Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006.

Slides:

Advertisements

Similar presentations

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Advertisements

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

Chapter 61 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

V1.00 © 2009 Research In Motion Limited Introduction to BlackBerry Smartphone Web Development—The BlackBerry Infrastructure Trainer name Date.

Wireless and Switch Security NETS David Mitchell.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Presented by Serge Kpan LTEC Network Systems Administration 1.

Security Awareness: Applying Practical Security in Your World

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Lucent Technologies - Proprietary 27 September, A look at security of Voice over IP protocols Irene Gassko Lucent Technologies Bell Laboratories.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.

V1.00 © 2009 Research In Motion Limited Introduction to Mobile Device Web Development Trainer name Date.

Chapter 8 Mobile Commerce

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Wireless LANs A Case Study of Baylor University’s Wireless Network Copyright Bob Hartland 2002 This work is the intellectual property of the author. Permission.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Clinic Security and Policy Enforcement in Windows Server 2008.

Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

1 Remote Management of Wireless Gateway Student Name: Dinesh D N (BITS ID: 2004HZ12158) MphasiS Technologies Ltd, Bangalore March 2006.

ECE 578: COMPUTER NETWORK AND SECURITY

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Secure Systems Research Group - FAU Wireless Web Services Security Christopher Lo.

WIRELESS LAN SECURITY Using

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.

Shark: A Wireless Internet Security Test Bed Senior Design Project May07-09 Stephen Eilers Jon Murphy Alex Pease Jessica Ross.

PKI interoperability and policy in the wireless world.

Version Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.

WAP (Wireless Application Protocol). W – World W – Wide W -- Web W – World W – Wide W – Wireless W -- Web The Two Paradigms.

70-411: Administering Windows Server 2012

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Ch 11. Integrated Architecture for Wireless Myungchul Kim

Chapter 1 Lecture 2 By :Jigar M Pandya WCMP 1. Architecture of Mobile Computing The three tier architecture contains the user interface or the presentation.

1 6th EC/GIS workshop - Lyon - June 2000 Easy and friendly access to geographic information for mobile users David HELLO (Matra.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Ryan Lackey Dynamic Locations: Secure Mobile Services Discovery and Dynamic Group Membership Ryan Lackey

TECHNICAL SEMINAR Presented by :- Satya Prakash Pattnaik TECHNICAL SEMINAR By Satya Prakash Pattnaik EC Under the guidance of Mr.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

1 FAQ’S ABOUT WAP Presented By Abhilash Pillai CSCI 5939-Independent Study.

Chapter 7 Mobile Commerce— The Business of Time

Network Security Lecture 8 Presented by: Dr. Munam Ali Shah.

Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.

System integration of WAP and SMS for home network system Editor : Chi-Hsiang Wu, Rong-Hong Jan School : the National Chiao Tung University Source : Computer.

Components of the WAP Standard Layers of WAP divided into 3 groups Bearer Adaptation Hides the differences in the signaling and channel protocols used.

Lecture 24 Wireless Network Security

Security Patterns for Web Services 02/03/05 Nelly A. Delessy.

1 Wi-Fi, Wireless Broadband, Sensor & Personal Area Networks –Standards –Applications Broadband Wireless Access –WiMAX –Adapting 3G for WBA: UMTS.

WAP – Wireless Application Protocol RAJEEV GOPALAKRISHNA CS590F Fall 2000.

WAP Architecture Presented by, Nithya Inbamani. WAP Background Wireless Application Protocol – secure specification. Wireless Application Protocol – secure.

1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.

Presentation Title 1 1/27/2016 Lucent Technologies - Proprietary Voice Interface On Wireless Applications Protocol A PDA Implementation Sherif Abdou Qiru.

Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,

Kevin Harrison LTEC 4550 Assignment 3.  Ethernet Hub  An unsophisticated device that is used for connecting multiple Ethernet devices together.  Typically.

Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.

CompTIA Security+ Study Guide (SY0-401)

Network Infrastructure Services Supporting WAP Clients

Instructor Materials Chapter 6 Building a Home Network

Wireless Local Area Network (WLAN)

Implementing Client Security on Windows 2000 and Windows XP Level 150

Presentation transcript:

Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006

Secure Systems Research Group - FAU Agenda Reviews –“Wi-Foo The Secrets of Wireless hacking” –“Mobile Commerce and Wireless Computing Systems” Ideas of Patterns for Wireless Web Services

Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” by A. Vladimirov, K. V. Gavrilenko, A. A. Mikhailovsky Summary: –Mixes theory, tools, and techniques about how attacks against wireless networks are performed and how one can defend its network –Assume that the reader has a good technical knowledge of networks (I particular IEEE 802 standards) –Intended for system administrators, network managers, + penetration testing

Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Focuses on :widespread area of network coverage How to use a Pda or laptop, choose a wireless card, antenna, configure the OS to make a penetration testing on the network Using the penetration testing tools: –Network discovery and traffic logging –Traffic decoding and analysis –Encryption cracking tools (WEP crackers) – frame-generating tools –Encrypted traffic injection tools –Access point management software

Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Attacks: –closed ESSID, MAC and protocol filtering –Cracking WEP –Wireless man-in-the-middle attack and rogue access points deployment –Authentication systems attacks –DoS attacks

Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Defenses: –Security policies –Hardened gateway –Improvements to WEP, use of WPA –Use of radius, LDAP –Use Of a VPN (IPSec) –Wireless IDS systems Also chapters about cryptography

Secure Systems Research Group - FAU “Mobile Commerce and Wireless Computing Systems” by Geoffrey Elliott, Nigel Phillips Intended for managers, or beginners in the technology field About the capabilities of the wireless technology and what people want to do with it M-Commerce = “The mobile devices and wireless networking environments necessary to provide location independent connectivity”

Secure Systems Research Group - FAU “Mobile Commerce and Wireless Computing Systems” Chapters about: –M-commerce –Networks –wireless protocols –Wireless programming (WAP) –Os for micro devices –Mobile networking (bluetooth) –Services and products –Pervasive and embedded mobile systems –Security –Mobile applications

Secure Systems Research Group - FAU Patterns for wireless web services (ideas) Architectural patterns –Wireless web services gateway –Direct Use of web services over wireless links –Mobile agents for wireless devices Implementation patterns –Wireless CallBack –Format compression –Device Authentication –User Authentication –Wireless attribute provider

Secure Systems Research Group - FAU Wireless web services gateway Context –portable devices are limited in memory and computational power. –the connection bandwidth and reliability of the wireless connection are limited compared to wired connections Problem –How to deliver the web service to the clients?

Secure Systems Research Group - FAU Wireless web services gateway Solution –Web services are not delivered directly to the portable device but transformed in a gateway –The gateway is in charge of transforming the SOAP messages into a compressed form that will be used by the mobile device. It can also implement cache functions.

Secure Systems Research Group - FAU Wireless web services gateway Example –An example of this compressed format could be WML (equivalent of HTML in the WAP stack, available in many phones), or for basic scenarios such as the “push” of information, the gateway can transform SOAP messages into SMS, or voice.

Secure Systems Research Group - FAU Direct Use of web services over wireless links Context –portable devices must have built-in implementations of the web services technologies. This concerns the high end market segment, and includes smart phones, PDAs, and laptops. Problem –How to deliver the web service to the clients?

Secure Systems Research Group - FAU Direct Use of web services over wireless links Solution –the device, that is now a consumer of web services, can run client applications from different providers

Secure Systems Research Group - FAU Mobile agents for wireless devices Context –using a web service can imply multiple passes between client, server and third parties (for security purposes for example) while the wireless link is not reliable and the bandwidth can be limited. Problem –How to deliver the web service to the clients?

Secure Systems Research Group - FAU Mobile agents for wireless devices Solution –The agents act as proxies on behalf of a client.