Security service

About: Security service is a research topic. Over the lifetime, 17310 publications have been published within this topic receiving 309251 citations.

On lightweight mobile phone application certification

Abstract: Users have begun downloading an increasingly large number of mobile phone applications in response to advancements in handsets and wireless networks. The increased number of applications results in a greater chance of installing Trojans and similar malware. In this paper, we propose the Kirin security service for Android, which performs lightweight certification of applications to mitigate malware at install time. Kirin certification uses security rules, which are templates designed to conservatively match undesirable properties in security configuration bundled with applications. We use a variant of security requirements engineering techniques to perform an in-depth security analysis of Android to produce a set of rules that match malware characteristics. In a sample of 311 of the most popular applications downloaded from the official Android Market, Kirin and our rules found 5 applications that implement dangerous functionality and therefore should be installed with extreme caution. Upon close inspection, another five applications asserted dangerous rights, but were within the scope of reasonable functional needs. These results indicate that security configuration bundled with Android applications provides practical means of detecting malware.

Security in mobile ad hoc networks: challenges and solutions

Abstract: Security has become a primary concern in order to provide protected communication between mobile nodes in a hostile environment. Unlike the wireline networks, the unique characteristics of mobile ad hoc networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium, stringent resource constraints, and highly dynamic network topology. These challenges clearly make a case for building multifence security solutions that achieve both broad protection and desirable network performance. In this article we focus on the fundamental security problem of protecting the multihop network connectivity between mobile nodes in a MANET. We identify the security issues related to this problem, discuss the challenges to security design, and review the state-of-the-art security proposals that protect the MANET link- and network-layer operations of delivering packets over the multihop wireless channel. The complete security solution should span both layers, and encompass all three security components of prevention, detection, and reaction.

Administration of protection of data accessible by a mobile device

Abstract: The protection of data on a client mobile computing device by a server computer system such as within an enterprise network or on a separate mobile computing device is described. Security tools are described that provide different security policies to be enforced based on a location associated with a network environment in which a mobile device is operating. Methods for detecting the location of the mobile device are described. Additionally, the security tools may also provide for enforcing different policies based on security features. Examples of security features include the type of connection, wired or wireless, over which data is being transferred, the operation of anti-virus software, or the type of network adapter card. The different security policies provide enforcement mechanisms that may be tailored based upon the detected location and/or active security features associated with the mobile device. Examples of enforcement mechanisms are adaptive port blocking, file hiding and file encryption.

A survey of security issues in wireless sensor networks

Abstract: Wireless Sensor Networks (WSNs) are used in many applications in military, ecological, and health-related areas These applications often include the monitoring of sensitive information such as enemy movement on the battlefield or the location of personnel in a building Security is therefore important in WSNs However, WSNs suffer from many constraints, including low computation capability, small memory, limited energy resources, susceptibility to physical capture, and the use of insecure wireless communication channels These constraints make security in WSNs a challenge In this article we present a survey of security issues in WSNs First we outline the constraints, security requirements, and attacks with their corresponding countermeasures in WSNs We then present a holistic view of security issues These issues are classified into five categories: cryptography, key management, secure routing, secure data aggregation, and intrusion detection Along the way we highlight the advantages and disadvantages of various WSN security protocols and further compare and evaluate these protocols based on each of these five categories We also point out the open research issues in each subarea and conclude with possible future research directions on security in WSNs

Security Systems for Protecting an Asset

Abstract: Security systems for protecting assets are described, including password-based security systems that can provide different levels of access responsive to entry of a primary or secondary password. In some versions, user-configurable security rules can provide customized responses to entry of primary or secondary passwords, including feigned or limited access, security alerts, etc. Passwords comprising overt and covert components can be used to provide enhanced security and improved user control over system response. Improved security systems involving transactions between multiple parties are also considered, with options for user-customized security rules including primary and secondary passwords, and reverse challenge and response methods. Systems for Limited Use Credentials are also disclosed to reduce the risk of identity theft.