The research area of mobile computing has become more important following the widespread drive towards mobile ad hoc networks, wireless sensor networks, and vehicular ad hoc network tracking technologies and their applications. The availability of high-bandwidth 3/4G infrastructures and the pervasive deployment of low-cost WiFi WiMAX infrastructures to create hotspots around the world serve to accelerate the development of mobile computing toward ubiquitous computing. Security and privacy in converged computing systems are considered an important part of these systems and pose challenging open problems. This special issue has focused on the research challenges and issues in security and privacy in ubiquitous computing. Of the submitted manuscripts, only eight manuscripts of high quality were finally selected for this special issue. Each manuscript was selected through blind reviews by at least three reviewers consisting of guest editors and external reviewers. We present a brief overview of each manuscript in the following paragraphs.
Interconnection and roaming are two key services in typical multi-domain mobile network environments. However, these types of environments can be composed of entities with different inter-domain security policies with location and mobility constraints. In the paper entitled “XFPM-RBAC: XML Based Specification Language for Security Policies in Multi-Domain Mobile Networks”, a formal XML-based Formal Policy language for Mobility with Role-Based Access Control is proposed. In this setting, security policies together with location and mobility constraints are based on Ambient Calculus and Ambient Logic. A security policy management application has also been developed for the specification and administration of security policies. A case study is also included to illustrate the feasibility of the developed tools.
In the paper entitled “TrustVis: Visualizing Trust towards Attack Identification in Distributed Computing Environments”, the authors present a tool used to identify attack nodes in distributed computing environments. The authors first analyze the behaviors of existing types of attacks and then present their visualized trust relations. Their tool consists of three components, and their visualized figures can be to determine relation trust relations between trusted nodes and suspicious nodes. The authors give case studies of how their tool works and demonstrate effectiveness and efficiency of their tool in determining attack nodes and types of attacks.
Online social networks (OSNs) have revolutionized frequent interactions between their users. Most of these networks require full or partial disclosure of users' data, and enhanced privacy is a key required feature for such content-centric systems. In the paper entitled “DEFF: a New Architecture for Private Online Social Networks”, the authors propose a mediated architecture for OSNs that protects users' information from both the OSN provider and unauthorized OSN users. This mediated architecture takes advantage of a semi-trusted proxy server, who is also responsible for most computationally intensive operations. User information can be shared with other users in a dynamic, efficient, and flexible set-up over which the user can exercise fine-grained control.
Scalable authenticated group key transfer protocols are an important aspect of any secure group communication setting. In the paper entitled “Improved group key transfer protocols from Harn et al.'s protocol”, the authors present a secret sharing threshold scheme for which the size of the broadcasted message from the Key Generation Center (KGC) is fixed, and each group member only needs to compute an interpolating polynomial of fixed degree to recover the group key. Focusing on key freshness, authentication, and confidentiality, the paper gives proofs of security against both insider and outsider attackers and in its improved version, that is, the second protocol, against untrustworthy KGC.
The new generation of mobile networks, particularly 4G-LTE, uses an all-internet protocol base to provide a very high data bit rate. However, this also makes these types of networks vulnerable to IP-based attacks. In the paper entitled “A Secure, Efficient and Cost-effective Distributed Architecture for Spam Mitigation on LTE 4G Mobile Networks”, the authors study one such attack: SMTP SPAM flooding denial-of-service attacks. The paper suggests a pattern detection approach to detect and mitigate effects of such attacks on LTE networks. The proposed architecture is proven to be secure, efficient, and cost-effective both using a formal analysis approach and also by results obtained using simulations of both centralized and distributed architectures.
Today, radio-frequency identification (RFID) systems are widely used in a variety of security-sensitive applications such as access control, the payment industry, and many others. An important class of attacks on these types of systems is that of relay attacks, as they can bypass many existing security and cryptographic solutions. Distance bounding protocols have been suggested as a possible solution to this problem that takes advantage of the physical operational requirements of such systems. However, vulnerabilities of low-cost implementations of such protocols have been observed in the literature by various authors. A recently proposed protocol named “Hitomi” had tried to address these vulnerabilities by using non-linear composition of secrets and inclusion of more nonce. This issue includes two papers with proposed solutions to relay attacks.
In the first paper entitled “Non-linearity Cannot Help RFID Resist to Full Disclosure Attacks and Terrorist Fraud Attack”, the authors closely examine Hitomi and other proposed solutions in the literature and their shortcomings and show that using a conventional linear composition of secrets provides a more secure solution than those using non-linear composition.
In the second paper, entitled “Chaotic Masking for Securing RFID Systems against Relay Attacks”, the authors propose a simple but secure masking scheme that counters the relay attack in RFID systems that uses physical characteristics of the communicated signals. This scheme is the first solution based on the chaos suppression theory. The chaotic characteristic of a dynamic Lorenz controller is exploited to distinguish a legitimate RFID reader from a proxy reader in the relay attack. Simulation results of the paper show applicability of the proposed approach in existing RFID systems.
Secure and efficient handover and authentication represent two important operational challenges for any mobile network. Many current solutions to these two services treat them separately, hence ignoring the direct performance impact of one on the other. In the paper entitled “Efficient Identity-based Hierarchical Access Authentication Protocol for Mobile Network”, the authors introduce a secure and efficient hierarchical identity-based access authentication protocol to address these issues concurrently. The protocol does not require management of certificates because of its ID-base set-up, and allows for precomputing of time-consuming signing and verification parameters to lower handover delays. Theoretical analysis and simulation results show significant improvement over existing work in the literature.
The guest editors would like to thank all the authors who have submitted their work to this special issue, and all the anonymous reviewers who assisted with the review process. We are also deeply grateful to Prof. Hsiao-Hwa Chen, the editor-in-chief of this journal, for giving us the opportunity to organize this special issue and for his support and that of the publishing staff at Wiley for their help throughout this process.