Secure authorization, access control and data integrity in Bluetooth
نویسندگان
چکیده
The Bluetooth standard has a provision for mutual authentication of connecting devices but not their actual users and allows access control during connection setup only. We propose a user authorization and pairing (UAP) application, that has the ability to perform authentication and authorization of users using role based model. The pairing procedure, which exchanges link key between devices, is also performed as a part of the user authorization process. The integrity of the message is guaranteed by using message authentication codes. We also extend an attack on a short PIN during the pairing procedure for devices compliant with the Bluetooth specification version 1.1. Disciplines Physical Sciences and Mathematics Publication Details This article was originally published as: Nguyen, L, Safavi-Naini, R, Susilo, W & Wysocki, T, Secure authorization, access control and data integrity in Bluetooth, 10th IEEE International Conference on Networks (ICON 2002), 27-30 August 2002, 428-433. Copyright IEEE 2002. This conference paper is available at Research Online: http://ro.uow.edu.au/infopapers/188
منابع مشابه
Access control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملAn Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کاملSecurity Issues in Inter-Domain Data Management
We discuss the security design issues in providing secure updates to the write-shared object among users across different administering domains. In general, it is difficult to assume a dedicated central server for serializing updates and authenticating collaborators in a write-write sharing across administering domains. Hence, we have proposed a decentralized inter-domain data management method...
متن کاملDesigning of ORBAC Model For Secure Domain Environments
In the secure domain computing environments, it is important to keep resources and information integrity from unauthorized access. Therefore, there is a strong demand on the access control for shared resources. In the past few years, Role-based Access Control (RBAC) has been introduced and offered a powerful means of specifying access control decisions. In this paper, an Object Oriented RBAC mo...
متن کامل