While security in general is increasingly well addressed, both mobile security and multimedia security are still areas of research undergoing major changes. Mobile security is characterized by small devices that, for instance, make it difficult to enter long passwords and that cannot perform complex cryptographic operations due to power constraints. Multimedia security has focused on watermarks and the creation of digital evidences; as we all know, there are yet no good solutions to prevent illegal copying of audio and video files. In this chapter we focus on addressing the attributes of security, trust, and privacy on mobile devices and multimedia applications.
Traditionally, there are three different fundamental attributes of security: confidentiality, integrity, and availability (CIA). Following Avizienis et al. (2004), security as well as dependability define the requirements of a reliable system (cf., Figure 1). In their opinion every system may fail, but can still be regarded reliable, if the frequency of failures is acceptable. Moreover only authorized actions should be served by a trusted system.
Dependability and security attributes (Avizienis, 2004)
Security can also be seen as the summary of hardware, information, communication, and organizational aspects (Olovsson, 1992). Hardware security encompasses all aspects of physical security and emanation. Compromising emanation refers to unintentional signals that, if intercepted and analyzed, would disclose the information transmitted, received, handled, or otherwise processed by telecommunications or automated systems equipment (NIS, 1992).
Information security includes computer security and communication security. Computer security deals with the prevention and detection of unauthorized actions by users of a computer system (Gollmann, 1999). Communication security encompasses measures and controls taken to deny unauthorized persons access to information derived from telecommunications and ensure the authenticity of such telecommunications (NIS, 1992).
Organizational or administration security is highly relevant even though people tend to neglect it in favor of fancy technical solutions. The most appropriate security measurements can be bypassed; for instance, by a successful social engineering attack on a user inside the system, who tells an attacker the necessary passwords (Thornburgh, 2004; Maris, 2005).
Both personnel security and operation security pertain to this aspect of security.Top
Whether a system is “secure” or not merely depends on the definition of the requirements. As nothing can ever be absolutely secure, the definition of an appropriate security policy based on the requirements is the first essential step to implement security.
Key Terms in this Chapter
UMTS: Universal Mobile Telecommunications System (UMTS), a packet-based connection protocol, is the defacto standard for today’s Internet connections on mobile phones. UMTS makes it possible to hold video-conferences or watch Internet television.
Pseudonymization: Pseudonymization is a technique where all attributes that can be used to identify a certain person are exchanged with a so-called pseudonym. Computing of this pseudonym is based on a secret-key algorithm.
Bluetooth: Bluetooth is based on an unlicensed short-range radio frequency to establish communication channels between different devices within the PAN (cf., PAN).
Digital Watermarking: Digital watermarking is a technique with the aim to assure the authenticity and therefore protect the copyright of an electronic artifact by embedding hidden information.
GPRS: General packet radio service (GPRS) is a service for mobile devices, which operates in combination with GSM (cf., GSM). This standard is packet-based and provided the first useable Internet application for users depending on mobility.
Digital Evidence: The term digital evidence encompasses any and all digital data that can establish that a crime has been committed or can provide a link between a crime and its victim or a crime and its perpetrator (Casey, 2004 AU42: The in-text citation "Casey, 2004" is not in the reference list. Please correct the citation, add the reference to the list, or delete the citation. ).
WLAN: A wireless LAN or WLAN is a network, which operates over the air; in other words, without cables.
Pan: A personal area network (PAN) is a wired or unwired network which is normally used by one person and operates within a few meters. Common applied communication channels are bluetooth or infrared.
GSM: The global system for mobile communications (GSM) is the most popular standard for mobile phones worldwide.
Security Policy: A security policy is the ruleset which defines the security constraints under which a certain system is allowed to operate and interact. In other words, all restrictions and permissions for persons, objects, information-flows, and data storage are defined there.
Complete Chapter List
Elhadi Shakshuki, Xinyu Xing, Haroon Malik
Reinhard Kronsteiner, Bettina Thurnher
Goran Gvozden, Mislav Grgic, Sonja Grgic, Miran Gosta
Mamun I. Abu-Tair
Abdulhussain E. Mahdi
Wanji Mai, Chris Tweed, Peter Hung, Seán McLoone, Ronan Farrell
Eduardo Antonio Viruete Navarro
Paolo Barsocchi, Alan A. Bertossi, M. Cristina Pinotti, Francesco Potortì
Do van Thanh, Ivar Jørstad
Yoshio Nakajima, Alireza Goudarzi Nemati, Tomoya Enokido, Makoto Takizawa
Ben Abdallah Abderazek, Arquimedes Canedo, Kenichi Kuroda
Wieland Schwinger, Christoph Grün, Birgit Pröll, Werner Retschitzegger
Daniel C. Doolan, Sabin Tabirca, Laurence T. Yang
Daniel C. Doolan, Sabin Tabirca, Laurence T. Yang
Daniel C. Doolan, Kevin Duggan, Sabin Tabirca, Laurence T. Yang
Christos K. Georgiadis
Hongbo Ni, Xingshe Zhou, Zhiwen Yu, Daqing Zhang
Pavol Podhradský, Eugen Mikóczy, Matejka Juraj, Ondrej Lábaj, Róbert Tomek
Robert Schmohl, Uwe Baumgarten, Lars Köthner
Roman Y. Shtykh, Qun Jin, Shunichi Nakadate, Norihiro Kandou, Takeshi Hayata, Jianhua Ma
Stephan Reiff-Marganiec, Yi Hong, Hong Qing Yu, Schahram Dustdar, Christoph Dorn, Daniel Schall
Baud Haryo Prananto
Diego Moreira Alves
Dietmar G. Wiedemann
Mahieddine Djoudi, Saad Harous
Patrícia Dockhorn Costa, Luís Ferreira Pires, Marten van Sinderen
Frédéric Lassabe, Philippe Canalda, Damien Charlet, Pascal Chatonnay, François Spies
Anastasis A. Sofokleous, Marios C. Angelides, Christos N. Schizas
Wee Hyong Tok, Stéphane Bressan, Panagiotis Kalnis, Baihua Zheng
Ioannis Priggouris, Evangelos Zervas, Stathes Hadjiefthymiades
Ghita Kouadri Mostéfaoui
Do Van Thanh, Ivar Jørstad, Schahram Dustdar
Mohamed Ali Feki
Damien Charlet, Frédéric Lassabe, Philippe Canalda, Pascal Chatonnay, François Spies
Roland Wagner, Franz Gruber, Werner Hartmann