A Hierarchical FrameworkModel of Mobile Security
Abstract—As wireless communications and mobile
multimedia services are booming nowadays, systematic research
of the overall aspects of mobile security is crucial. This paper
presents a framework model for guiding the systematic
investigation of mobile security. Based on the introduction of
some background viewpoints of security targets from a novel
perspective, the framework is described as a hierarchical model
in which mobile security research is partitioned into three
different layers, including Property Theory, Limited Targets,
and Classified Applications. Key research topics in each layer
are discussed respectively in detail. ...view middle of the document...
The phenomenal growth in mobile and wireless
communications entails the serious problem of security. The
causes, mainly due to the frangibility of wireless and mobile
features and the variety of applications and services, fall into
the following categories:
· The physical weaknesses and limitations of mobile
and wireless communications, e.g. high error rate and
unpredictable error behaviour due to external
interference and mobility, introduce influences on
characteristics of not only performance, but also
security.
· The entirely exposed environment of wireless air radio
and field devices provides much more opportunities of
being subject to malicious attacks and/or being
susceptible to accidental interferences.
· Applications are becoming more and more important
than ever, including mobile applications and services
in areas of military, health care, business, finance, etc.
· Other services may bring users easily in contact with
possible threats of intruding privacy, e.g. locationawareness
services and context-based applications.
· Contents of provided services, most of which are
multimedia-type, are valuable not only to subscribers
but also to composers and providers, and thus secure
protective measures are needed.
Obviously the simple migration of methods used in wired
communications in order to obtain security into a mobile
scenario cannot satisfy the requirements of anyone besides
hackers. Many studies have focused mainly on mobile
subscriber authentication, radio-path encryption [2-4], and
secure mobile IP [5, 6], but so-called “mobile security” by no
means involves only these relative independent and narrow
domains. We indeed need a more systematic approach to gear
up the research on mobile security.
In this paper, we present a framework for the systematic
research of mobile security. The framework is figured as a
hierarchical model in which the research of mobile security is
divided into three different layers: Property Theory, Limited
Targets, and Classified Applications. Key research topics in
each layer are discussed respectively in detail.
This paper is structured as follows. In Section II, some
background information related to the framework
construction of mobile security is introduced. The description
of mobile security framework is presented in Section III.
Section IV mainly discusses the key research issues in each
of the three layers composing the framework. Finally, we
summarize the paper by conclusions in Section V.
II. BACKGROUND OF SECURITY TARGETS
Regarding the term of mobile security, it is really a
straightforward perspective to position its targets only on
mobile and wireless networks and communications. The fact
is, however, that research on networks is neither the only
concern nor even the most important one. It is a
misunderstanding to think that concentrating the whole
attention on OSI reference model is an easy and efficient
approach whenever networks are...