With the rapid development of wireless and mobile network, traditional access control mechanisms face the new security risk that access data at any place may lead the leakage of the confidential data or bring new attack to the server. Location based access control is proposed to authorize user by consideration the location information of the user. In this paper, a novel indoor access control system is presented to protect the data security in mobile storage device. An Active tag is embedded into the storage device to implement location based access control. We make use of the limited penetration of RF signal to build the security zone, and get user's location information from the tag and the reader. In order to protect the system and carry out authorization, an authenticate protocol is proposed. The protocol can ensure the anonymity of the tag, and protect the confidential of the data to prevent spoofing attack and replay attack. More important, our system can authorize the user according to user's location information.
Technologies make the mobile terminals such as smart phones, PDAs and handsets much more powerful to access mobile network in recent years. Especially with the widely use of mobile terminals, mobile network now becomes a primary tool for daily and business interactions. However, the proliferation of mobile terminals also draws mobile malware’s attention which will do damage to the mobile terminal and further affect the security of mobile network. But the traditional access control and authentication mechanism cannot resolve such security issues. On the basis of trusted computing technology, we proposed a mobile trusted network architecture by extending the trusted network connection in mobile environment. And an improvement EAP-EHash method is used in the proposed architecture to implement authentication. We defined two service scenarios in the authentication scheme, home network authentication and roaming network authentication. The process of each scenario is described in detail. By introducing the pseudonym mechanism, our scheme can protect user identity. And the connection status not only depends on the identification process, but also the trust status of the platform. The analysis shows that our scheme benefits the properties of user identity anonymity, mutual authentication, fake agent resistance, platform integrity verification, EAP and TNC Compatible. And the ciphersuite negotiation makes our scheme more suitable for resource limited mobile terminals
The number of software deployed on mobile terminals is dramatically increasing. However, this leads the mobile terminal facing a serious of security threats. In order to resolve these threat issues, several security requirements are proposed. Also, this paper introduces a secure software download framework and corresponding download protocol based on mobile trusted computing, designed to handle a collection of activities in software download. Such activities include authentication, download and installation of the software. The core part of the framework is a discretionary engine--Device Management Engine (DME), which provides entity authentication, integrity protection and remote attestation for the mobile device. By the introduction of software description file, we provide a mechanism to transfer Reference Integrity Metric (RIM), which makes up for the shortage of the specification.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.