Docstoc

Mobile Computing Project Report

Document Sample
Mobile Computing Project Report Powered By Docstoc
					Contents

1. Introduction of Mobile Computing.

2. Network which support Mobile Computing.

3. Mobile device.

4. Issues in Mobile Computing.

5. Security

6. Current technology in wireless security.

7. A characterization of essence of Mobile Computing.

8. Some Firms which use Mobile Computing to improve
   existing processes.

9. Summary

10. References
      Introduction of Mobile computing




Mobile computing is a frequently used term and can be defined as having
access to computing resources from anywhere, be it from a parking lot or your
home. Mobile devices that give you access to resources like the Internet or
official workspaces can range from laptops to Personal Digital Assistants
(PDAs) and handhelds. With the help of these devices, the user gets the
ability to work from wherever he wishes, without being bound to any system.
However, giving the user the flexibility to work from anywhere extends the
network boundary beyond a fixed point. Managing security in such an
extensive network becomes a more difficult task, as the clients cannot be
tracked down to a single location.


There are several other risks associated with mobile handheld devices
connecting to the Internet. The network infrastructure has to be protected
against attacks ranging from theft and data loss to eavesdropping and
viruses, especially when mobile devices are used at untrustworthy venues like
conferences, customer sites etc. The security mechanisms for devices like
PDAs and handhelds should be robust enough despite limitations like of CPU,
memory and network bandwidth. Associated with laptops are the usual
network threats like viruses and worms, network penetration, data theft, man-
inthe-middle attacks and session hijacking.



Networks that support mobile computing:
Wireless LAN and Wireless Access Points

A WLAN can be defined as a network in which a mobile user connects to a
LAN through a wireless or radio connection. The advantages of using a
WLAN are numerous, including the flexibility offered to overcome limitations of
wired networks because of space constraints, easy, hassle-free and simple
computing. WLAN allows access to key information and resources without
having to “plug-in”, regardless of where the users are in the facility.

Access points are stations within a Wireless Local Area Network (WLAN) that
transmit and receive data. They connect users to the network and can also
serve as the point of interconnection between the WLAN and a fixed wire
network. The region covered by each of the access points is termed a “Hot
Spot”. Each access point serves multiple users and users change access
points as they move through the network. The number of access points in a
WLAN increases with the size of the network.


Satellite Networks
In satellite networks, a satellite acts as the central point for the outgoing and
incoming data. The subscriber needs a satellite dish antenna and a
transceiver operating in microwave range. Satellite networks are usually a
good option for rural areas, where DSL and cable networks are not available.



Cellular Networks
In cellular networks, the entire area is divided into cellular regions, each
serving a different band of frequencies. The cellular regions are served by a
base station comprising of a transmitter, a receiver and a control unit. The
base stations are connected to a Mobile Telecommunications Switching
Office, which in turn is connected to the public telephone network.

Ad-hoc and Sensor Networks
An ad-hoc network is a network in which certain devices are part of the
network for a temporary duration .i.e. either for a specific communication
session or while in close proximity to the network. Sensor networks are
formed by small nodes or “motes”— tiny, self-contained, battery-powered
computers with radio links that enable the motes to self-organize into a
network, communicate with each other and exchange data. Sensor networks
are mostly regarded as a specialized area of ad-hoc networks. They are most
popularly used in military applications, where the topology of the network can
keep changing very often and “currency” of information is of prime most
importance.

Mobile Devices
Mobile devices can be broadly classified into the following
categories.

• Laptop computers.
• Personal Digital Assistants (PDAs) and handheld PCs.
• Pagers.
• Smart phones and cellular phones.
• Task devices, such as bar code scanners.


Laptops, PDAs and handheld PCs are networked computing devices running
a large number of applications for enterprises and homes. Laptops are
typically supported in the same way as desktops, with the same security
issues needing to be addressed.
PDAs and pocket PCs are undergoing rapid revolution, and are not as widely
supported as laptops. There are more physical security issues with these than
with laptops because they are so compact and there are not a great many
security standards and applications for them. Pagers and Smart phones allow
time-sensitive user communication, especially during emergencies and critical
incidents. Task devices, such as parcel tracking devices used by FedEx and
USPS are usually used within an organization as part of the enterprise
system, and hence are critical to its functioning. They cannot be as widely
used elsewhere as laptops or PDAs because they are used to perform special
functions not needed in the general computing world.




Issues in Mobile Computing
• Wireless Communications
   Quality of connectivity
   Bandwidth limitations



• Mobility
   Location transparency
   Location dependency



• Portability
  Power limitations
  Display, processing, storage limitations




Wireless Communications

• Harsh communications environment
1. Lower bandwidth/higher latency:
Good enough for videoconferencing?
2. Higher error rates
3. More frequent disconnection
4. Performance depends on density of nearby users but inherent
Scalability of cellular/frequency reuse architecture helps

• Connection/Disconnection
1. Network failure is common
2. Autonomous operation is highly desirable
3. Asynchronous/spool-oriented applications, like mail or printing
   Trickle back data when bandwidth is available
4. Disconnected file systems: CODA (CMU), Ficus (UCLA)




• Low Bandwidth
 Orders of magnitude differences between wide-area, inbuilding
 Wireless
• Variable Bandwidth
 Applications adaptation to changing quality of Connectivity.
1. High bandwidth, low latency: business as usual.
2. High bandwidth, high latency: aggressive prefetching.
3. Low bandwidth, high latency: asynchronous operation, use
   Caches to hide latency.




Mobility

• Address Migration
1. Existing applications send packets to a fixed network address.
2. Need to support dynamically changing “local” addresses as
   mobile device moves through network.
3. Mobile IP specification: home environment tracks mobile
   device’s current location through registration procedure.
4. Route optimization: exploit local caches of <global destination
   node addresses, current care-of address>.



• Location Dependent Services
1. Discovery: What services exist in my local environment?
    e.g., printers, file and compute services, special local applications, etc.
2. Follow me services: “Route calls to my current location,”
   “Migrate my workstation desktop to the nearest workstation
   screen”.
3.Information services:
   3.1. Broadcast/“push” information (e.g., “Flight 59 will
        depart from Gate 23”)
   3.2. “Pull” information (e.g., “What gate will Flight 59
        depart from?”)
4. Service migration: computations, caches, state, etc.
   follow mobile device as it moves through the network.
5. Privacy: what applications can track user locations ?
Portability

• Low Power
1. Limited compute performance
2. Low quality displays

• Loss of Data
1. Easily lost
2. Must be conceived as being “network-integrated”

• Small User Interface
1. Limited real estate for keyboards
2. Icon intensive/handwriting/speech

• Small Local Storage
1. Flash memory rather than disk drive



SECURITY
There are two main components of security in mobile and wireless computing:

1) Security in the networks
2) Security for the devices.




Wireless Networks and Security
One of the main components in mobile computing is information access and
distribution through wireless networks.




Threats to Wireless Networks

We can broadly classify the threats into three categories. They are threats to
availability, confidentiality, and integrity of data.

Availability
Attacks of this category mainly focus on how the availability of information and
services could be disrupted.
Denial of Service
This attack is characterized by an explicit attempt by attackers to prevent
legitimate users of a service from using that service. DoS attacks are common
in all kinds of networks, but they are particularly threatening in the wireless
context. This is because, the attacker does not require any physical
infrastructure and he gets the necessary anonymity in the wireless
environment. The attacker floods the server with a large number of requests
so that the server keeps responding to the attacker alone and is unable to to
serve other clients.
      `1




Confidentiality
Attacks of this type involve compromising the secrecy or privacy of
information when it passes through the wireless medium.

Traffic Analysis
It is a technique by which the attacker can measure the load on the wireless
communication channel by capturing packets and reading the size, source
and destination fields. In order to do this, the attacker only needs to have a
device with a wireless card and listen to the traffic flowing through the
channel.




Traffic analysis allows the attacker to gain information regarding the activity
on the network. One could easily identify the location of wireless access
points through traffic analysis. The access point normally broadcasts its
Service Set Identifiers (SSID) in order to identify itself to the end hosts. If this
information is captured then the access point location could be easily traced
with the help of a GPS (Global Positioning System). Since the attacker can
capture each and every packet, the pattern of packet exchanges between end
hosts could be studied and the specific protocol in use could be found. For
example, if an attacker sees a three way handshake between the end hosts,
the transport protocol in use could be deduced to be TCP.

Eavesdropping
Eavesdropping on a wireless network is very easy, if the network is not secure
enough. Any unauthorized user can log on to the network and get access to
sensitive data, as long as he is within range of the access point.
Eavesdropping can be of two types - Passive and Active. In a passive attack,
the attacker simply monitors the transmission for message content and learns
about network activity. Unfortunately there is no known proven method for
securing against passive eavesdropping. An active attack involves the
attacker infusing/modifying data on the communication channel. The packets
are injected in a specific pattern so as to reduce the time needed to determine
the contents of the message. Modifications can involve change of destination
IP address of an encrypted packet to that of a host controlled by the attacker.
In this case, the access point decrypts the entire message and forwards the
packet with plain text to the controlled host. Now, since the original destination
did not receive the packet, it will ask for a retransmission. But, the source
cannot conclude that the packet has been black holed, as packet loss in the
IP layer is common and thus the attack is not apparent.
Integrity
Attacks of this type often involve modification of data. Modification could
include creating, changing and deleting information.




Man-In-the-Middle Attacks
In this attack, the attacker can read data from a session and modify it, thus
violating the integrity of a session. When the session is on between the
access point and the end host, the malicious host will intercept the session
and portray itself as the access point to the end host and as the end host to
the access point. Hence, all the traffic will go via the attacker’s host. Thus the
attacker becomes the middle man in the session between the access point
and the end host.
Session Hijacking
Normally wireless network protocols do not authenticate data link layer
frames. Every frame has a source address, but there is no guarantee that the
station sending the frame actually put the frame "on the air." Just as on
traditional Ethernet networks, there is no protection against fraudulent source
addresses. This vulnerability is exploited in the session hijacking attack. The
attacker “sniffs” unencrypted traffic between an authenticated user and an
access point. Once the attacker finds out the source address of the frames,
he launches a denial-of-service attack on the client and disables him. Using
the valid user’s network credentials the attacker hijacks the session.
Device Security
Mobile Devices are essential and key components of a mobile computing
environment. Security threats to such devices needs to be considered and
protected against in order to have a complete secure mobile computing
environment. In general there can be three types of attacks - pull, push and
crash.



Pull Attacks:
In this type of attack, the attacker leverages the device as a source of
propriety data and sensitive control information. The data export interfaces
such as Infrared ports, dialup networking, wireless adapters, ActiveSync etc
are the main sources of information. Data can be obtained from the device
itself, a synchronized desktop, mobile applications running on the device, or
the intranet servers.



Push Attacks:

In this type of attack, the device is used a source for infecting other elements
of the network. Once the mobile device inside a secure network is
compromised, it could be used for attacks against other devices in the
network. For example, a malicious payload could be delivered to the device
and thus making it a point of infection spread.



Crash Attacks:

These kinds of attacks typically involve denying service and stopping resource
from normal operation. Similar to push attacks, the data exchange ports are
targeted to launch this type of attack. For example, during ActiveSync
operations, the device infrared port could be flooded with random IP packets
which will bring the device crashing down.
Current Technology in Wireless Security
In a WLAN, data is broadcasted over the air using radio waves. Any WLAN
Client within an access point (AP) service area can receive data transmitted
to and from the access point. Because radio waves travel through ceilings,
floors and walls, the transmitted data may reach unintended recipients on
different floors or even outside the building that houses the AP. Without
adequate security measures in place, installing a WLAN is like putting
Ethernet ports everywhere, allowing access to unauthorized users.


WAP (wireless application protocol) :
WAP (Wireless Application Protocol) is a standard protocol used for
accessing the internet from the wireless terminals like PDAs, mobile phones
and so on. In a normal session between a client (mobile device) and a server
(Web server) the client sends a request using Wireless Markup Language
(WML) to the server. A WAP Gateway, which operates from the mobile
devices domain, intercepts this request, converts the WAP request into a
HTTP request and then forwards it to the web server. The Wireless Transport
Layer Security (WTLS) is the transport layer security used by WAP-enabled
devices to establish secure communication with WAP gateways. At the
gateway, the secure session terminates and all encrypted material is
decrypted. Secure sessions for communication with the web server will be
established by the WAP gateway on behalf of the mobile device. The WAP
gateway will use TLS to establish such a secure session. Though there is a
secure session between the gateway and the web server, it remains a fact
that the secure session is not between the mobile device and the web server.
There are actually two secure sessions in play - one between the mobile
device and the WAP gateway and the other between the WAP gateway and
the web server. This means that there is a security gap, in which the data is
not encrypted, at the WAP gateway. Some implementations of WAP networks
take advantage of the existing wired or wire line security technologies to
provide security. In spite of leveraging the existing technology in wired
internets, WAP guarantees limited security than what is supported in existing
wired Internet. This is due to the existence of the WAP gateway. The lack of
end-to-end security in wireless networks because of the WAP gateways is a
major security issue in WAP. End-to-end security can be provided only if there
is a trusted authority operating the WAP gateway. Therefore, perfect security
between end users is not supported by WAP. A few mechanisms can be used
to solve these security problems in wireless internet: do not use the
intermediary WAP gateway or use a bypass function for security data.
What is really different about mobile computing? The Computers
are smaller and bits travel by wireless rather Than Ethernet. How can this
possibly make any difference? Isn’t a mobile system merely a special case of
a distributed system? Are there any new and deep issues to be investigated,
or is mobile computing just the latest fad?


A characterization of the essence of mobile computing

Mobile computing is characterized by four constraints:

• Mobile elements are resource-poor relative to static
elements.

For a given cost and level of technology, considerations of weight, power,
size and ergonomics will exact a penalty in computational resources such as
processor speed, memory size, and disk capacity. While mobile elements will
improve in absolute ability, they will always be resource-poor relative to static
elements.


• Mobility is inherently hazardous.

A Wall Street stockbroker is more likely to be mugged on the streets of
Manhattan and have his laptop stolen than to have his workstation in a locked
office be physically subverted. In addition to security concerns, portable
computers are more vulnerable to loss or damage.


• Mobile connectivity is highly variable in performance and
reliability.

Some buildings may offer reliable, high-bandwidth wireless connectivity while
others may only offer low-bandwidth connectivity. Outdoors, a mobile client
may have to rely on a low-bandwidth wireless network with gaps in coverage.

• Mobile elements rely on a finite energy source.

While battery technology will undoubtedly improve over time, the need to be
sensitive to power consumption will not diminish. Concern for power
consumption must span many levels of hardware and software to be fully
effective. These constraints are not artifacts of current technology, but are
intrinsic to mobility. Together, they complicate the design of mobile
information systems and require us to rethink traditional approaches to
information access.
Firms that used mobile computing to improve existing
processes.

Law Firm
 Attorneys in a large, West Coast law firm with international offices
specializing in intellectual property, commercial law, and business litigation.
When computers were replaced, attorneys were given the opportunity to
receive a laptop computer. Attorneys use laptops for working at home,
connecting to a network, and for litigation support (for example, receiving “real
time” transcriptions of depositions).

Accounting Firm
The audit function of an industry practice group in a large International
accounting firm. Laptop computers are provided to all auditors. Most of their
work is done as part of a team that works in the clients’ facilities. The
computers are used primarily for communication, accessing databases and
reference materials, and preparing reports.

Investment Firm
Investment advisors who meet with clients in their homes to do financial
planning and sell investment products. Laptop computers are used for
graphical presentations to clients, developing projections for clients,
accessing records or brochures, and completing applications and orders for
products. Pen technology allows for direct transmittal of customers’ signatures
thereby eliminating many paper forms.

Information Management Consultants
 Developers of specialized, industry specific document and information
management systems. Laptop computers are used by consultants for email
communication, access to various networks, and actual development work. A
virtual private network links global satellite locations. Most of the work is done
in the clients' facilities and is completed by members of a geographically
distributed team.

Enterprise Software Firm
 Consultants responsible for assisting clients in installing and customizing
enterprise software .All employees receive a laptop computer on their first day
of work. Infrastructure and computing resources are standardized all over the
world. Consulting work is done from company offices, clients’ facilities, or
employees’ homes. Most consulting work is team based, with some
consultants working at the client’s site and others working at other locations.
The primary use of laptop computers is for communication, connection to
networks, and access to corporate databases.
Summary


Mobile communication has changed the way we communicate. By removing
the restriction of the place, people world-wide have found new and rewarding
ways of connecting with others- both privately and for business. The
possibility of anytime, anywhere communications brings unprecedented
choice and freedom .By virtue of being the most cost effective form of
communication, mobile technologies have, in mere decade, surpassed the
number of users that it has taken the fixed network more than a century to
reach.

Recent advances in Mobile network technologies have brought about a
significant increase in available bandwidth, providing a solid basis for the
transition from voice-only mobile services to web-based content services.
These new services will also broaden the communications modes from one-
to-one to one-to-many and many-to-many.

In this period of technological evolution, it is important not to lose sight of what
made mobile communication successful in the first place: ease of use, use
control and low cost. The user requirements and development trends call for
an easy method to connect service and content providers to Mobile networks
and the end user.
REFERENCES

1. Hansmann: “Principles of Mobile Computing “.

2. Arbaugh, Willian:. "Wireless Security is Different." .

3. Milner, R., J. Parrow and D. Walker, A calculus of mobile processes,
   Parts 1-2. Information and Computation, 100(1), 1-77. 1992

4. Visit the site : http://www.mobileinfo.com/security/

5. Visit the site : http://www.bluesocket.com/solutions/faq.html

				
DOCUMENT INFO
Shared By:
Tags:
Stats:
views:20
posted:9/14/2012
language:English
pages:18