Dirar Abu-Saymeh, D. E. D. I. Abou-Tair, Ahmad Zmily
{"title":"一种近场通信应用安全框架","authors":"Dirar Abu-Saymeh, D. E. D. I. Abou-Tair, Ahmad Zmily","doi":"10.1109/TrustCom.2013.50","DOIUrl":null,"url":null,"abstract":"Smart phones equipped with Near Field Communication (NFC) provide a simple way to initiate contactless transactions and data exchange without having the need to carry additional items such as credit cards, personal IDs, and access keys. To prevent unauthorized NFC transactions in the case of lost or stolen devices, the user needs to be authenticated before each transaction, which adds extra burden on users. In this paper we propose an NFC security framework that simplifies the initiation of secure NFC transactions. The framework calculates a current measure of device security based on user activities and behavior. NFC transactions are authorized if the current device security measure meets the minimum requirement of the application. The framework uses a combination of authentication methods such as password, pin, pattern, finger print, voice and face recognition. In addition, we propose adjusting the device security level dynamically based on user activities, behavior, and background face and voice authentication. As a case study, the framework has been implemented on the Google Android platform. The NFC security framework minimizes the need to intrusively authenticate the user for every NFC transaction thus maintaining the simplicity of using NFC while enhancing its security.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"An Application Security Framework for Near Field Communication\",\"authors\":\"Dirar Abu-Saymeh, D. E. D. I. Abou-Tair, Ahmad Zmily\",\"doi\":\"10.1109/TrustCom.2013.50\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Smart phones equipped with Near Field Communication (NFC) provide a simple way to initiate contactless transactions and data exchange without having the need to carry additional items such as credit cards, personal IDs, and access keys. To prevent unauthorized NFC transactions in the case of lost or stolen devices, the user needs to be authenticated before each transaction, which adds extra burden on users. In this paper we propose an NFC security framework that simplifies the initiation of secure NFC transactions. The framework calculates a current measure of device security based on user activities and behavior. NFC transactions are authorized if the current device security measure meets the minimum requirement of the application. The framework uses a combination of authentication methods such as password, pin, pattern, finger print, voice and face recognition. In addition, we propose adjusting the device security level dynamically based on user activities, behavior, and background face and voice authentication. As a case study, the framework has been implemented on the Google Android platform. The NFC security framework minimizes the need to intrusively authenticate the user for every NFC transaction thus maintaining the simplicity of using NFC while enhancing its security.\",\"PeriodicalId\":206739,\"journal\":{\"name\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TrustCom.2013.50\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom.2013.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Application Security Framework for Near Field Communication
Smart phones equipped with Near Field Communication (NFC) provide a simple way to initiate contactless transactions and data exchange without having the need to carry additional items such as credit cards, personal IDs, and access keys. To prevent unauthorized NFC transactions in the case of lost or stolen devices, the user needs to be authenticated before each transaction, which adds extra burden on users. In this paper we propose an NFC security framework that simplifies the initiation of secure NFC transactions. The framework calculates a current measure of device security based on user activities and behavior. NFC transactions are authorized if the current device security measure meets the minimum requirement of the application. The framework uses a combination of authentication methods such as password, pin, pattern, finger print, voice and face recognition. In addition, we propose adjusting the device security level dynamically based on user activities, behavior, and background face and voice authentication. As a case study, the framework has been implemented on the Google Android platform. The NFC security framework minimizes the need to intrusively authenticate the user for every NFC transaction thus maintaining the simplicity of using NFC while enhancing its security.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
