Professional Documents
Culture Documents
BY: BY:
giri_mogullapalli@yahoo.com anishraja_b@yahoo.com
1. ABSTRACT *
2. INTRODUCTION TO MOBILE COMPUTING *
3. MOBILE NETWORKS
• FIRST GENERATION MOBILE NETWORKS
• SECOND GENERATION MOBILE NETWORKS
• THIRD GENERATION MOBILE NETWORKS
4. CURRENT WIRLESS TECHNOLOGIES
5. CDPD TECHNOLOGY *
• CDPD NETWORK ARCHITECTURE
• CALLING PROCEDURE
• PROTOCOLS USED
• CDPD ADVANTAGES
6. DATA SPLICE TECHNOLOGY **
• FEATURES OF DATA SPLICE
• DATA SPLICE OPERATION
• REQUIREMENTS
7. SECURITY
8. APPLICATIONS
9. LIMITATIONS
10.FUTURE OF MOBILE COMPUTING *
11.CONCLUSION*
ABSTRACT
A technology that allows transmission of data via a computer, without having to
be connected to a fixed physical link is called mobile computing. The advent of wireless
networks has greatly increased the possibilities for mobile computing offered to the
general public. Miniaturization has aided this trend towards increased user mobility with
the development of notebook computers and Personal Digital Assistants (PDAs) which
are truly portable. Currently, the most popular form of wireless communication is the
cellular phone. The future for wireless networks promises greatly enhanced utility of
mobile computers by expanding the areas covered by these networks and branching into
digital communications. For example, users will be able to access electronic mail and
data remotely.
Wireless networks pose some unique security concerns in
comparison to their wired counterparts. Foremost among these is that the transmission
medium, in this case electro-magnetic radiation (EMR), cannot be secured against
unauthorized access. There is also a problem in verifying the identities of the parties
involved in a conversation. Also, cellular phones can be modified so that calls made
illegally from one telephone are credited to a different legitimate cellular phone
subscriber. Before wireless networks can achieve broad acceptance, these problems of
fraud and security from eavesdroppers need to be resolved. The solution lies in the
implementation of security protocols over wireless networks.
Many security protocols exist for both wired and wireless
networks. In deciding on a protocol, attention must be paid to the unique characteristics
of the wireless medium. In particular, the wireless link is likely to be limited by
bandwidth, so any applications or protocols used over the link should be chosen to
minimize both the size and number of messages transmitted. Some other items that must
be considered when choosing a protocol include the high error rates on a wireless link
(compared to a wired link) and the problems introduced by mobility.
As wireless communications and mobilemultimedia
services are booming nowadays, systematic research of the overall aspects of mobile
security is crucial. This paper presents a framework model for guiding the systematic
investigation of mobile security. Based on the introduction of some background
viewpoints of security targets from a novel perspective, the framework is described as a
hierarchical model in which mobile security research is partitioned into three different
layers, including Property Theory, Limited Targets, and Classified Applications. Key
research topics in each layer are discussed respectively in detail. In the Property Theory
layer, some basic topics related to security are provided. Then, security issues in
networks, computing, and multimedia processing are fused together in the Limited
Targets layer upon the limitation operator of mobile technology.
A goal of mobile computing research is to make any changes
that might occur in location or type of network connection transparent to the user (or at
least to the mobile applications), thus allowing the mobile users to work in the same
manner and with the same productivity no matter where they are, how they are
connected, or which platform they are currently using. But present support for adaptation
is limited. Part of the difficulty of adaptation in the mobile environment is the
requirement not just to deliver data and services over challenging network conditions, but
to deliver them in formats suitable for the devices that need them.
MOBILE COMPUTING
The term "Mobile computing" is used to describe the use of computing devices--
which usually interact in some fashion with a central information system--while away
from the normal, fixed workplace. Mobile computing technology enables the mobile
worker to: (a) create; (b) access; (c) process; (d) store; and (e) communicate information
without being constrained to a single location. By extending the reach of an
organization's fixed information system, mobile computing enables interaction with
organizational personnel that were previously disconnected.
MOBILE NETWORKS
First Generation Mobile Networks
• AMPS (Advanced Mobile Phone Service) in Asia and North America
• NMT (Nordic Mobile Telephone) in Sweden, Norway, Finland
• ETACS (Extended Total Access Communication System) in the UK
• NTT (Nippon Telegraph and Telephone) in Japan
Second Generation Mobile Networks
• D-AMPS (Digital Advanced Mobile Phone Service, also known as IS-54):
Operates at 800MHz. Uses TDMA Standard — Exists mainly in USA
• N-CDMA (Narrow-band Code Division Multiple Access, also Known as IS-
95):Operates at 800MHz
1. Characterized by high capacity and small cell radius
2. Uses Spread spectrum technology
3. Exists mainly in the USA
• GSM (Global System for Mobile Communications): First digital cellular system
developed for compatibility throughout Europe. Operates at 900MHz range. Data
rates vary according to switching type.
3G Wireless Networks
Now that the importance of data over wireless networks is well understood, research
institutions and organizations have progressively started investing in developing high
speed data networks that can enhance the capacity, quality and rates at which data is
• Can be
combined
with landline
LAN to
network
mobile
devices on a
large campus
• Medium to
high
download
data rate;
can be much
better than
T3 in
dedicated
applications
Connectivity Strategy:
Since wireless data communication technology is usually more expensive than landline
technology for equivalent data volume, it must be justified by a large or quick payback.
For instance, the immediacy provided by some wireless connectivity options could
preserve the value of information that would only degrade as time passes. Another
possibility is that wireless computing would allow a company to offer an increased level
of service, resulting in additional revenue. The value, timeliness, and type of information
being used in a mobile task must be taken into consideration before implementing any
kind of mobile or wireless strategy. Figure 1 illustrates how these decision factors come
into play when selecting a mode of connectivity.
Selection of Connectivity
Figure 1:
The horizontal axis represents the amount of data that the client must have to perform a
task. For some activities, a simple message may suffice, requiring little wireless
bandwidth and device memory. Currently, 2.5G and 3G phones, for example, could be
used in this capacity. For other activities, a high-resolution bitmapped image may be
necessary, which increases both bandwidth and memory requirements. In such cases, a
more complex device, such as a laptop, could be used to transfer data over a traditional
network in order to meet these requirements more effectively.
CDPD Advantages: The CDPD protocol is designed to work with the existing
Internet Protocol (IP) based networks. It can also be used as transport for Local Area
Network (LAN) based wireless applications
The advantages that packet transmission has over conventional circuit switching include
the following:
1. Robustness: Carrier loss between packets is typically not a problem.
2. Security: Encryption on small packets is easily handled.
3. Per-packet billing!
4. User Always on-line and connected!
Robustness is shown from the fact that CDPD provides today a complete network
mobility during subscriber roaming without affecting the surrounding traffic. The
combination of wireless data traffic and cellular services within the same frequency band
and channels is obtained with no loss of performance of either.
DATASPLICE TECHNOLOGY:
Maintenance organizations face pressure when budgets are cut and the expectation of
customer service remains high. That's why many organizations are arming their field
maintenance personnel with handhelds! Mobilizing your workforce can significantly
decrease wasted data entry time and wait time for materials, increase operational
efficiency, reduce transcription errors, and make data immediately available for trending
and analysis. Unlike other mobile solutions for MAXIMO® software that are rigid,
expensive, and have limited functionality, DataSplice solutions can be easily tailored to
meet your work processes and are guaranteed to save your organization money.
Data Splice mobile technology provides a flexible platform that is capable of delivering
mobile data access to field personnel for any CMMS application. Every aspect of the
mobile solution can be easily customized: the data and fields displayed to the user, the
relationships and links between the data, and the business rules performed when
information is modified. Most importantly, we understand that the success of any mobile
application lies in its ability to integrate with your existing business and work processes.
Other mobile solutions force users to change the way they work to conform with the way
the software functions. All Data Splice solutions can easily be modified to your
expectations, ensuring user acceptance.
Advanced Functionality:
The Data Splice Server performs most of the "heavy-lifting" for the application suite.
This include managing and storing the mobile solution configuration, brokering database
queries from remote clients to the correct data source, constructing offline sets of data for
individual users, and much more.
• Provide Mobile Access to Multiple Data Sources: The DataSplice Server is
capable of connecting to all your information systems - simultaneously! This
means it can be used to serve mobile applications for your financials in Oracle,
your maintenance data in SQL Server, along with homegrown systems in FoxPro
or Microsoft Access. DataSplice can even be used to integrate this information for
users in the field without expensive data migration projects to standardize on a
single platform.
• Centralized Configuration: Because the DataSplice Server handles all direct
communications with external databases, this means that the individual devices do
not need any data-access software installed or configured. This simple approach
simplifies software installation and network configuration.
• Simplified Networking: All DataSplice communications run over a single TCP
port, making it easy to configure firewalls and gateways to handle the service.
This also makes it very easy to run DataSplice over secure channels such as
VPNs.
In addition the DataSplice Server maintains all database connections and the individual
clients never connect directly to a database. This means that the networks for any
DataSplice client devices can be isolated from database resources to provide additional
security.
• ODBC Connectivity
Connect to any modern database, including Microsoft SQL Server, Oracle,
Progress, and many more.
• Manage Remote Device Configuration
Simplify your network configurations: the DataSplice server pushes settings to all
remote devices, meaning no time is wasted managing individual handhelds or
workstations.
• High Performance
The server is multi-threaded so it can handle any number of connections
simultaneously.
The Remote Client provides users with a simple interface that makes working with all
enterprise data easy and consistent. The interface is tailored specifically to display
information on screens with limited screen size, yet is flexible enough to be used at any
resolution.
REQUIREMENTS
The following tables list the minimum and recommended system requirements for
running the various components of the DataSplice Mobile Integration Suite:
DataSplice Server:
The DataSplice Server acts as a broker between remote clients and the underlying
databases being accessed for information. For this reason, database performance is
usually the limiting factor for the overall system performance. That being said, certain
server operations, such as constructing large offline datasets for users, can consume
considerable resources on a server.
For small installations (< 10 clients) it is not necessary that the server run
on it's own dedicated machine - it could easily run on the same hardware as
Server the database.
Hardware For larger installations the server should have a minimum 500Mhz
processor and 256M RAM. To ensure optimal performance under heavy
traffic, the more RAM available the better.
• Windows 98
Operating • Windows NT
System • Windows 2000
• Windows XP
The DataSplice Remote client is similar to the Administration Client, in that it is a thin-
client that passes off as much processing as possible to the server. This means it is
capable of accessing large amounts of enterprise data on minimal hardware.
• Pocket PC
Operating • Pocket PC 2000
• Pocket PC 2002
System • Pocket PC 2003 (a.k.a. Windows Mobile)
• Windows CE 2.11 or newer
• Windows CE .NET
For online applications, any device capable of running the supported
operating systems will be sufficient for the Remote Client.
Hardware
If used offline, processor speed and memory become more important for
accomodating data storage. We recommend at least 300Mhz ARM
processors, as well as 64M of memory.
Most handheld devices occasionally lose battery charge and will reset to
Storage factory settings. DataSplice can be installed on storage cards so
applications and data are preserved.
Cards
SECURITY:
The phenomenal growth in mobile and wireless communications entails the serious
problem of security. The causes, mainly due to the frangibility of wireless and mobile
Features and the variety of applications and services, fall into the following categories:
• The physical weaknesses and limitations of mobile and wireless communications,
e.g. high error rate and unpredictable error behavior due to external interference
and mobility, introduce influences on characteristics of not only performance, but
also security.
• The entirely exposed environment of wireless air radio and field devices provides
much more opportunities of being subject to malicious attacks and/or being
susceptible to accidental interferences.
• Applications are becoming more and more important than ever, including mobile
applications and services in areas of military, health care, business, finance, etc.
• Other services may bring users easily in contact with possible threats of intruding
privacy, e.g. location awareness services and context-based applications.
• Contents of provided services, most of which are multimedia-type, are valuable
not only to subscribers but also to composers and providers, and thus secure
protective measures are needed.
MOBILE SECURITY FRAMEWORK:
This section briefly outlines the sketch of the mobile security framework model that we
propose. The framework layout is figured as a hierarchical architecture consisting of,
from bottom to top, three different layers including Property Theory layer, Limited
Targets layer, and Classified Applications layer, as illustrated in Fig. 2. A more detailed
explanation of each layer of the framework model can be found in the next section.
On the lowest layer, Property Theory, some basic issues of security are considered as the
fundamental points of mobile security research, as follows. Note that since security can
be treated as just a property of information technology and systems, discussions in this
layer are common to all the other fields besides the area of mobile communications.
• Security objectives, i.e. to formulate and determine what kinds of security goals
are going to be achieved and to what extent.
• Attacks, i.e. to analyze and distinguish the possible threats and offensive methods
from all the directions against which targets are to be protected.
• Security mechanisms, i.e. to find and do research on the effective techniques to
fulfill security objectives.
• Security management, i.e. to prescribe and carry out laws and policies relevant to
the administration and maintenance of security targets, including the training of
personnel for security consciousness.
• Security evaluation, including identification of critical components and
assessment of vulnerabilities, inspection of performance interference, evaluation
of privacy and robustness, and determination of testing strategy and benchmarks.
Based on the discussion in Section II and using the limitation operator of the
term “mobile”, we get the Limited Targets layer as the research domains of mobile
security.
This layer seems to be the most important part of the whole research layout, since, based
on the common security theory below, the specific character of mobile targets is
considered in each of the three overlapping targets as follows, which at the same time
acts as the main basis for various mobile communication applications further.
Mobile networking, including different mobile network structures and protocols
related to security.
Mobile computing, security problems related mainly to mobile agents and light-
weight operating systems and terminals, with the stratification concept in mind.
Mobile media, usually two aspects, i.e. media content and copyright, are considered
for the security protection during transmission and processing respectively.
Some applications, which cannot be successfully deployed without the support from
secure mobile networks and computing and media processing environment, are classified
and listed on the top layer. Obviously here are just some representative examples of the
diverse applications.
• Messaging, e.g. UM (Unified/Universal Message), PIM (Personal Information
Management), Email, Fax, SMS (Short Message Service).
• Telephony, including VoIP (Voice over IP), IPT (IP Telephony), Video
Conference, etc.
• Tele-Services, such as Tele-Medicine, Tele- GeoProcessing, Tele-Education, etc.
FRAMEWORK LAYERS DESCRIPTIONS
This section describes the framework components on each layer in more detail by
figuring the possible research topics.
A. Property Theory Layer
We focus more on the technical area of security here, which by no means implies that
security management and evaluation are less important. In total, there are three different
security objectives on data that are to be reached, one or all, including
• Confidentiality, i.e. the data can only be used by authorized users and/or parties.
• Integrity, i.e. the data cannot be modified during transfer and storage by
adversaries.
• Availability, i.e. the data is always available for authorized use.
B. Limited Targets Layer
1) Mobile Networks: Security issues have not been satisfactorily solved in 2G mobile
communication protocols and networks (GSM). The deficiencies and limitations include
lack or absence of mutual authentication, end-to-end security, non-repudiation, and user
anonymity, together with protocol weaknesses. In 3G wireless networks (IMT-2000),
comprehensive requirements are considered, in categories related to access, radio
interface, terminal, user association, network operation, security management, etc. As 4G
vision is paving its way to reality, more topics of wireless and mobile networks need to
be concerned, e.g. mobile ad hoc networks, WLAN, PAN and micro-cellular
environments.
2) Mobile Computers and Computing: Mobile agent is one of the most popular types
of distributed and mobile computing environment [7, 8]. Mobile software agent extends
the concept of software object with the attributes and capabilities of mobility, reactivity,
autonomy, and collaboration. Generally three different problems need to be considered
about the security of mobile agent, including protection of a host from malicious agents,
protection of an agent from malicious hosts, and from other agents, where attacks include
damage, modification, DoS, breaking of privacy, harassment, etc.
3) Mobile Multimedia: The overwhelming advantages of digital data have led to all
kinds of digital media being composed and distributed widely over the Internet, but then
again the possibility of unrestricted duplication and unlimited copying without loss of
fidelity is brought along at the same time. Two main techniques exist for the protection of
intellectual property rights (IPR): media encrypting and information hiding. The former
method takes care of the protection of multimedia data during the transmission process
through suitable coding and encryption, while the latter concerns mainly copyright
protection and copy prevention.
C. Classified Applications Layer—Mobile E-commerce
This section uses mobile E-commerce as a representation to describe the mobile security
issues of the Classified Applications layer. Mobile E-commerce is selected as the
discussed example because it is ever-increasingly popular as a wireless Internet
application converging a mobile communications network with the Internet, and is thus a
promising candidate for the killer application.
• Security for mobile, wireless computing is a particularly difficult problem. Some
technologies, such as Free Space Optics, have more security because of the
physical characteristics of the media. However, other technologies, such as cell
phones and digital pagers, have almost no security because of poorly designed
communications protocols.
FUTURE:
The picture below gives a typical pictorial representation of how the future network
systems will co-exist and interact with each other.
Some of these components are:
• 4G-Cellular Systems
• Broadband Wireless Access Systems
• Evolution of Mobile Network
• Intelligent Transport Systems
• High-Altitude Stratospheric Platform Station Systems
Features of future mobile computing devices:
• Increased storage capacity lets you bring everything you need with you:
• Input innovations make data entry easier:
• Enhanced display technology :
• Faster processors support feature-rich applications
• Stay connected with faster, more ubiquitous wireless
• Enhanced battery capacities and more power-efficient devices
• Portable processing power
APPLICATIONS:
The real power of mobile computing becomes apparent when mobile hardware, software,
and communications are optimally configured and used to accomplish a specified mobile
task. Although many varied applications exist, mobile computing applications can
generally be divided into two categories--horizontal and vertical.
Horizontal Applications
Horizontal applications have broad-based appeal and include software that performs
functions such as: (a) email; (b) Web browsing; (c) word processing; (d) scheduling; (e)
contact management; (f) to-do lists; (g) messaging; (h) presentation. These types of
applications usually come standard on Palmtops, Clamshells, and laptops with systems
software such as Windows 95.
Vertical Applications
Vertical applications are industry-specific and only have appeal within the specific
industry for which the application was written. Vertical applications are commonly used
in industries such as: (a) retailing; (b) utilities; (c) warehousing; (d) shipping; (e) medical;
and (f) law enforcement and public safety. These vertical applications are often
transaction oriented and normally interface with a corporate database.
LIMITATIONS
Bearer Limitations
Wireless network bearers operate under several fundamental constraints, which place
restrictions on the type of protocols and applications offered over the network:
Power consumption.
As bandwidth increases, power consumption increases. In a mobile device, this
reduces battery life.
Cellular network economics.
Mobile networks are typically based on a cellular architecture. Cells are a
resource shared by all mobile terminals in a geographic area, and typically have a
fixed amount of bandwidth to be shared among all users. This characteristic
rewards efficient use of bandwidth, as a means of reducing the overall cost of the
network infrastructure.
Latency.
The mobile wireless environment is characterized by a very wide range of
network latency, ranging from sub-second round-trip communication time up to
many tens of seconds. In addition, network latency can be highly variable,
depending on the current radio transmission characteristics (e.g., in a tunnel or off
network) and the network loading in a particular area. Latency is further increased
by routing, error correction and congestion-avoidance characteristics of a
particular network.
Bandwidth.
The mobile wireless environment is characterized by a very wide range of
network characteristics, and typically has far less bandwidth available than a wire
line environment. In addition, the economics of the wireless environment
encourage the conservation of bandwidth to achieve greater density of
subscribers.
Device Limitations
Wireless devices operate under a set of physical limitations, imposed by their mobility
and form factor:
Limited power.
Any personal, or "hand held" mobile device will have a very limited power
reserve, due to existing battery technology. This reduces available computational
resources, transmission bandwidth, etc.
Size:
many mobile wireless are very small (hand-held).
Mobile wireless devices are characterized by a different set of user interface constraints
than a personal computer. To enable a consistent application programming model, a very
wide range of content scalability is required. In practice, a significant amount of the
current WWW content is unsuitable for use on hand-held wireless devices. Problems
include:
Output scalability.
Existing content is designed for viewing on PC screens, whereas mobile devices
will have a wide range of visual display sizes, formatting and other
characteristics. In the near future, this will include voice-only output.
Input scalability.
Mobile devices feature a wide range of input models, including numeric keypad,
very few or no programmable soft keys, etc. In the near future, this will include
voice-only input.
Many wireless devices, for example cellular phones and pagers, are consumer devices.
These devices are used in a wide variety of environments and under a wide range of use
scenarios. For example:
CONCLUSION:
GOAL:
Mobile computing brings a wealth of benefits to an organization, but also a wealth of
headaches to its information security department. The goal is to implement effective
security controls that support the needs of the individual business while minimally
impacting the usability of mobile devices.