1. Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015

2. Motivation  The development of mobile devices (MD) has grown significantly over the last decade from a simple mobile phone to a pocket size computing device with the capability to access the Internet via various wireless systems such as Wi-Fi and 3.5G networks.  The increase in MD capability (processing power, memory, storage) as well as the introduction of wireless systems (Bluetooth, Wi-Fi, WiMAX, 3.5G) open new opportunities for the next generation of mobile services such as mobile Internet, m-commerce and m-government.

3. Problem Statement  Three main challenges in mobile security are illustrated below:  First and second challenges are mobile devices and wireless systems as they inherit some limitations that threaten the information protection system.  The third challenge comes from some security protocols such as the popular network layer protocol IPSec and the transport layer TLS/SSL protocol.

4.  This paper identifies the MD research challenges and proposes practical solution to maintain the balance between protection and efficiency to secure mobile communication.  The research challenges have been identified, namely: terminal heterogeneity, network heterogeneity and inflexible security protocols.  This increasingly heterogeneous environment presents a challenge on how to secure communication on any type of terminal over any type of network. As guiding principles of our research, we have set a number of objectives that address the MD challenges.

5. These objectives include:  Design an adaptable approach deals with terminal heterogeneity (processing power, memory capacity and power supply).  Design an adaptable approach deals with network heterogeneity (wire and wireless capabilities gap).  Link the provision of security with requested information.  Increase security beyond one fixed key size technique.  Provide a balance between security and performance.

6. Dynamic Key Size (DKS) architecture  Now In this section I am going to proposed dynamic key size (DKS) architecture and its components will be described. The Architecture covers general concepts, security requirements, definitions and mechanisms defining DKS approach.

7. DKS architecture  As the figure shows, the DKS architecture consists of two main blocks. The first block is the approach operation unit, which contains of two core components, namely Capability Performance Levels and Information Security Levels. The second block is the customization and maintenance unit, which contain two components (Policy and Key Management).

8. DKS architecture  In the DKS architecture, the first block supports the selection of the suitable algorithm, which is based on the availability of the algorithm on both sides. The decision of the most appropriate algorithm key size is based on capability performance level and the degree of information sensitivity level.

9. DKS architecture  While the second block support the first block through both policy management, which customize the approach and define its configuration, and key management, which deals with storing keys and maintaining them.

10. DKS architecture  Our approach is thus particularly effective to achieve a flexible selection of the appropriate algorithm key size to meet the objective of a balance between efficiency and protection in a mobile system.

11. A. Capability performance levels  The device and network capability performance levels are defined and customized by a set of policies. The goal of this component is to provide a flexible security system with a variety of performance levels that can deal with different MD and network capabilities.  Category 1: Processing Power and Memory Capacity.  Category 2: Power Supply.  Category 3: Communication System.

12. B. Information security levels  This section defines four information security levels, named none critical, least critical, critical and most critical.  The most critical level represents the highest sensitive information; while none critical level contains the least significant information to the system security.  the decision can be made as to what information is sensitive and what is not.

13. C. Key management  This component accommodates the generation and maintenance of keys that are used in the encryption processes to provide the security services of DKS approach.  It contains identifiers for agreed authentication, encryption and message authentication algorithms, operational parameters like key lifetime.  Key management plays an important role for generating, exchanging, storing, safeguarding, using, vetting, and replacing of keys.

14. D. Policy management  This is an important component that defines the DKS approach implementation. The policy addresses application customization details of the DKS approach.  The policy gives a specification of the seven performance levels as well as a description of every information security level including the information type and the protection tolerance.  The key management policy, states the storage, protection, employ, selection, and replacement of keys.

15. CONCLUSION  We argued in this paper the need to adopt flexible, multi- level security, based on different algorithm key sizes, tied specifically to the information sensitively and capability status in a mobile environment. We proposed the DKS approach as a practical solution to maintain the balance between protection and efficiency to secure mobile communication.

16. REFERENCES  Abdullah Almuhaideb, Mohammed Alhabeeb, Phu Dung Le, Bala Srinivasan, "Beyond Fixed Key Size: Classifications Toward a Balance Between Security and Performance," Advanced Information Networking and Applications, International Conference on, pp. 1047-1053, 2010 24th IEEE International Conference on Advanced Information Networking and Applications, 2010.