Baltimore IMC : http://www.baltimoreimc.org
News :: Media
Security for mobile phones, PDAs emerges
Author
- Gene Koprowski
Date Created
- 01 Oct 2004
Date Edited
- 01 Oct 2004 04:38:48 PM
License
This work is in the public domain.
Gene Koprowski
UPI
Last updated: Oct. 1, 2004 at 9:25AM
CHICAGO, Oct. 1 (UPI) — A pickpocket steals a shopper's cell phone at a mall, but when he tries to make a call he can't because a new fingerprint scanner affixed to the phone ensures only the rightful owner can use the device.
It might sound like something out of the movie "The Matrix" -- or one of its many sequels -- but it is real security technology, available today.
"Embedded security for mobile phones and other mobile devices is becoming very important," Adrian Turner, president and chief executive officer of Mocana Corp., a security technology company in Menlo Park, Calif., told United Press International.
Technologists have developed an array of security solutions for mobile devices -- from software for the phone, to encryptions for the mobile phone network, to cool new hardware like the biometric fingerprint scanner.
"You have to take pro-active steps to close these security holes," Richard Rushing, chief security officer at AirDefense Inc., a technology company in Alpharetta, Ga., told UPI.
Consumers and business people face several common security problems using mobile phones and personal digital assistants.
"These problems relate to mobility in general," Rushing said. "When you have a mobile device, you're getting information from one device to another device. Even though you've cut the cable -- you are wireless -- it's the same consideration that you have on the Internet."
One increasingly common problem is criminals or hackers stealing the information people type into their PDAs or mobile phones using wireless keyboards. The devices usually retain the standard personal identification numbers encoded at the factory and are not usually re-configured by end users.
"Security is always an inconvenience that people don't like," Rushing said. "If you make it too hard to work, with PINs, a certain percentage of people are just going to give up."
Another problem is authentication. Many wireless PDAs are designed so business people or consumers can message each other through infrared controls. The devices only exchange the information being sent, however, and do not determine if the information is a virus or a worm, or is otherwise harmful, Rushing explained.
"Many times hackers will send a fake 'auto-time' feature out, and it will ask the recipient, 'Do you wish to update your clock?' That's becoming a way they transmit the worms. Everyone always wants to update their clock," he said.
Software can prevent such intrusions. Memory limitations on the mobile devices -- from Motorola, Nortel Networks and other developers -- have led to software solutions by developers who have created master controllers, as well as voice-authentication technologies.
Some developers go even farther, developing methods that scour networks and identify all devices connected via Bluetooth software, determining whether they are properly authenticated and encrypted.
Hardware likewise can be effective at solving some of the security problems.
LG Electronics, the Korean technology company, developed the mobile phone with fingerprint-scanning capabilities, a company spokesman told UPI. With the scanner, mobile phones can be securely locked and unlocked. This prevents long-distance calls being made by the thief to, say, Colombia, Russia or Kenya. It also has another security benefit.
"It ensures the safety of all personal information stored on the phone," said the company spokesman, based in Los Angeles.
The technology enables fingerprints to be read below the surface, to the live layer of the skin, generating true fingerprints. That can eliminate reading errors caused by dry skin, or oily and dirty skin, under an array of weather conditions, the spokesman explained.
The biometric solution is emerging now because many mobile phones today really are PDA-like devices, enabling consumers to surf the Internet on the go; send e-mail, photos or video; play MP3 audio files, and even perform mobile banking services. As such, they contain a complete list of personal contacts, the LGE spokesman said.
Researchers at Royal Philips Electronics have developed a new chip that allows mobile devices to access information in a new, more secure way. The project is part of the initiative to make mobile payment for physical -- and digital -- services easier.
The technology, called near-field communication, enables users to exchange information, such as phone numbers or credit card numbers, for electronic transactions by bringing a device enabled with the chip physically close to another device, also enabled with the chip, an RPE spokeswoman told UPI.
In the future, this could allow consumers to get on a bus, with their mobile phone in hand, and automatically pay for the fare, without having to fumble around for change or even a smartcard. The information about billing would be contained on the chip in the phone, which would communicate with the chip in the bus fare box.
The new technology operates in the 13.56 megahertz frequency range, generally over a distance of just a few inches.
Despite the advances, however, software and hardware can do only so much in the wireless world, experts told UPI. Companies also are going to have to establish policies that will determine where and when their employees can use mobile devices to get on a company network, and consumers can no longer be as free and easy as they have been about mobile communications.
"Organizations are trying to grasp this -- figure out what they can do," Rushing said. "They will have to set policies. Is it OK for employees to synchronize the contacts and (Microsoft) Outlook files on their office PC with their PDA? There are issues with that -- security issues."
Rushing said he knows of clients who have had employees with PDAs, running Bluetooth wireless technology, who were connecting to the printers in their office, and printing documents.
"The government might not want any of these devices with that kind of capability," Rushing said. "Some environments may want to consider how they keep people from bringing in their own PDAs and own cell phones. This is a difficult issue and it is hard to establish basic policies and monitor them."
--
A weekly series examining emerging wireless telecommunications technologies. E-mail sciencemail-AT-upi.com
UPI
Last updated: Oct. 1, 2004 at 9:25AM
CHICAGO, Oct. 1 (UPI) — A pickpocket steals a shopper's cell phone at a mall, but when he tries to make a call he can't because a new fingerprint scanner affixed to the phone ensures only the rightful owner can use the device.
It might sound like something out of the movie "The Matrix" -- or one of its many sequels -- but it is real security technology, available today.
"Embedded security for mobile phones and other mobile devices is becoming very important," Adrian Turner, president and chief executive officer of Mocana Corp., a security technology company in Menlo Park, Calif., told United Press International.
Technologists have developed an array of security solutions for mobile devices -- from software for the phone, to encryptions for the mobile phone network, to cool new hardware like the biometric fingerprint scanner.
"You have to take pro-active steps to close these security holes," Richard Rushing, chief security officer at AirDefense Inc., a technology company in Alpharetta, Ga., told UPI.
Consumers and business people face several common security problems using mobile phones and personal digital assistants.
"These problems relate to mobility in general," Rushing said. "When you have a mobile device, you're getting information from one device to another device. Even though you've cut the cable -- you are wireless -- it's the same consideration that you have on the Internet."
One increasingly common problem is criminals or hackers stealing the information people type into their PDAs or mobile phones using wireless keyboards. The devices usually retain the standard personal identification numbers encoded at the factory and are not usually re-configured by end users.
"Security is always an inconvenience that people don't like," Rushing said. "If you make it too hard to work, with PINs, a certain percentage of people are just going to give up."
Another problem is authentication. Many wireless PDAs are designed so business people or consumers can message each other through infrared controls. The devices only exchange the information being sent, however, and do not determine if the information is a virus or a worm, or is otherwise harmful, Rushing explained.
"Many times hackers will send a fake 'auto-time' feature out, and it will ask the recipient, 'Do you wish to update your clock?' That's becoming a way they transmit the worms. Everyone always wants to update their clock," he said.
Software can prevent such intrusions. Memory limitations on the mobile devices -- from Motorola, Nortel Networks and other developers -- have led to software solutions by developers who have created master controllers, as well as voice-authentication technologies.
Some developers go even farther, developing methods that scour networks and identify all devices connected via Bluetooth software, determining whether they are properly authenticated and encrypted.
Hardware likewise can be effective at solving some of the security problems.
LG Electronics, the Korean technology company, developed the mobile phone with fingerprint-scanning capabilities, a company spokesman told UPI. With the scanner, mobile phones can be securely locked and unlocked. This prevents long-distance calls being made by the thief to, say, Colombia, Russia or Kenya. It also has another security benefit.
"It ensures the safety of all personal information stored on the phone," said the company spokesman, based in Los Angeles.
The technology enables fingerprints to be read below the surface, to the live layer of the skin, generating true fingerprints. That can eliminate reading errors caused by dry skin, or oily and dirty skin, under an array of weather conditions, the spokesman explained.
The biometric solution is emerging now because many mobile phones today really are PDA-like devices, enabling consumers to surf the Internet on the go; send e-mail, photos or video; play MP3 audio files, and even perform mobile banking services. As such, they contain a complete list of personal contacts, the LGE spokesman said.
Researchers at Royal Philips Electronics have developed a new chip that allows mobile devices to access information in a new, more secure way. The project is part of the initiative to make mobile payment for physical -- and digital -- services easier.
The technology, called near-field communication, enables users to exchange information, such as phone numbers or credit card numbers, for electronic transactions by bringing a device enabled with the chip physically close to another device, also enabled with the chip, an RPE spokeswoman told UPI.
In the future, this could allow consumers to get on a bus, with their mobile phone in hand, and automatically pay for the fare, without having to fumble around for change or even a smartcard. The information about billing would be contained on the chip in the phone, which would communicate with the chip in the bus fare box.
The new technology operates in the 13.56 megahertz frequency range, generally over a distance of just a few inches.
Despite the advances, however, software and hardware can do only so much in the wireless world, experts told UPI. Companies also are going to have to establish policies that will determine where and when their employees can use mobile devices to get on a company network, and consumers can no longer be as free and easy as they have been about mobile communications.
"Organizations are trying to grasp this -- figure out what they can do," Rushing said. "They will have to set policies. Is it OK for employees to synchronize the contacts and (Microsoft) Outlook files on their office PC with their PDA? There are issues with that -- security issues."
Rushing said he knows of clients who have had employees with PDAs, running Bluetooth wireless technology, who were connecting to the printers in their office, and printing documents.
"The government might not want any of these devices with that kind of capability," Rushing said. "Some environments may want to consider how they keep people from bringing in their own PDAs and own cell phones. This is a difficult issue and it is hard to establish basic policies and monitor them."
--
A weekly series examining emerging wireless telecommunications technologies. E-mail sciencemail-AT-upi.com
Views
Information
Search
This site made manifest by dadaIMC software