Information Assurance in the Era of Mobility: Challenges and Solutions
Keywords:
m-IA, encryption, authentication, MDM, 5G, IoT, mobile malware, mobile payment, policy enforcement, emerging threats, AI and quantum encryption, mobile security in the future, BYOD, mobile threat vendors.Abstract
With more family and organizational members using mobile devices within homes and workplaces, mobile device security particularly in regard to information security is an important question. The information assurance principles, secure mobile technologies, trends, threats, policies and compliance in mobile systems are presented in this article. These basic features including cryptos, MFA, MDM, and SC are part of the mobile security technologies explained in the paper. It also looks into how these latest trends, for instance 5G networks, IoT, mobile payment and AI app impact and offer opportunities as well as risks. Therefore, the article discusses policy regimes and compliance and the emergence of threats such as mobile malware, phishing, and ransom ware. However, it also proscribes comprehension of future opportunities and further evolutions in the sphere of mobile information assurance including the creation of Artificial Intelligence, quantum-safe encryption, and the international cooperation in order to overcome the new threats on the horizon. The mobile systems adopted by different systems and software may prone to several hacking attacks, although, through proper policies’ integration and up-to-date technologies, mobile systems security is feasible than in the advancing technology world.
References
Treiblmaier H, Rejeb A and Strebinger A 2020 Blockchain as a Driver for Smart City Development: Application Fields and a Comprehensive Research Agenda Smart Cities 3 853– 72
Elagin V, Spirkina A, Buinevich M and Vladyko A 2020 Technological Aspects of Blockchain Application for Vehicle-to-Network Information 11 465
Jabbar R, Kharbeche M, Al-Khalifa K, Krichen M and Barkaoui K 2020 Blockchain for the Internet of Vehicles: A Decentralized IoT Solution for Vehicles Communication Using Ethereum Sensors 20 3928
Rotuna C, Gheorghita A, Zamfiroiu A and Smada D-M 2019 Smart City Ecosystem Using Blockchain Technology IE 23 41–50
Gösele M and Sandner P 2019 Analysis of blockchain technology in the mobility sector Forsch Ingenieurwes 83 809–16
Wong P F, Chia F C, Kiu M S and Lou E C W 2020 The potential of integrating blockchain technology into smart sustainable city development IOP Conf. Ser.: Earth Environ. Sci. 463 012020
Tarulescu S, Tarulescu R, Soica A and Leahu C I 2017 Smart Transportation CO 2 Emission Reduction Strategies IOP Conf. Ser.: Mater. Sci. Eng. 252 012051
Zhang X, Xu Q, Lu J and Xu J 2021 Conceptual characteristics and analysis of typical application scenarios of energy blockchain J. Phys.: Conf. Ser. 1738 012113
Creutzig F 2021 from smart city to digital urban commons: Institutional considerations for governing shared mobility data Environ. Res.: Infrastruct. Sustain. 1 025004
Finger, M., Bert, N. & Kupfer, D. (2015) 3 rd European Intermodal Transport Regulation Summary “Mobility-as-a-Service: from the Helsinki experiment to a European model?” Technical report, European Transport Regulation Observer No 2015/01. Finnish Transport Agency (2015). MaaS Services and Business Opportunities. http://www2.liikennevirasto.fi/julkaisut/pdf8/lts_2015-56_maas_services_web.pdf
Gerpott, T. J. and Thomas, S. (2014). Empirical research on mobile Internet usage: A meta-analysis of the literature. Telecommunications Policy, 38, pp 291-310. Heikkilä, S. (2014). "Mobility as a Service-A Proposal for Action for the Public Administration, Case Helsinki." https://aaltodoc.aalto.fi/bitstream/handle/123456789/13133/master_Heikkil%C3%A4_Sonja_2014.pdf?sequence=1
Herring, H., and Sorrell, S. (eds) (2008). Energy Efficiency and Sustainable Consumption. The Rebound Effect. Palgrave Macmillan, Basingstoke. Hoadley, S. (ed) (2017) Mobility as a Service: Implications for Urban and Regional Transport. Discussion paper.
POLIS, Brussels, Belgium. Jittrapirom, P., Caiati, V., Feneri, A.-M., Ebrahimigharehbaghi, S., Alonso-González, M., J. & Narayan, J. (2017). Mobility as a Service: a Critical Review of Definitions, Assessments of Schemes, and Key Challenges. Urban Planning, 2, 13-25.
Lee, D. (2016) Is Uber getting too vital to fail? http://www.bbc.com/news/technology-38252405 accessed 28th August 2017.
Yang, Y., & Ma, M. (2015). Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for e-health clouds. IEEE Transactions on Information Forensics and Security, 11(4), 746–759.
Yang, Y., Liu, X., & Deng, R. H. (2018). Lightweight break-glass access control system for healthcare Internet-of-Things. IEEE Transactions on Industrial Informatics, 14(8), 3610.
Yang, K., Jia, X., & Ren, K. (2014). Secure and verifiable policy update outsourcing for big data access control in the cloud. IEEE Transactions on Parallel and Distributed Systems, 26(12), 3461–3470.
Ying, Z., Li, H., Ma, J., Zhang, J., & Cui, J. (2016). Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating. Science China Information Sciences, 59(4), 042701.
Li, H., Liu, D., Alharbi, K., Zhang, S., & Lin, X. (2015). Enabling fine-grained access control with efficient attribute revocation and policy updating in smart grid. TIIS, 9(4), 1404–1423.
Martins, A., and Eloff, J. (2001). Information Security Culture. Retrieved December 12, 2012, from http://etd.rau.ac.za/theses/available/etd-04292004-10222/restricted/SEC2002FinalVersion.pdf -12thDecember,2012
Mayring, P. (2000). Qualitative Content Analysis. Forum: Qualitative Social Research, 1(2). Retrieved June 17, 2013, from http://217.160.35.246/fqs-texte/2-00/2-00mayring-e.pdf.
McDonough, C. (2003). Identifying the Risk Involved In Allowing Wireless Portable Devices Into Your Company. InfoSec Reading Room. SANS Institute McDowell, M. (2008). Business Mobility: A Changing Ecosystem. Information Knowledge Systems Management, 7, 25–37.
McIntosh, J.C., & Baron, J.P. (2005). Mobile Commerce’s Impact on Today’s Workforce. International Journal of Mobile Communications, 3 (2), 99–113.
Michael, H. (2012). Android malware perspective: only 0.5% comes from the Play Store. Retrieved February 15, 2013, from http://www.phonearena.com/news/Android-malware-perspectiveonly-0.5-comes-from-the-Play-Store_id36696
Moody, D., & Walsh, P. (1999). Measuring the Value of Information: An Asset Valuation Approach. University of Melbourne, Department of Information Systems, Melbourne Musaji, Y. (2006). A Holistic Definition of IT Security—Part 2. Infromation Controls Journal (ISACA)
Olzak, T. (2006). Strengthen Security with an Effective Security Awareness Program. Retrieved December 17, 2012, from http://adventuresinsecurity.com/Papers/Build_a_Security_Awarsseness_Program.pdf
Patton, M.Q. (2002). Qualitative Research and Evaluation Methods.Thousand Oaks, CA: Sage.
Post, G. V., & Kagan, A. (2007). Evaluating Information Security Tradeoffs: Restricting Access Can Interfere With User Tasks. Computers and Security, 26 (3), 229 - 237.
PricewaterhouseCoopers (2012). Changing the Game: Key Findings from the Global State of Information Security Survey 2013. Retrieved February 21, 2013, from http://www.pwc.com/gx/en/consulting-services/information-security-survey/assets/2013- giss-report.pdf
Pinto, F., Afghah, F., Radhakrishnan, R., Edmonson, W.: Software Defined Radio implementation of DS-CDMA in inter-satellite communications for small satellites. In: 2015 IEEE WiSEE, pp. 1–6 (Dec 2015)
Velasco, C., Tipantuña, C.: Meteorological picture reception system using software defined radio (SDR). In: 2017 IEEE Second Ecuador Technical ChaptersMeeting (ETCM), pp. 1–6 (Oct 2017)
Pei, Y., Chen, H., Pei, B.: Implementation of GPS Software Receiver Based on GNU Radio. In: Cross Strait Quad-Regional Radio Science and Wireless Technology Conference (CSQRWC). pp. 1–3 (July 2018)
Janicik, J., Wolff, J., Friedman, A.: Cybersecurity in Modern Spacecraft Operations. In: Proceedings of the 28th Annual AIAA/USU Conference on Small Satellites,. No. SSC14-P4-5 in Poster Session (2014).
Dillon, H.: Receiving weather satellite images with Softrock. http://www.alternet.us.com/?p=1398 . Accessed 30 Jan 2019
Baguley, R.: Full Earth Disc Images from GOES-17 Harvested By SDR (2019). https://hackaday.com/2019/05/03/full-earth-discimages-from-goes-17-harvested-by-sdr/ . Accessed 14 Jun 2019
Maloney, D.: Eavesdropping On Cosmonauts with An SDR (Mar 2019). https://hackaday.com/2019/03/28/eavesdroppingon-cosmonauts-with-an-sdr/#more-350387. Accessed 14 Apr 2019
Rtl-sdr.com: RTL-SDR Tutorial: decoding Inmarsat STD-C EGC Messages (Aug 2015). https://www.rtl-sdr.com/rtl-sdr-tutorialdecoding-inmarsat-std-c-egc-messages/.
Accessed 15 May 2019 69. Chweh, C.: Autonomy in space. IEEE Intell. Syst. Their Appl. 13(5), 78–80 (1998)
Webster, G., Brown, D., Cantillo, L.: Nasa mars rover can choose laser targets on its own. https://mars.nasa.gov/news/nasa-marsrover-can-choose-laser-targets-on-its-own/. Accessed 08 May 2019
Obata, T., Nakasuka, S., Aoyanagi, Y., Matsumoto, T., Shirasaka, S.: On-Orbit Demonstrations of Robust Autonomous Operations on CubeSat. In: 32nd Annual AIAA/USU Conference on Small Satellites. No. SSC18-WKX-02 in A Look Back: Lessons Learned (2018)
Kennedy, A.K., Cahoy, K.L.: Initial Results from ACCESS: An Autonomous CubeSat Constellation Scheduling System for Earth Observation. In: 31st Annual AIAA/USU Conference on Small Satellites. No. SSC18-X-03 in Ground Systems (2017
Ogilvie, A., Allport, J., Hannah, M., Lymer, J.: Autonomous Satellite Servicing Using the Orbital Express Demonstration Manipulator System. In: 9th International Symposium on Artificial Intelligence, Robotics and Automation in Space (01 2008)
NASA: Cubesat Proximity Operations Demonstration (Mar 2016). https://www.nasa.gov/sites/default/files/atoms/files/cpod_fact_sheet-7march2016.pdf. Accessed 29 May 2019
SpaceX: Starlink mission overview (May 2019). https://www. spacex.com/sites/spacex/files/starlink_press_kit.pdf. Accessed 08 Feb 2019
Tepe, A., Yilmaz, G.: A survey on cloud computing technology and its application to satellite ground systems. In: 2013 6th International Conference on Recent Advances in Space Technologies (RAST), pp. 477–481 (June 2013)
Kongsberg: KSAT. https://www.kongsberg.com/ksat/. Accessed 01 April 2019
Earth-i: Earth-i to use KSAT’s Ground Stations to Receive First Commercial Full-Colour Video from Space (Dec 2017). https://earthi.space/press/earth-i-use-ksats-ground-stations-receivefirst-commercial-full-colour-video-space/ . Accessed 01 April 2019
HawkEye 360: HawkEye 360 Selects Norway’s Kongsberg Satellite Service (KSAT) to Provide Ground Station Services for Pathfinder Mission (Apr 2018). https://www.he360.com/hawkeye-360-selects-norways-kongsberg-satelliteservice-ksat-to-provide-ground-station-services-for-pathfindermission/
Li, Y. (date2017) Future Roles of Public Authorities in Mobility as a Service (MaaS), Workshop Report. Smart Procurement for Better Transport H2020 Project.
Kamargianni, M., Li, W., Matyas, M., House, C., Count, W. (2016). A Comprehensive Review of “Mobility as a Service” Systems. In: 95th Annual Meeting of the Transportation Research Board.
Washington DC. MaaS International (2017). Finnish company MaaS Global completes funding round, raising €14.2 million. Press Release 02.08.2017, http://maas.global/press/. Last accessed 30th August 2017.
Morton, C., Budd, T. M., Harrison, G. and Mattioli, G. (2017). Exploring the expectations of transport professionals concerning the future automobility system: visions, challenges, and transitions. International Journal of Sustainable Transportation, 11, 493-506.
Abiodun, M. K., Awotunde, J. B., Ogundokun, R. O., Misra, S., Adeniyi, E. A., Arowolo, M. O., & Jaglan, V. (2021). Cloud and big data: A mutual benefit for organization development. Journal of Physics: Conference Series, 1767(1), 012020. 47.
Wu, F., Xu, L., Kumari, S., Li, X., Shen, J., Choo, K. K. R., & Das, A. K. (2017). An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment. Journal of Network and Computer Applications, 89, 72–85. 48.
Liu, C., Chen, J., Yang, L. T., Zhang, X., Yang, C., Ranjan, R., & Kotagiri, R. (2013). Authorized public auditing of dynamic big data storage on a cloud with efficient verifiable fine-grained updates. IEEE Transactions on Parallel and Distributed Systems, 25(9), 2234–2244. 49.
Baek, J., Vu, Q. H., Liu, J. K., Huang, X., & Xiang, Y. (2014). A secure cloud computing based framework for big data information management of the smart grid. IEEE Transactions on Cloud Computing, 3(2), 233–244. 50.
Dhawale, C. A., Misra, S., Jambhekar, N. D., & Thakur, S. U. (2016). Mobile computing security threats and solution. Int. J. Pharm. Technol, 8, 23075–23086.
Jambhekar, N. D., Misra, S., & Dhawale, C. A. (2016). Cloud computing security with collaborating encryption. Indian Journal of Science and Technology, 9(21), 1–7.
Awotunde, J. B., Ayo, F. E., Ogundokun, R. O., Matiluko, O. E., & Adeniyi, E. A. (2020, July). Investigating the roles of effective communication among stakeholders in collaborative software development projects. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), LNCS (Vol. 12254, pp. 311–319).
Yang, Y., Zheng, X., Chang, V., & Tang, C. (2017). Semantic keyword searchable proxy reencryption for postquantum secure cloud storage. Concurrency and Computation: Practice and Experience, 29(19), e4211
Azeez, N. A., Salaudeen, B. B., Misra, S., Damaševiˇcius, R., & Maskeli¯unas, R. (2020). Identifying phishing attacks in communication networks using URL consistency features. International Journal of Electronic Security and Digital Forensics, 12(2), 200–213.
Yang, Y., Liu, X., Deng, R. H., & Weng, J. (2017). Flexible wildcard searchable encryption system. IEEE Transactions on Services Computing, 13(3), 464–477
Osho, O., Musa, F. A., Misra, S., Uduimoh, A. A., Adewunmi, A., & Ahuja, R. (2019, October). AbsoluteSecure: A tri-layered data security system.In International Conference on Information and Software Technologies (pp. 243–255). Springer, Cham.
Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007 IEEE Symposium on Security and Privacy (SP’07) (pp. 321–334). IEEE
Waters, B. (2011, March). Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In International Workshop on Public Key Cryptography (pp. 53–70). Springer, Berlin, Heidelberg
Ayo, F. E., Folorunso, S. O., Abayomi-Alli, A. A., Adekunle, A. O., & Awotunde, J. B. (2020). Network intrusion detection based on deep learning model optimized with rule-based hybrid feature selection. Information Security Journal: A Global Perspective, 29(6), 267–283.
Yang, Y., Liu, X., Deng, R. H., & Li, Y. (2017). Lightweight sharable and traceable secure mobile health system.IEEE Transactions on Dependable and Secure Computing, 17(1), 78–91.
Thrana, S.A.: Innovative NewSpace Ground Segment—Global Coverage Available through the Cloud. In: 30th Annual AIAA/USU Conference on Small Satellites. No. SSC16–VII–07 (2016)
Signals, R.: RBC Signals Announces New Integration Agreement with Kubos. http://rbcsignals.com/rbc-signals-announcesnew-integration-agreement-with-kubos/. Accessed 29 May 2019
Shah, S.: AWS Ground Station first customers include DigitalGlobe, BlackSky and Spire (Nov 2018). https://www.computing.co.uk/ctg/news/3067137/aws-ground-station-first-customersinclude-digitalglobe-blacksky-and-spire . Accessed 01 April 2019
Witjes, N., Olbrich, and P.: A fragile transparency: satellite imagery analysis, non-state actors, and visual representations of security. Sci. Pub. Policy 44(4), 524–534 (2017). https://doi.org/10.1093/scipol/scw079
Council, C.S.C.: Cloud security standards: what to expect and what to negotiate version 2.0. https://www.omg.org/cloud/deliverables/CSCC-Cloud-Security-Standards-What-toExpect-andWhat-to-Negotiate.pdf . Accessed 26 Feb 2020
Wikipedia.com: Edge computing. https://en.wikipedia.org/wiki/ Edge_computing. Accessed 25 Jun 2019
Musa, S.: Smart City Roadmap. https://www.academia.edu/21181336/ Smart_City_Roadmap. Accessed 25 May 2019
Fleet Space Technologies: Fleet Portal. https://www.fleet.space/portal . Accessed 15 May 2019
The Consultative Committee for Space Data Systems: Overview of Space Communications Protocols. techreport 130.0-G-3, The Consultative Committee for Space Data Systems (Jul 2014). https://public.ccsds.org/Pubs/130x0g3.pdf 01 April 2019