From M/Cyclopedia of New Media
Data and Information Security
- Data and information security concern has been fiercely discussed along with the progress of wireless technology, as a result of wireless communications are fundamentally a broadcast-based medium. In a mobile phone communication system, for example, ‘since all transmitted data travel directly between a mobile host and the base station, it is possible to copy all the data of a particular message transmitted through the air’ (Rahman, M. & Imai H., 2002: 215). For a mobile phone network, security is the issue critically important to end-users and service providers from various perspectives. In one hand, consumers need to be assured levels of trust to embrace m-commerce; in the other, ‘Service providers benefit from wireless security in protection from fraudulent use of services, protection from unauthorized use of mobile devices (i.e., cloning), managing the distribution of digital rights (that is, distribution of audio and video files under license arrangements), and possibly as a competitive advantage relative to other service providers.’ (Krenik, W., 2002: 157)
Security Threats
- At present, security threats existing in mobile phone network could range from passively eavesdropping to actively sealing data from others; in other words, unauthorised access. Moreover, there are inherent security risks involved in transfering information over any network.
- This problem consists of two components: identification integrity and message integrity. The identification integrity refers to the signature elements found in the messages in order to establish where the message is originating. The message integrity refers to details to establish that the message is received as sent and no third party has attempted to open, modify or alter the contents.(Saarnio, J., & Prasad,N., 2004:102)
Possible Technical Countermeasures
- Currently, GSM networks subscribers are authenticated toward the networks (registration or roam networks). ‘There is a shared secret between the Subscriber Identity Card (SIM) card and Home Location Register (HLR)’ (Ojanperä & Mononen, 2002: 231). Only one user can make the expected response at one particular time.
For mobile devices, one possible countermeasure is that requiring the tissue subjected to a biometrics checking; however, biometrics test is also a subjective measure which could be tricked by technological knowledge. Yet, every possible countermeasures are not guaranteed against from human users to make the simple mistakes, such as, using passwords that can be guessed easily, or using public facilities without correct precaution (Saarnio, J. & Prasad, N., 2004:102). Saarnio and Prasad also stated that 'Hackers have broken some of the existing algorithms for encryption. So, there is nothing like a complete security'.
Reference
Krenik, W. (2002) ‘Wireless User Perspectives in the United States’, Wireless Personal Communications [Online], vol. 22, issue, 2, pp.153-160. Available: Kluwer Journals Online Wireless Personal Communications Database [Accessed 26 Oct. 2004]
Ojanperä, T. & Mononen, R. (2002) ‘Security and Authentication in the Mobile World’, Wireless Personal Communications [Online], vol. 22, issue, 2, pp.229-235. Available: Kluwer Journals Online Wireless Personal Communications Database [Accessed 27 Oct. 2004]
Rahman, M. & Imai, H. (2002) ‘Security in Wireless Communication’, Wireless Personal Communications [Online], vol. 22, issue, 2, pp.218-228. Available: Kluwer Journals Online Wireless Personal Communications Database [Accessed 27 Oct. 2004]
Saarnio, J., & Prasad, N., (2004) ‘Foolproof Security Measures and Challenges Within’, Wireless Personal Communications [Online], vol. 29, issue, 1, pp.101-108. Available: Kluwer Journals Online Wireless Personal Communications Database [Accessed 27 Oct. 2004]
Wei-Ming Chiu 13:59, 28 Oct 2004 (EST)
