移动互联网安全问题及防护措施探讨

随着宽带无线接入技术和移动终端技术的飞速发展,终端移动化趋势日趋明显,移动互联网在移动终端、接入网络、应用服务端的信息安全与数据保护等方面面临一系列新的、更严峻的挑战。文章主要从移动互联网的发展现状与特性入手,以当前典型移动互联网应用作为研究对象,分析了移动互联网环境下的安全威胁与风险,提出了移动互联网环境下的安全风险控制措施与防护手段。     

移动互联网在水利工程移动巡检中的应用

移动互联网因为其普遍性、高可携带性、安全性和应用多样性等特点,在政务、交通物流、警务等行业得到广泛应用。研究了将移动互联网技术应用到了水利工程移动巡检中,建立了移动终端、管理端和安全接入子系统。移动终端子系统主要用以完成数据下载、采集、上报功能。管理端子系统主要提供数据接口,并对采集的数据进行分析。安全接入子系统是在业务内网与互联网之间建立起一个安全的接入平台。本系统经测试,完全可以满足企业需求。     

基于身份与位置分离机制固定子网接入研究

身份与位置分离机制很好地解决了核心网的路由可扩展问题,成为当前互联网领域研究的热点之一.为了更好地改善互联网对移动性的支持能力,各种域内微移动协议也成为各大高校和通信业公司的重点研究方向之一.在分离与映射机制下,提出了虚拟树状子网网络结构,设计了接入子网的路由以及终端的接入过程,实现了微移动协议.接入子网的引入使得终端的移动不再是必须经过核心网的宏移动,有效地降低了终端移动切换过程中的时延和丢包率问题.     

移动应用开发技术的分析与研究

我国工业和信息化部电信研究院对于“移动互联网的定义”提出的说法是:移动互联网是以移动网络作为接人点的互联网和服务.其包含三大要素:接入终端,移动网络和应用于服务.通俗的说,移动互联网就是利用移动通信技术和互联网技术在移动终端进行互联网的访问和操作.     

移动互联网终端安全分析与研究

移动互联网的普及性、开放性、互联性,使得移动互联网终端安全面临巨大挑战.在深入分析移动互联网终端所面临的威胁的前提下,提出了一体化的安全防护体系.本体系从设备层、通信业务管理层、网络层,系统层,应用层对终端进行全面的管理和防护,从根本上解决移动终端所面临的攻击、泄密等一系列问题.     

基于专网的移动警务安全保障系统设计与研究

安全问题是移动IP技术的核心和瓶颈.针对目前公安移动警务系统安全需要,从系统总体目标和安全策略等方面展开研究,提出了一种基于专网的移动警务系统安全接入设计方案.重点对移动公网接入、移动终端认证系统、数据传输安全、安全管理以及与公安内网数据交换的安全策略进行研究和设计.     

混合型移动应用开发框架优势探讨

随着高速互联网接入技术和移动终端技术的迅速发展,人们可以随时随地从互联网上获取丰富的信息和享受个性化服务。互联网的出现,改变了信息交互的应用方式,构建出一个新的应用服务体系。原生开发、Web开发和混合开发是目前移动应用程序开发框架的三种模式。混合型开发框架的模式与原生程序开发模式和Web开发模式相比,可以访问移动设备的硬件和底层原始数据,而且可以使用移动终端使浏览器内核来执行HTML5代码,融合了原生开发和Web应用程序开发模式两者的优势,使实际开发业务更加灵活,能够满足不同移动应用程序开发项目的实际需要。     

基于TrustZone的可信移动终端云服务安全接入方案

可信云架构为云计算用户提供了安全可信的云服务执行环境,保护了用户私有数据的计算与存储安全. 然而在移动云计算高速发展的今天, 仍然没有移动终端接入可信云服务的安全解决方案. 针对上述问题, 提出了一种可信移动终端云服务安全接入方案, 方案充分考虑了移动云计算应用背景, 利用ARM TrustZone硬件隔离技术构建可信移动终端, 保护云服务客户端及安全敏感操作在移动终端的安全执行, 结合物理不可克隆函数技术, 给出了移动终端密钥与敏感数据管理机制. 在此基础之上, 借鉴可信计算技术思想, 设计了云服务安全接入协议, 协议兼容可信云架构, 提供云服务端与移动客户端间的端到端认证. 分析了方案具备的6种安全属性, 给出了基于方案的移动云存储应用实例, 实现了方案的原型系统. 实验结果表明, 可信移动终端TCB较小, 方案具有良好的可扩展性和安全可控性, 整体运行效率较高.     

智能移动系统的网络安全研究

随着移动技术的发展,越来越多人员已经不仅在办公室处理日常事务,他们已开始使用手机、PDA和笔记本等移动终端通过公共通信网络访问单位内部的资源和应用.但是,这种通过公共网络接入也给单位网络引入了新的安全威胁,而传统的终端VPN已经满足不了现有的智能手机/平板电脑等移动终端的安全接入需求：一方面,如何保证在开放网络中保障移动终端用户身份和接入安全、数据保密性以及移动通信传输过程的一致性和完整性等安全要求;另一方面,由于移动终端容易丢失,如何保证移动终端内存储数据的安全性.因此,本文对基于Android架构的移动系统安全体系及所面临的安全威胁进行阐述并提出一些相应的防范措施.     

移动互联时代下的社区服务信息化模式探究

目前社区服务信息化平台多为依托于个人电脑和桌面互联网,但这种平台对于用户的使用和体验都有着诸多条件的限制。而随着宽带无线接入技术和移动终端技术的迅速发展,社区服务信息化的建设模式具备了从单一的桌面互联网转变至结合移动互联网的跨平台模式的可能性。在探寻面向主导型社区居民的真实需求及社区中特殊人群的需求差异的同时,我们需要依托移动终端为社区服务信息化提供更加定制化的信息设计,以帮助实现社区内部、社区与社会之间更好的交流互动;并将碎片化的内容整合为对公众更加有效的信息服务!     

一个面向移动计算设备的E-mail接收代理

移动计算设备如PDA、手机等具有资源少、网络速度慢的特点，因而其接收电子邮件的速度较慢。文中提出了采用E-mail接收代理来对电子邮件进行预处理的方法，首先根据移动计算设备的接收性能，设计一套适合于它的最佳接收规则，然后利用该规则来对它所需接收的电子邮件进行过滤、转换等操作，使得移动设备能够高效、正确地接收。此外，E-mail接收代理还可以提供诸如认证、防毒、杀毒和翻译等增值服务，进一步扩展它的应用范围。     

Take your mobile device out from behind the requirements desk

Mobile computing devices are everywhere. Recent technological improvements let most wireless devices connect to the Internet and many Web services. This presents exciting new opportunities for requirements analysts. Shouldn't we be able to capture requirements anywhere, anytime using our mobile devices? Why not capture requirements on your mobile telephone and then phone them in? You can do a lot of neat things with mobile devices in your requirements process. Some of these ideas draw on and demonstrate research that we've undertaken when implementing several requirements applications on mobile devices.     

Get wireless: a mobile technology spectrum

Mobile computing applications allow anytime, anywhere access to the Internet and corporate intranets. For several reasons, the market for wireless data services has grown at a much slower rate than wireless voice. Until recently, portable data devices were bulky, required heavy batteries, and didn't have integrated networking. Wireless services have also had to contend with narrow bandwidths, high access latency, and frequent disconnection. Added to this were inadequate coverage, expensive services, and perceived security problems. Finally, few applications were specifically designed with mobility in mind. New mobile technologies address these problems, making wireless data transmission an attractive alternative for individuals and enterprises. The next few years will see wireless data networks come into their own. Next year (year 2000), the market for wireless data networks is predicted to grow to six to eight million users with seven percent of the total wireless revenues. In fact, wireless data service is projected to be a multibillion-dollar market within five years. The combination of portable gadgets and wireless data services provides exciting opportunities for mobile computing applications     

Mobile digcovery: discovering and interacting with the world through the Internet of things

The application of Internet-enabled devices in the real world for the development of Smart Cities, environmental monitoring, bus tracking, and parking requires scalability, extensibility, and integration of emerging resources to reach a suitable ecosystem for data acquisition and interaction with citizens. Internet of things needs to offer efficient support for global communications and access to services and information. It needs to enable homogeneous and seamless machine-to-machine communication for different solutions and applications. This work presents an homogeneous and suitable mechanism for global resource discovery, device access for deployed smart objects in different scenarios, and sensors and devices from end users (participative sensing). The integration of legacy and sensors already available from smart buildings and smart objects is presented. For this purpose, a resolution infrastructure called “digcovery” is defined for maximizing efficiency and sustainability of deployments. Digcovery architecture offers the framework to allow users to register/include their own sensors into a common infrastructure and access/discover the available resources through mobile digcovery. Mobile digcovery exploits the context-awareness, geo-location, and identification technologies available in mobile platforms such as smartphones to discover, interact, and access the resources through its ElasticSearch engine.     

Personalised ubiquitous file access with XML Web Services

The explosion of new types of end-user devices, as well as the increase in the number of users with broadband connection in private households, opens up the opportunity to provide access to documents and services residing in the home domain from remote locations. Also, the increased mobility of users, as well as the need to be able to work in all locations, further adds to the requirement of remote document access. The contribution of this paper is threefold. First, it introduces the Mobile Home Access system, which simplifies remote access to resources in a home domain. The Mobile Home Access (MHA) system is based on the Service-Oriented Computing concept and realized using XML Web Services for communication between the home domain and the end-user device, while employing the Common Internet File System (CIFS) network file system to allow appropriate file access in the home domain. The second contribution is the mechanism whereby such a service can be deployed when network elements like firewalls and NAT routers are introduced. The challenge of establishing a connection from a remote device is general for both client–server services and peer-to-peer services. The paper proposes and describes a design and implementation of a solution using XML Web Services technologies, and thus shows how NAT traversal technology can be integrated with such middleware. The third contribution of this paper is a performance analysis of the current implementation of the Mobile Home Access service. The results of the analysis should be interesting for the applicability of XML Web Services in mobile computing in general.     

Digital Rights Management: The Open Mobile Alliance DRM specifications

Ubiquitous access to the Internet, especially from mobile phones, offers the possibility of easy access for the user to desirable contents such as songs, videos, ringtones and books. However, this easy access also exposes the owners of this content to potential fraud and piracy. Digital Rights Management technologies are used to ensure that digital content can only be consumed on authorised devices that enforce copyright protection and allow the management of content throughout its entire life cycle. This article provides an overview of Digital Rights Management with particular focus on the Open Mobile Alliances DRM standards.     

移动智能网与移动互联网的互通研究

移动智能网与移动互联网的互通与结合可以使移动智能网提供丰富的语音/数据综合业务,同时也解决了预付费业务用户无法使用移动互联网的问题。综述了移动智能网与移动互联网互通的研究成果,在此基础上提出了一个完整的互通体系结构,详细介绍了新的业务属性和业务,并分析了基于移动互联网的业务管理和业务控制的计费策略。     

MASHED: Security and privacy-aware mutual authentication scheme for heterogeneous and distributed mobile cloud computing services

ABSTRACT

Rapid development in mobile devices and cloud computing technologies has increased the number of mobile services from different vendors on the cloud platform. However, users of these services are facing different security and access control challenges due to the nonexistence of security solutions capable of providing secure access to these services, which are from different vendors, using a single key. An effective security solution for heterogeneous Mobile Cloud Computing (MCC) services should be able to guarantee confidentiality and integrity through single key-based authentication scheme. Meanwhile, a few of the existing authentication schemes for MCC services require different keys to access different services from different vendors on a cloud platform, thus increases complexity and overhead incurred through generation and storage of different keys for different services.

In this paper, an efficient mutual authentication scheme for accessing heterogeneous MCC services is proposed. The proposed scheme combines the user’s voice signature with cryptography operations to evolve efficient mutual authentication scheme devoid of key escrow problem and allows authorized users to use single key to access the heterogeneous MCC services at a reduced cost.     

无线城市数据及无线解决方案探讨

随着移动通信和互联网的快速发展,越来越多的用户希望在移动的过程中高速地接入互联网,移动与互联网相结合是发展的必然趋势。无线城市是中国移动利用多种无线接入技术为城市提供随时、随地、随需的无线网络接入,并建设了无线城市手机门户平台,包括无线亚运、便民服务、商家优惠、旅游资讯、无线政务、时事新闻、掌上娱乐等栏目,是移动、随身的互联网。本文介绍的解决方案是中国移动通信集团北京有限公司目前在WLAN建设工程中首例、完整的对城市中心商业街成片区进行分布式AP覆盖的方式,并已开始实施。     

Mobile access to real-time information—the case of autonomous stock brokering

When services providing real-time information are accessible from mobile devices, functionality is often restricted and no adaptation of the user interface to the mobile device is attempted. Mobile access to real-time information requires designs for multi-device access and automated facilities for the adaptation of user interfaces. We present TapBroker, a push update service that provides mobile and stationary access to information on autonomous agents trading stocks. TapBroker is developed for the Ubiquitous Interactor system and is accessible from Java Swing user interfaces and Web user interfaces on desktop computers, and from a Java Awt user interface on mobile phones. New user interfaces can easily be added without changes in the service logic.