Wednesday, July 13, 2005

Unreadable Bookmarks, and then some

I'll be reading Secure Multicast in Wireless Networks and Mobile Hosts (other link) tonight -- it seems promising. Hope I can post what I've absorbed from it soon.



IEEE:
MPEG (Moving Pictures Expert Group) is an industrial standard for video processing and is widely used in multimedia applications in the Internet. However, no security provision is specified in the standard. We conducted an experimental study of previously proposed selective encryption schemes for MPEG video security. This study showed that these methods are inadequate for sensitive applications. We discuss the tradeoffs between levels of security and computational and compression efficiency.


SpringerLink:
  • Secure Service and Network Framework for Mobile Ethernet
  • Secure cellular data services have become more popular in the Japanese market. These services are based on 2G/3G cellular networks and are expected to move into the next-generation wireless networks, called Beyond 3G. In the Beyond 3G, wireless communication available at a user's location is selected based on the type of the service. The user downloads an application from one wireless network and executes it on another. Beyond 3G expects core and wireless operators and allows to plug-in new wireless access. A security model that can accommodate these requirements needs to be sufficiently flexible for end users to utilize with ease. In this paper, we explain the Mobile Ethernet architecture for all IP networks in terms of the Beyond 3G. We discuss usage scenario/operator models and identify entities for the security model. We separate a mobile device into a personal identity card (PIC) containing cryptographic information and a wireless communications device that offers security and flexibility. We propose a self-delegation protocol for device authentication and use a delegated credential for unified network- and service-level authentication. We also propose proactive handover authentication using the security context between different types of wireless access, such as Third Generation Partnership Project (3GPP) and WLAN, so that the secure end-to-end communication channels established by service software on the TCP/IP are not terminated. Lastly, we raise security issues regarding the next-generation platform.
  • Provable Cryptographic Security and its Applications to Mobile Wireless Computing
  • Many attempts to secure mobile wireless systems have failed abysmally. Notable examples include 802.11 WEP, as well as major cellular phone standards such as TDMA, CDMA, and GSM. The attacks typically result from the correct use of a bad cryptographic primitive or the incorrect use of a good one.

    By designing provably secure algorithms and protocols, we not only minimize the time required to gain confidence in the security of a system, but we virtually eliminate the possibility of a cryptographic vulnerability. Unfortunately, the concept of "provable securit" is often misunderstood. In this survey paper, we state precisely what provable security is and is not, and describe the benefits of the approach.

    Craig Gentry
    Email: cgentry@docomolabs-usa.com

    Zulfikar Ramzan
    Email: ramzan@docomolabs-usa.com


lastly,



ACM Digital Library:

0 Comments:

Post a Comment

<< Home