Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Security risk associated with mobile devices
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Security risk associated with mobile devices
SECTION I
INTRODUCTION
With increasing computing power and pervasive network connectivity, we have seen significant proliferation in mobile handset usage and experienced mobile handset becoming more open and general-purpose computing environments [1]. More and more applications and services have been applied on mobile devices. Mobile handsets have become the platform carried lots of significant data. Eventually, these developments brought new security challenges, which cannot be satisfied with the conventional security mechanisms. Theft of phones has been a significant issue. Stolen mobile handsets have the risk of exposure of private information if they lack strong protection for access to stored information [2]. In addition, users may choose performance over security, if cryptographic processing influences performance too much. Hardware processing is required to avoid the reckless compromise of security purely for the sake of performance.
The Trusted Computing Group (TCG) has issued specifications for mobile platform, which contains Mobile Trusted Module (MTM) [3], [4]. Mobile platform is rooted in MTM with a trusted platform-aware architecture manager which provides a security base to establish data protection mechanism. MTM also includes efficient cryptographic computing module to support key generation and data encryption. So establishing a data protection mechanism based on MTM is feasible.
The rest of this paper is organized as follows. Section 2 analyzes existing problems of the data protection mechanisms in the mainstream mobile terminals. Our data protection scheme based on MTM is presented in Section 3 and private key generation and management mechanisms are discussed in Section 4. Section 5 introduces the enc...
... middle of paper ...
...quipment. So only the equipment could decrypt encrypted data in memory card.
The main advantage of this mechanism is that encrypting function is executed without participation of users and applications, which is convenient for users and reduces the work of application developers. The disadvantage is that it does not use hardware encryption, which will reduce the experience performance of users. And if users have not set lock screen password, the data inside storage card will also leak when storage card is lost.
In conclusion, these mobile terminal equipments have put forward their data security policies currently. But they all have shortcomings. One of the important problems is that the data in external memory card faces a serious threat (except for IOS devices, because they don't support external memory card), which is the problem this paper will solve.
TPM or Trusted Platform Module is a microprocessor that has the ability to store credentials or artifacts used to authenticate the platform.
In this section we investigate attacks and threats to our primary devices. These attacks and threats are built off of the vulnerabilities the previous section and help to determine which security controls would be most valuable against future attacks.
Protection methods for your mobile phone or smartphone are important to help protect it from attacks. Activate encryption and remote wiping capabilities. Use the same security methods for email and text messages that use the same protocol as computers.
PKC is the enabling technology for all Internet security and the increasing use of digital signatures, which are replacing traditional signatures in many contexts. However, RSA is better than PKC because RSA doesn’t need digital signature. As a result, the RSA algorithm turned out to be a perfect fit for the implementation of a practical public security system. In 1977, Martin Gardner first introduced the RSA system. After 5 years, company RSA used secure electronic security products. Nowadays many credit companies of all over the world use the RSA system or a similar system based on the RSA system.
Works Cited for: Caplan, Hayley. How to Avoid Cell Phone Identity Theft? What Is Privacy? N.p., 31 July 2012. Web.
Senator Charles Schumer (D-New York) first introduced the Mobile Device Theft Deterrence Act of 2012 (S. 3186). This was the first attempt to address phone crimes on a national scale. Due to the previous failure in 2012, the Mobile Device Theft Deterrence Act was re-introduced by Senator Schumer in 2013. It targeted to criminalize tampering with mobile device identification number as a means to halt the black market for stolen cell phones. There is a unique International Mobile Equipment Identity (IMEI) number in every smartphone. This number enables local carriers to block operating device’s network and puts it on blacklist. This bill also sought to impose a 5-year criminal penalty for the alternation of IMEI number. Other than these, there were joint efforts between cell carriers and FCC to create Stolen Cell Phone Registry by November 30, 2012 . This registry would store a list of stolen phones’ International Mobile Equipment Identity (IMEI) number. However, this database only worked if thieves didn’t tamper cell phone ID number. In fact, there are many loopholes for thieves to get around with such registry. When cellphones are reported stolen, most phone carriers in United States only deactivate the SIM card by prohibiting access to information stored in the SIM card. This blocks the device from using the existing data on the phone. Yet, SIM card can be easily removed and replaced. Stolen cell phones can be sold in black market even if it is blocked. Therefore, there are a lot more to be done to protect public safety and smartphone crimes.
There is constant concern about different kinds of devices and tools because of their vulnerability: laptops; personal computers in the home; libraries and public workstations; USB Flash Drives and email, to name a few. These items are easily accessible for those attempting to breach security.... ... middle of paper ... ...
My project mainly focuses on relatively new field of study in Information Technology known as cryptography. This topic will take an in-depth look at this technology by introducing various concepts of cryptography, a brief history of cryptography and a look at some of the cryptography techniques available today. This will have a close look at how we can use cryptography in an open-systems environment such as the Internet, as well as some of the tools and resources available to help us accomplish this.
added security and the ability to keep all of your cards in one place without your information
Lv, X., Li, H., Wang, B. (2012) Virtual private key generator based escrow-free certificateless public key cryptosystem for mobile ad hoc networks ISSN: 19390114
This is the information age. There are financial and corporate information, research and analysis, trends have lead the trend and military intelligence. Information classified as confidential, sensitive and critical. There are gleaning information extraction and automated tools. There are management solutions, such as content management, knowledge management and document management, information management collected for. There are different mechanisms for storing information storage. Finally, information security, there are tools and techniques. In this paper, three important types of security information we need to discuss, such as security information from hackers, during transit to ensure that information and the protection of information stored in the system can be lost or stolen. Finally, a brief about wireless security has been described here. The Internet has become the information superhighway. Evolving Internet and related technologies have allowed companies to communicate in new ways with all types of people and strategic organization. Over the years, there have been increased after the distinctive features of Internet connection. As needs change, the more powerful the service of humanity encountered, faster connections, and what can be done in the need for more flexibility. Initially, the service, such as a simple POP3-based email and Web access is the extent of an Internet connection. Today, we have a site-to-site virtual private network (VPN), clients and home users VPN, streaming media, Web-based training, wonderful Internet applications, e-commerce, and business-to-business extranet. Therefore, the development of the Internet to meet the needs of a variety of advanced human society. On the home front, fr...
There always has been a lot of weaknesses in the security of the Internet. This leads to security breaches and component failure within the device that is connected to that Internet. However the security in the online world is ironically better than the security of our physical world. This report discusses faulty phone calls, secure websites and safety within the physical world.
Security is a very critical issue in many systems, especially distributed systems. This is because the system is distributed across a network over many devices, and so there may be more ways for outsiders to access the system who do not have permission to do such. A security breach is considered to be any time an unsafe state is reached within the system. An unsafe state is one in which data can be illegally intercepted, interrupted, modified, or fabricated. Since a distributed system is made up of various smaller systems with the possibility of each system being managed separately, it becomes very important that all parts of the distributed system be managed uniformly and completely to prevent security breaches. Furthermore, in the case that a security breach has been made on one sub-system, it becomes very possible that the attacker can gain access to other parts of the system. In this case, the attacker may even be able to make it appear that the accesses to the other parts of the system were made legally [1, 6, 7]. Access control, bracket capabilities, and the formal protection model are methods of ensuring a secure and safe distributed system environment.
The protection of data being transferred between ATMs and the bank, and the use of cell phones is the most common everyday encounter with encryption. To encrypt and decrypt information a cipher is used. In a cipher there is a set of well-defined steps that can be followed to encrypt and decrypt messages. The use of a cipher relies greatly on the use of an encryption key. The key may contain any auxiliary information added to the cipher to produce certain
This term paper will access the effectiveness and efficiency mobile-based applications provide to capture geolocation data and customer data, and quickly upload to a processing server without users having to use a desktop system. I will evaluate benefits realized by consumers because of the ability to gain access to their own data via mobile applications. I will examine the challenges of developing applications that run on mobile devices because of the small screen size. I will describe the methods that can be used to decide which platform to support, i.e., iPhone, iPad, Windows Phone, or Android. I will access how mobile applications require high availability because end users need to have continuous access to IT and IS systems. I will discuss ways of providing high availability. Finally I will discuss how mobile devices are subjected to hacking at a higher rate than non-mobile devices, and methods of making mobile devices more secure.