo uma das maiores a sobrecarga semântica do Internet Protocol (IP). O endereço IP atua como localizador na camada de rede e como identificador na camada de transporte, impossibilitando novas funcionalidades como a mobilidade e abrindo brechas de segurança. Este trabalho apresenta uma proposta de implementação de uma arquitetura para Internet de nova geração para o provisionamento de novos serviços de forma natural e integrada para a Internet atual. A proposta de arquitetura de implementação oferece suporte à mobilidade, ao multihoming, à segurança, à integração de redes heterogêneas e às aplicações legadas através da introdução de uma nova camada de identificação na arquitetura atual. Esta nova camada tem por objetivo separar a identidade da localização e se tornar uma opção de comunicação para as redes heterogêneas. Mecanismos adicionais foram propostos para prover o suporte às funcionalidades da arquitetura, tais como a resolução de nomes em identificadores, o roteamento baseado no identificador, a gerência de localização e um plano de controle para a troca de mensagens de sinalização fim-a-fim entre os componentes da arquitetura. Para a validação da arquitetura proposta, um protótipo foi implementado e vários testes de desempenho foram realizados para avaliação do overhead da implementação, do modelo de segurança, da robustez e do suporte à mobilidade e às aplicações legadas / Abstract: The original concept of the Internet architecture was based on static and reliable networks. Nowadays, the Internet became more dynamic and vulnerable to security attacks. The integration of heterogeneous technologies and wireless environment were not predicted. The current architecture presents some technical barriers to provide these services. One of these problems is the semantic overload of the Internet Protocol (IP). The IP address acts as locator in the network layer and identifier in the transport layer, preventing new features such as mobility and allowing security flaws. This work presents an implementation proposal of a next generation Internet architecture to provide new services naturally integrated to the Internet. The implementation proposal supports mobility, multihoming, security, heterogeneous networks integration and legacy applications by the introduction of a new identification layer in the current architecture. This new layer will separate the identity from the location and become an option for communication between heterogeneous networks. Additional mechanisms were proposed to support the new functionalities of the architecture, e.g., resolution of names to identifiers, identifier-based routing, location management and a control plane to exchange end-toend signalling control messages between the components of the architecture. In order to evaluate the proposed architecture, a prototype was implemented and some tests were performed considering implementation overhead, security model, robustness and support for mobility and legacy applications / Mestrado / Engenharia de Computação / Mestre em Engenharia Elétrica

Arquitetura de redes de computador

Internet sem fio

Sistemas de comunicação sem fio

Criptografia de dados (Computação)

Redes de computadores - Protocolos

Computer network architectures

Computer networks - Security measures

Wireless Internet

Wireless communication systems

Data encryption (Computer science)

Computer network protocols

Next-generation internet architectures

Multihoming

Security

Heterogeneous networks

Reducing handoff latency in proxy mobile IPv6

Vojini, Sumith Dev

21 May 2014

Indiana University-Purdue University Indianapolis (IUPUI) / Mobile IP though allows mobility features to a node it suffers from signaling Latencies which are mainly incurred due to the fact that the MN itself is involved in the handover process. To overcome this problem proxy mobile IPv6(PMIPv6) was defined where the mobility signaling is taken care of by a proxy server while keeping track of the MN's movement. PMIPv6 has considerably reduced the handover latency but the demand for real time applications over the network has increased tremendously due to recent explosion of the cloud era. My thesis focuses on increasing the L3 handoff signaling efficiency by reducing the latency. This is achieved by our idea to do both the AAA authentication as well as the LMA registration in PMIPv6 at the same time. The simulation results show that our proposed approach perform better than the current PMIPv6 L3 handover signaling reducing the latency as well as packet loss.

Mobile communication systems -- Research

Computer network architectures

Internetworking (Telecommunication)

RADIUS (Computer network protocol)

Web servers

Cloud computing

High performance computing

Internet

Wireless Internet

Personal communication service systems