Adaptive security protocol selection for mobile computing

The mobile computing paradigm has introduced new problems for application developers. Challenges include heterogeneity of hardware, software, and communication protocols, variability of resource limitations and varying wireless channel quality. In this scenario, security becomes a major concern for mobile users and applications. Security requirements for each application are different, as well as the hardware capabilities of each device. To make things worse, wireless medium conditions may change dramatically with time, incurring great impact on performance and QoS guarantees for the application. Currently, most of the security solutions for mobile devices use a static set of algorithms and protocols for services such as cryptography and hashes. In this work we propose a security service, which works as a middleware, with the ability to dynamically change the security protocols used between two peers. These changes can occur based on variations on wireless medium parameters and system resource usage, available hardware resources, application-defined QoS metrics, and desired data ''security levels''. We compare our solution to some widespread static security protocols, demonstrate how our middleware is able to adapt itself over different conditions of medium and system, and how it can provide a performance gain in the execution of cryptographic primitives, through the use of data semantics.

[1]  Gordon S. Blair,et al.  Exploiting reflection in mobile computing middleware , 2002, MOCO.

[2]  B.P.S. Rocha,et al.  Middleware for multi-client and multi-server mobile applications , 2007, 2007 2nd International Symposium on Wireless Pervasive Computing.

[3]  Cyril S. Ku,et al.  Design Patterns , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[4]  Lakhmi C. Jain,et al.  Network and information security: A computational intelligence approach: Special Issue of Journal of Network and Computer Applications , 2007, J. Netw. Comput. Appl..

[5]  Reza Curtmola,et al.  Secure network coding for wireless mesh networks: Threats, challenges, and directions , 2009, Comput. Commun..

[6]  Allan Borodin,et al.  Online computation and competitive analysis , 1998 .

[7]  B. Hawkins,et al.  A framework: , 2020, Harmful Interaction between the Living and the Dead in Greek Tragedy.

[8]  Elaine Shi,et al.  Context-centric Security , 2012, HotSec.

[9]  C. Papadimitriou,et al.  The Complexity of Computing a , 2009 .

[10]  Anand R. Tripathi Challenges designing next-generation middleware systems , 2002, CACM.

[11]  Anand Raghunathan,et al.  Securing wireless data: system architecture challenges , 2002, 15th International Symposium on System Synthesis, 2002..

[12]  Simon J. Shepherd,et al.  Cryptographic security Techniques for wireless networks , 1999, OPSR.

[13]  Didier Le Gall,et al.  MPEG: a video compression standard for multimedia applications , 1991, CACM.

[14]  W.A. Arbaugh Wireless Security Is Different , 2003, Computer.

[15]  Victor C. M. Leung,et al.  Access and service convergence over the mobile internet - A survey , 2010, Comput. Networks.

[16]  Joshua D. Guttman,et al.  Honest ideals on strand spaces , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[17]  Elhadi M. Shakshuki,et al.  Enhanced cross-layer based middleware for mobile ad hoc networks , 2009, J. Netw. Comput. Appl..

[18]  Yuri Gurevich,et al.  Sequential abstract-state machines capture sequential algorithms , 2000, TOCL.

[19]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[20]  Cecilia Mascolo,et al.  Middleware for mobile computing: awareness vs. transparency , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[21]  Steven Furnell,et al.  From desktop to mobile: Examining the security experience , 2009, Comput. Secur..

[22]  Christopher G. Lasater,et al.  Design Patterns , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[23]  Cecilia Mascolo,et al.  "Middleware for Mobile Computing (A Survey)". In Advanced Lectures on Networking , 2002 .

[24]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[25]  Cecilia Mascolo,et al.  XMIDDLE: A Data-Sharing Middleware for Mobile Computing , 2002, Wirel. Pers. Commun..

[26]  Simon N. Foley,et al.  A framework for heterogeneous middleware security , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[27]  Dongkyoo Shin,et al.  Intellectual property management on MPEG-4 video for hand-held device and mobile video streaming service , 2005, IEEE Trans. Consumer Electron..

[28]  Naixue Xiong,et al.  Scheduling security-critical multimedia applications in heterogeneous networks , 2011, Comput. Commun..

[29]  Hamdy S. Soliman,et al.  Application of synchronous dynamic encryption system in mobile wireless domains , 2005, Q2SWinet '05.

[30]  Cecilia Mascolo,et al.  CARISMA: Context-Aware Reflective mIddleware System for Mobile Applications , 2003, IEEE Trans. Software Eng..

[31]  Bhagyavati,et al.  Wireless security techniques: an overview , 2004, InfoSecCD '04.

[32]  Antonio Corradi,et al.  A context-centric security middleware for service provisioning in pervasive computing , 2005, The 2005 Symposium on Applications and the Internet.

[33]  A T Karygiannis,et al.  Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .

[34]  Wenyuan Xu,et al.  Securing wireless systems via lower layer enforcements , 2006, WiSe '06.