Security risks in the short-range communication of ubiquitous application

Recently, various applications applying ubiquitous computing have appeared. For instance, health applications have benefited from information and services, which are available from various sensors and medical devices in the surrounding environment. These applications utilize different wireless communication technologies in order to achieve a good connectivity, which is essential in ubiquitous computing. Weak security in wireless networks may ruin the security of the whole application. Hence, it is vital to realize threats, possible vulnerabilities and security assumptions made in these technologies. In this paper, we study Bluetooth, ZigBee and NFC from the security point of view in ubiquitous health applications. In the study, we emphasize security aspects starting from the physical communication layer.

[1]  Srdjan Capkun,et al.  Physical-layer Identification of RFID Devices , 2009, USENIX Security Symposium.

[2]  Georgios Zervas,et al.  Phosphorus: Distributed Control Plane Approach for Photonic Grids , 2011 .

[3]  Sasikanth Avancha,et al.  A privacy framework for mobile health and home-care systems , 2009, SPIMACS '09.

[4]  Habtamu Abie,et al.  Metrics-driven security objective decomposition for an e-health application with adaptive security management , 2013, ASPI '13.

[5]  Selcuk Okdem,et al.  Routing in Wireless Sensor Networks Using an Ant Colony Optimization (ACO) Router Chip , 2009, Sensors.

[6]  Pekka Toivanen,et al.  Security Threats in ZigBee-Enabled Systems: Vulnerability Evaluation, Practical Experiments, Countermeasures, and Lessons Learned , 2013, 2013 46th Hawaii International Conference on System Sciences.

[7]  Kai Zhang,et al.  An improved ant colony optimization for communication network routing problem , 2009, 2009 Fourth International on Conference on Bio-Inspired Computing.

[8]  Karen A. Scarfone,et al.  Guide to Bluetooth Security , 2008 .

[9]  C. Siva Ram Murthy,et al.  Ad Hoc Wireless Networks: Architectures and Protocols , 2004 .

[10]  Ganesh K. Venayagamoorthy,et al.  Computational Intelligence in Wireless Sensor Networks: A Survey , 2011, IEEE Communications Surveys & Tutorials.

[11]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[12]  Sriyankar Acharyya,et al.  Ant Colony Optimization Technique Applied in Network Routing Problem , 2010 .

[13]  R. Negi,et al.  Secret communication using artificial noise , 2005, VTC-2005-Fall. 2005 IEEE 62nd Vehicular Technology Conference, 2005..

[14]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[15]  Jacques Reverdy,et al.  RFID Noisy Reader How to Prevent from Eavesdropping on the Communication? , 2007, CHES.

[16]  Hsiao-Chun Wu,et al.  Physical layer security in wireless networks: a tutorial , 2011, IEEE Wireless Communications.

[17]  N. Baker,et al.  ZigBee and Bluetooth strengths and weaknesses for industrial applications , 2005 .

[18]  Oktay Ureten,et al.  Wireless security through RF fingerprinting , 2007, Canadian Journal of Electrical and Computer Engineering.

[19]  Kyung Sup Kwak,et al.  Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications , 2010, Journal of Medical Systems.

[20]  Varun Jeoti,et al.  Secure Interleaving - Physical Layer Security Enhancement of OFDM Based System , 2011, ICeND.

[21]  Wayne A. Jansen,et al.  Directions in Security Metrics Research , 2009 .

[22]  Ting Zhou,et al.  An Energy Aware Ant Colony Algorithm for the Routing of Wireless Sensor Networks , 2011, ICIC 2011.

[23]  Wade Trappe,et al.  ProxiMate: proximity-based secure pairing using ambient wireless signals , 2011, MobiSys '11.

[24]  S. Sastry,et al.  Security and Privacy Issues with Health Care Information Technology , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[25]  Jia Di,et al.  Fingerprinting RFID Tags , 2011, IEEE Transactions on Dependable and Secure Computing.

[26]  Claude Castelluccia,et al.  Noisy Tags: A Pretty Good Key Exchange Protocol for RFID Tags , 2006, CARDIS.

[27]  Mallapur Veerayya An Energy-Aware On-Demand Routing Protocol for Ad-Hoc Wireless Networks , 2008, ArXiv.

[28]  Srdjan Capkun,et al.  Integrity Codes: Message Integrity Protection and Authentication over Insecure Channels , 2006, IEEE Transactions on Dependable and Secure Computing.

[29]  Jong-Tae Park,et al.  Energy-efficient MAC protocols for wireless body area networks: Survey , 2010, International Congress on Ultra Modern Telecommunications and Control Systems.

[30]  Eyal de Lara,et al.  Amigo: Proximity-Based Authentication of Mobile Devices , 2007, UbiComp.

[31]  A. Robert Calderbank,et al.  Price-based distributed algorithms for rate-reliability tradeoff in network utility maximization , 2006, IEEE Journal on Selected Areas in Communications.

[32]  Raouf Boutaba,et al.  Adaptive packet video streaming over IP networks: a cross-layer approach , 2005, IEEE Journal on Selected Areas in Communications.

[33]  Jun Bi,et al.  Research on Internet Overlay Routing: Research on Internet Overlay Routing , 2009 .

[34]  Ernst Haselsteiner Security in Near Field Communication ( NFC ) Strengths and Weaknesses , 2006 .

[35]  Habtamu Abie,et al.  Towards metrics-driven adaptive security management in e-health IoT applications , 2012, BODYNETS.

[36]  Reijo Savola Strategies for security measurement objective decomposition , 2012, 2012 Information Security for South Africa.

[37]  Guang Gong,et al.  BUPLE: Securing Passive RFID Communication through Physical Layer Enhancements , 2011, RFIDSec.

[38]  Marco Dorigo,et al.  Ant colony optimization theory: A survey , 2005, Theor. Comput. Sci..

[39]  Klaus Wehrle,et al.  Security for pervasive medical sensor networks , 2009, 2009 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, MobiQuitous.

[40]  Josef Langer,et al.  NFC Devices: Security and Privacy , 2008, 2008 Third International Conference on Availability, Reliability and Security.