The various Security problems in mobile and wireless computing systems are:
Security Problems |
Description |
Confidentiality |
Only the destined user must be allowed to read data. It should be hidden from all other parties. (Encryption is a method used to solve it) |
Integrity |
Data integrity is concerned with the correctness of data. The data needs to have integrity or else user receives a manipulated message. |
Spoofing |
A node can impersonate an address in a mobile ad hoc network |
Availability |
Attacks similar to denial of service can block the availability of data at the user end. (E.g. an intermediate router can be configured to attack packets and stop them or re-route them.) |
Non-repudiation |
It means that the sender cannot deny that he has send a message from his device. |
Pre-keying |
In case of encrypted system, key exchange is necessary before the actual data transfer. Now if this key (esp. if private-key) is send via a wireless network, there can be an issue of key-trapping |
Resource constraint |
An attack may sometimes cripple the resources available to a mobile system like limited battery, slower CPUs, exhausting memory due to caching, etc. Such resources may get drained or may sometimes be not be strong enough to fight back. |
Intercepted |
Wireless signals, since being transferred via open-air can be intercepted. |
Replaying |
After carefully analysing the authentication requests and client responses, an attacker can replay such a similar sequence again. |
Stealing |
If a miscreant steals the user-id and password of a subscriber, or gets his SIM card, he/she will be able to enjoy the user’s subscriptions. |
Mobility concerns |
When a MS moves from one cell to another, the connection will be routed though different paths which cannot be relied upon. |
Eavesdropping |
Peeping into someone else’s conversation is called eavesdropping. (e.g. is phone tapping ) |
|
The various solutions that exist to solve the various problems affecting wireless communication are:
Direct Signalling |
We can use directed signals which are just sufficient to reach the user’s device and establish a proper-link with him.,This helps prevent security risks coming from other directions and also at farther distances in same line. |
Hashing |
Hashing is a method employed to check the data integrity. A hash function is applied on the actual data resulting in some bits of data (integer value). In case of a manipulation by a third-party, the hash value will be altered. |
MAC |
Message Authentication Code is a combination of hash and secret key. For extra added security |
Encryption |
Encryption is conversion of code into a cipher text understood only by a person having the decryption key. It includes both the public key (used nowadays.) and private key method. Some examples are DES, AES, Ceaser-cipher, RSA etc. |
Checksum or Parity |
These are the basic methods used for checking data integrity (counting the total 1’s or 0’s) |
SSL |
A very famous feature used in today’s communication systems is SSL. SSL stands for secure socket layer. It is a protocol that runs between HTTP and TCP for secure transaction between client and Web server. Links using SSL protocols starts with HTTPS (https://www...) The sub layers of SSL include handshake and record protocols. SSL supports hash function MD5 and SHA, digital signatures, RSA, various encryption algorithms. |
IPsec |
IPSec (internet protocol for security) contains various features for providing enhanced security. It includes an Authentication Header (AH- Packet Header focusing on Security) , Encapsulating Security Payload (for confidentiality purposes) and Internet Key Exchange (IKE) (for secure exchange of keys used for encryption) |
RADIUS |
Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and Accounting (AAA) management for devices to connect and use a network service. |