Inlämning av Examensarbete / Submission of Thesis

Musharrif Hussain; Sulman Mahmood MCS-2007:04, pp. 52. TEK/avd. för interaktion och systemdesign, 2007.

The work

Författare / Author: Musharrif Hussain, Sulman Mahmood
musharrifhussain@gmail.com, sulmanm@gmail.com
Titel / Title: Secure Software and Communication on Handheld Devices
Översatt titel / Translated title: Säker programvara och kommunikation med handdatorer
Abstrakt Abstract:

Some applications on mobile handheld devices are involved in exchanging critical
information e. g. sending positioning data of heavy-good vehicles as a basis for road toll. This
information must not be accessed or modified illegitimately; however, there is the risk that
can be accessed or modified by modifying the application or during communication of the
handheld device with its counterpart. This thesis report investigates concepts to shelter
software from modification and how the communication of these applications running on a
handheld device over public mobile network can be made more secure. This work was
performed by carefully identifying relevant literature and developing the concept that how a
smart card can enhance the security of the software running on it particularly for handheld
devices. It also discusses the issues and threats to smart cards. Furthermore it proposes a
solution based on the specified scenario. The security of the software comprises on two
layers; one layer is for analysis prevention, making it hard to understand the behaviour of the
program both at static and dynamic levels. The other layer is responsible for verifying the
integrity of the software to ensure that it is not modified. The software is installed on smart
card which acts as an extra security layer. The communication relies on the security features
of the public mobile network with some enhancement. In order to shelter the communication
via public Internet, a border based VPN solution is deployed between the public mobile
network and the remote server using the network assisted approach. This thesis will serve as
basis for designing a secure communication path for Swedish road toll system.

Populärvetenskaplig beskrivning / Popular science summary: Some applications on mobile handheld devices are involved in exchanging critical
information e. g. sending positioning data of heavy-good vehicles as a basis for road toll. This
information must not be accessed or modified illegitimately; however, there is the risk that
can be accessed or modified by modifying the application or during communication of the
handheld device with its counterpart. This thesis report investigates concepts to shelter
software from modification and how the communication of these applications running on a
handheld device over public mobile network can be made more secure. This work was
performed by carefully identifying relevant literature and developing the concept that how a
smart card can enhance the security of the software running on it particularly for handheld
devices. It also discusses the issues and threats to smart cards. Furthermore it proposes a
solution based on the specified scenario. The security of the software comprises on two
layers; one layer is for analysis prevention, making it hard to understand the behaviour of the
program both at static and dynamic levels. The other layer is responsible for verifying the
integrity of the software to ensure that it is not modified. The software is installed on smart
card which acts as an extra security layer. The communication relies on the security features
of the public mobile network with some enhancement. In order to shelter the communication
via public Internet, a border based VPN solution is deployed between the public mobile
network and the remote server using the network assisted approach. This thesis will serve as
basis for designing a secure communication path for Swedish road toll system.
Ämnesord / Subject: Datavetenskap - Computer Science\General
Datavetenskap - Computer Science\Networks and Communications
Telekommunikation - Telecommunications
Nyckelord / Keywords: handheld devices, smart card, public mobile network

Publication info

Dokument id / Document id:
Program:/ Programme Master of Science in Security Engineering
Registreringsdatum / Date of registration: 05/08/2007
Uppsatstyp / Type of thesis: D-Uppsats/Magister/Master

Context

Handledare / Supervisor: Bengt Carlsson, Markus Fiedler
bengt.carlsson@bth.se, markus.fiedler@bth.se
Examinator / Examiner: Rune Gustavsson
Organisation / Organisation: Blekinge Institute of Technology
Institution / School: TEK/avd. för interaktion och systemdesign
S-372 25 Ronneby
+46 455 38 50 00
Anmärkningar / Comments:

+46 762733374
+46 737038932

Files & Access

Bifogad uppsats fil(er) / Files attached: master_thesis_report_mcs_2007_04.pdf (708 kB, öppnas i nytt fönster)