1. Mobile Computing - Security Issues - Advisor : Dr. Celeste Team Number : 6 941633 張耕瑋 941634 黃峻亨 941636 楊銘鴻 941641 李昌諭 941718 吳政穎 941635 陳建廷

2.  Introduction to Mobile Computing  Security Issues of Mobile Computing  Security Policies  Security Prevent  Applications and Enterprise Case

3.  Definition ◦ Mobile computing & Ubiquitous computing  Features ◦ Technical and other limitations of mobile computing  Insufficient bandwidth  Security standards  Power consumption  Transmission interferences  Potential health hazards  Human interface with device 。 Wireless communication and network

4. Data is cited from www.SearchMobileComputing.com

6.  Security is major issue ◦ Protection of Mobile Devices ◦ Software Security – program vulnerabilities ◦ Security Protocols - authentication  Different architecture has different security vulnerabilities

7.  Common security threat in wireless network can be categorized into two types: ◦ Passive - difficult to detect ◦ Active – possible to detect

8.  Interception  Modification  Fabrication  Interruption

10.  Virus and Worms  Denial of Service  Intrusion

11.  911 Virus 911 Virus  PalmOS/LibertyCrack PalmOS/LibertyCrack

12.  Security policies!  Symbian: Protect your data, not just your device  Technical support

13.  Confidentiality  Integrity  Availability  Authorization  Dependability and Reliability  Accountability

14.  A process when devices be stole  Security policy between wired network and wireless network  A mechanism to manage carrier who has secret data  Standard to control virus, worm…  Hierarchy certificate mechanism

15.  Information security  Network security  Device security  People training

16.  Hotspot ◦ Hotspot is the location supply LAN that is open for public. ◦ Data transfer don’t encrypt.  Hotspot Security ◦ Establish system to prevent fake Hotspot Service ◦ Turn off the Ad-hoc network mode ◦ Don’t set auto-connect to AP ◦ Pre-set to use VPN  Mobile Computing Security ◦ Don’t use trusted network and un-trusted network at same time

17. Types of Attack Interception Fabrication Interruption Modification Prevention Encrypt Signature + CA Digital Signature

18. TEK exchange SS BS authentication information X.509 certificate authorization request X.509 certificate, capability, Basic CID authorization reply encrypted AK, SAIDs, SQN AK,… AK exchange key request SAID, HMAC-Digest,… key reply encrypted TEK, CBC IV, HMAC-Digest,… Data exchange( encrypt by TEK)

19.  Encrypt  Separate risks  Firewall  Redact

20.  EFS (Encrypting file system) symmetric encryption:asymmetric encryption :

21.  Two-factor authentication + Or others : passwordIC Card

22. Server Notebook CD-Rom USB flash drive

24. coping sensitive record into removable disk before employees carry documents out. 1. 2. Sensitive data Employees Document

25.  Notebook computer  PDA Enterprise case

26.  Beginning of Mobile Phone Virus  Recent Viruses  The Way Viruses Infect  Problems of Anti-Virus

27.  Wikipedia  www.searchmobilecomputing.com www.searchmobilecomputing.com  www.ZDnet.com.tw www.ZDnet.com.tw  Security in Distributed, Grid, Mobile, and Pervasive Computing by Yang Xiao  www.cert.org.tw/index.php www.cert.org.tw/index.php  www.cio.com www.cio.com

28. Thank you for listening!