Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.792800
Title: Challenging environments : using mobile devices for security
Author: Cobourne, Sheila
ISNI:       0000 0004 8500 1554
Awarding Body: Royal Holloway, University of London
Current Institution: Royal Holloway, University of London
Date of Award: 2018
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
The advent of the Internet, and advances in computing and phone technology have transformed the way society interacts and conducts business. There are well established security processes and protocols that exist to protect people's privacy and the sensitive credentials needed for secure transactions. However, many areas of the world do not have access to the high-quality technical infrastructure, equipment and expertise necessary for these security procedures to be effective. These are challenging environments, and this thesis examines how mobile devices can be used to enhance the security of applications in them. Three application areas are investigated: remote e-voting; m-payments; and authentication. Two of these areas are then investigated in the (differently challenged) online Virtual World (VW) environment. Eight use cases are presented in total, employing a range of features available on mobile phones to address identified security issues. The main contributions can be found in solutions that introduce security through a Smart Card Web Server (SCWS) application installed on the tamper-resistant smart card chip Subscriber Identity Module (SIM) found in a mobile device. These solutions include remote e-voting on a mobile device, branchless banking and offline Single Sign-On authentication. The use of well-established and standardised security protocols with tamper-resistant hardware enhances the security of these proposals, and distributing processing to a number of SIMs protects against attacks such as Distributed Denial of Service. Other work describes a Bitcoin SMS m-payment scheme, and preliminary investigations into the potential for using gesture recognition dynamic biometrics on a mobile phone. The VW applications, log-in authentication and in-world voting, are also outlined. All proposals are analysed (informally and formally if appropriate) with respect to defined security requirements. A discussion of the security and practicality of SCWS solutions is given, along with suggested future research directions.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.792800  DOI: Not available
Keywords: mobile devices ; Security ; Remote E-Voting ; m-payment systems ; Virtual Worlds ; Authentication ; Smart Card Web Server
Share: