Secure Ad-Hoc mBusiness: EnhancingWindowsCE Security

Nowadays we can perform business transactions with remote servers interconnected to Internet using our personal devices. These transactions can also be possible without any infrastructure in pure ad-hoc networks. In both cases, interacting parts are often unknown, therefore, they require some mechanism to establish ad-hoc trust relationships and perform secure transactions. Operating systems for mobile platforms support secure communication and authentication, but this support is based on hierarchical PKI. For wireless communications, they use the (in)secure protocol WEP. This paper presents a WCE security enhanced architecture allowing secure transactions, mutual authentication, and access control based on dynamic management of the trusted certificate list. We have successfully implemented our own CSP to support the new certificate management and data ciphering.

[1]  P. Vannoorenberghe,et al.  Strategies for combining conflicting dogmatic beliefs , 2003, Sixth International Conference of Information Fusion, 2003. Proceedings of the.

[2]  David M. Balenson,et al.  Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers , 1993, RFC.

[3]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.

[4]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[5]  Audun J sang,et al.  An Algebra for Assessing Trust in Certi cation Chains , 1998 .

[6]  Celeste Campo,et al.  SPDP: A Secure Service Discovery Protocol for Ad-hoc Networks , 2003 .

[7]  John Linn,et al.  Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures , 1989, RFC.

[8]  Sonja Zwißler Secure Electronic Transaction - SET , 1999, Datenschutz und Datensicherheit.

[9]  Stephen Marsh,et al.  Formalising Trust as a Computational Concept , 1994 .

[10]  Carlos Delgado Kloos,et al.  JCCM: Flexible Certificates for Smartcards with Java Card , 2001, E-smart.

[11]  Ed Dawson,et al.  BAAI: biometric authentication and authorization infrastructure , 2003, International Conference on Information Technology: Research and Education, 2003. Proceedings. ITRE2003..

[12]  Audun Jøsang,et al.  The consensus operator for combining beliefs , 2002, Artif. Intell..

[13]  Audun Jøsang,et al.  An Algebra for Assessing Trust in Certification Chains , 1999, NDSS.