Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006.

Published byVivian Clarke Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006."— Presentation transcript:

1 Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006

2 Secure Systems Research Group - FAU Agenda Reviews –“Wi-Foo The Secrets of Wireless hacking” –“Mobile Commerce and Wireless Computing Systems” Ideas of Patterns for Wireless Web Services

3 Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” by A. Vladimirov, K. V. Gavrilenko, A. A. Mikhailovsky Summary: –Mixes theory, tools, and techniques about how attacks against wireless networks are performed and how one can defend its network –Assume that the reader has a good technical knowledge of networks (I particular IEEE 802 standards) –Intended for system administrators, network managers, + penetration testing

4 Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Focuses on 802.11:widespread area of network coverage How to use a Pda or laptop, choose a wireless card, antenna, configure the OS to make a penetration testing on the network Using the penetration testing tools: –Network discovery and traffic logging –Traffic decoding and analysis –Encryption cracking tools (WEP crackers) –802.11 frame-generating tools –Encrypted traffic injection tools –Access point management software

5 Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Attacks: –closed ESSID, MAC and protocol filtering –Cracking WEP –Wireless man-in-the-middle attack and rogue access points deployment –Authentication systems attacks –DoS attacks

6 Secure Systems Research Group - FAU “Wi-Foo The Secrets of Wireless hacking” Defenses: –Security policies –Hardened gateway –Improvements to WEP, use of WPA –Use of radius, LDAP –Use Of a VPN (IPSec) –Wireless IDS systems Also chapters about cryptography

7 Secure Systems Research Group - FAU “Mobile Commerce and Wireless Computing Systems” by Geoffrey Elliott, Nigel Phillips Intended for managers, or beginners in the technology field About the capabilities of the wireless technology and what people want to do with it M-Commerce = “The mobile devices and wireless networking environments necessary to provide location independent connectivity”

8 Secure Systems Research Group - FAU “Mobile Commerce and Wireless Computing Systems” Chapters about: –M-commerce –Networks –wireless protocols –Wireless programming (WAP) –Os for micro devices –Mobile networking (bluetooth) –Services and products –Pervasive and embedded mobile systems –Security –Mobile applications

9 Secure Systems Research Group - FAU Patterns for wireless web services (ideas) Architectural patterns –Wireless web services gateway –Direct Use of web services over wireless links –Mobile agents for wireless devices Implementation patterns –Wireless CallBack –Format compression –Device Authentication –User Authentication –Wireless attribute provider

10 Secure Systems Research Group - FAU Wireless web services gateway Context –portable devices are limited in memory and computational power. –the connection bandwidth and reliability of the wireless connection are limited compared to wired connections Problem –How to deliver the web service to the clients?

11 Secure Systems Research Group - FAU Wireless web services gateway Solution –Web services are not delivered directly to the portable device but transformed in a gateway –The gateway is in charge of transforming the SOAP messages into a compressed form that will be used by the mobile device. It can also implement cache functions.

12 Secure Systems Research Group - FAU Wireless web services gateway Example –An example of this compressed format could be WML (equivalent of HTML in the WAP stack, available in many phones), or for basic scenarios such as the “push” of information, the gateway can transform SOAP messages into SMS, or voice.

13 Secure Systems Research Group - FAU Direct Use of web services over wireless links Context –portable devices must have built-in implementations of the web services technologies. This concerns the high end market segment, and includes smart phones, PDAs, and laptops. Problem –How to deliver the web service to the clients?

14 Secure Systems Research Group - FAU Direct Use of web services over wireless links Solution –the device, that is now a consumer of web services, can run client applications from different providers

15 Secure Systems Research Group - FAU Mobile agents for wireless devices Context –using a web service can imply multiple passes between client, server and third parties (for security purposes for example) while the wireless link is not reliable and the bandwidth can be limited. Problem –How to deliver the web service to the clients?

16 Secure Systems Research Group - FAU Mobile agents for wireless devices Solution –The agents act as proxies on behalf of a client.

Download ppt "Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006."

Similar presentations

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.

Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Chapter 61 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005.

Chapter 61 Introduction to Information Technology Turban, Rainer and Potter John Wiley & Sons, Inc. Copyright 2005.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
V1.00 © 2009 Research In Motion Limited Introduction to BlackBerry Smartphone Web Development—The BlackBerry Infrastructure Trainer name Date.

V1.00 © 2009 Research In Motion Limited Introduction to BlackBerry Smartphone Web Development—The BlackBerry Infrastructure Trainer name Date.
Wireless and Switch Security NETS David Mitchell.

Wireless and Switch Security NETS David Mitchell.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Lucent Technologies - Proprietary 27 September, 20001 A look at security of Voice over IP protocols Irene Gassko Lucent Technologies Bell Laboratories.

Lucent Technologies - Proprietary 27 September, A look at security of Voice over IP protocols Irene Gassko Lucent Technologies Bell Laboratories.
December 17, 2002 1 Wi-Fi Mark Faggiano GBA 576. December 17, 20022 Purpose of the Project  I hear Wi-Fi, WLAN, 802.11 everywhere  What does it all.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.
V1.00 © 2009 Research In Motion Limited Introduction to Mobile Device Web Development Trainer name Date.

V1.00 © 2009 Research In Motion Limited Introduction to Mobile Device Web Development Trainer name Date.
Chapter 8 Mobile Commerce

Chapter 8 Mobile Commerce
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Similar presentations

Ads by Google