Securing Mobile Communication Using Trusted Computing Technologies Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

As the tremendous growth in mobile and wireless communications comes with more pervasive applications, the trustworthiness on mobile devices and wireless security problems is becoming increasingly a critical issue. Current mobile device platform does not allow a local or remote user to attest the target platform. Existing solutions rely on software-based security to protect these platforms especially in mobile environment or cloud computing. The limitation of using software alone protection is that it can be easily affected by malicious codes that are executed on the same platform especially during the installation and execution process. Moreover, software-based security cannot assure its own integrity. Hence, trusted hardware is needed as the basis for software security mechanisms and to preserve privacy of user's information stored in trusted platform. Trusted Platform Module (TPM) has been accepted worldwide as the foundation of trust for software processes within a system. This paper presents recent studies on enhancing mobile communication security by using remote attestation function of the TPM in support for trusted Location Based Services (LBS).

Keywords: Mobile Communication, Security, Trusted Computing, Trusted Platform Module (TPM), Mobile Trusted Module (MTM), Attestation Protocol, Location Based Services (LBS).


Mobile computing and communication devices such as notebooks, PDAs, cell phones, mobile music players, mobile data storage devices, etc. have become very popular because of their convenience and portability. The wireless security and trustworthiness of using such devices are the most critical issues. Currently, the mobile platform does not allow a local or remote user to attest their platform and has to rely on software-based security to protect these platforms. The limitation of using software alone protection is that it can be easily affected by malicious codes that are executed on the same platform especially during the installation and execution process. Moreover, software-based security cannot assure its own integrity. Hence, trusted hardware is needed as the basis for software security mechanisms and to preserve privacy of user's information stored in trusted platform. Trusted Platform Module (TPM) has been accepted worldwide as the foundation of trust for software processes within a system. This paper presents recent studies on enhancing mobile communication security by using remote attestation function of the TPM in support for trusted Location Based Services (LBS).

This paper has three main areas. Firstly, we discuss on mobile security, privacy and trust in the entire domain of mobile computing technology. Secondly, we define mobile platforms security mechanisms such as platform integrity (checking and verification), data protection, remote attestation and mobile security using Trusted Computing technologies. Thirdly, we emphasize on attestation protocol in Location Based Services (LBS) based on Trusted Mobile Platform Protocol Specification to form trusted network connection (TNC) between mobile devices (clients) and server.


Mobile Network Security has gained great attention recently mainly from the subscriber level to the network operator and service provider to protect both the physical devices and information they contain. Although all communications systems and mobile applications seems to have special requirements; many security issues with the wire-line networks such as public switch telephone and data networks; still need to be addressed. Integration of security features into wireless communication as well as security requirements in 2G and 3G systems must also be taken into account [1]. There are also limitations that may apply such as small packet size, low bandwidth, high transmission costs, limited processing and storage resources and real time constraints.

The most effective way to secure private data is not to store it on mobile devices. Traditionally, the used of strong password which is difficult to guess normally consisting of six or more characters including numbers and special characters [2]. Virtual private network (VPN) only caters for the communication security whereby it encrypts data during transmission in private network, such as the Internet or a wireless network and unfortunately does not emphasize on securing the mobile computing devices or forming trust. These kinds of mechanisms have highly security risk and can be subjected to information loss. Examples include physical risk (e.g.; theft or loss), unauthorized access risk (while log in or network access by an unauthorized person or computer), operating system or application risk (e.g.; web sites, e-mail attachments, and mobile storage media), network risk (e.g.; viruses, worms, and other malware can enter a computer or other electronic device through networks) and mobile data storage device risk (e.g.; USB drives, Personal Digital Assistants (PDAs), mobile music players, floppy disks, CD-ROMs, DVDs, etc.) Many studies have focused mainly on mobile subscriber authentication, radio-path encryption [3] and secure mobile IP so-called "mobile security". The specific character of mobile limited targets is related to security properties is classified in Figure 1 below is used as the main basis for various mobile communication applications further [3].

Figure 1: Mobile Security Framework [3]

The limitations in 2G mobile communication protocols and networks (GSM), 3G wireless networks (IMT-2000) and 4G include lack or absence of mutual authentication, end-to-end security, non-repudiation, and user anonymity, together with protocol weaknesses. Hence, research in mobile protocols have focuses mainly on securing Mobile IP through incorporating IPSEC protocol and extending the Mobile IP protocol including encryption, authentication, registration, care-of address, handoff, route, firewall, etc. In Mobile Computing however there are different problems, the ones that are associated with mobile agent is one of the most popular types of distributed and mobile computing environment. Basically, three different problems need to be considered about the security of mobile agent, including protection of a host from malicious agents, protection of an agent from malicious hosts, and from other agents, where attacks include damage, modification, DoS, breaking of privacy, harassment, etc. While in Mobile Multimedia, there are two main techniques exist for the protection of intellectual property rights (IPR); i.e. media encrypting and information hiding.

In mobile communication security some mobile networks incorporate link security; for example, 3G encrypts all messages between handsets or data cards and a carrier's base station. Other options exist for securing mobile network communication, independent of device type or access method [4, 5]. Mobile authentication strategy [4] strives to combine strength and enforceability with usability. For example; simple passwords which are easily guessed might enforce length, complexity and timeout rules and Non-text passwords which decrypt other credentials stored on that handheld so the authenticated user can access his/her company's network. Digital certificates bind an identity to a public/private key pair and are considerably stronger than passwords, so long as the owner's private key is protected. Smart cards is used to unlock a device is a security chip, embedded in a credit card, badge or MMC/SD memory to provide safe storage for cryptographic keys used by authentication and encryption algorithms. Hardware tokens is a strategy for user to enter his/her text password, followed by the string displayed by his/her token. This approach avoids crackers and key loggers, since passwords are not reused. Biometrics is typically used for multi-factor authentication which combines at least two of the following. While Proximity is like few mobile security products have started to support proximity-based authentication, permitting connections with mobile devices that pass through a checkpoint and denying connections outside that area.

Intrusion detection system (IDS), serving as the second line of defense [6]. Practically IDS should achieve high detection rate and low false positive rate. It is also important for IDS to have capability in distinguishing correct alerts from malicious ones, in which attackers blacklist innocent nodes. Frequent malicious alerts can dramatically increase false positive rate and also communication burden on the entire network. Communication overhead introduced by IDS should increase linearly as the network expands, without interfering with normal communications. Current mobile-phone security includes service providers' network based malware defenses and malware protection on individual handsets. Additional approaches are required to protect against data theft and other problems [7, 8]. The development of modem radio communication greatly changed existing communication environments [7]. Since the 1980s, and the beginning of AMPS (Advanced Mobile Phone System), circa 1990s, TDMA (Time Division Multiple Access), CDMA (Code Division Multiple Access) was an important milestone, then wireless communication technology grew rapidly and enabled modem radio communication to process a large volume of multimedia data.

Many researchers have proposed mobile agent security to solve several security problems including protecting host, protecting transfer network and protecting mobile agent itself etc. [8, 9]. Nevertheless, most mobile agents are highly exposed to various threats by the platform they visit. For mobile devices security, USIM/SIM, biometrics and external security memory devices are available. The SIM/USIM plays the key role in mutual authentication between the user and the network [10]. Another means of user authentication is the utilization of biometrics which provides advanced capabilities in providing physical user authentication. Typical biometric system use physical features such as fingerprint, face characteristics, hand geometry, iris properties, voice, etc. for recognition. External memory cards are used for storing data for digital cameras, digital music and movie distribution, etc. There are many types of memory cards available. Manufacturers of these memory cards address the security requirements for the SD card from Trusted Mobile Device perspective. The SD card is a non-volatile memory with digital rights management capabilities.

The following guidelines as mentioned in [11] might help us in protecting our mobile communication device by depending on the functionality of the device:

Use a password to access your device.

If the Bluetooth functionality is not used, ensure that this setting is disabled.

Do not open attachments from untrusted sources.

If your device is lost, report it immediately to your carrier or organization.

Review the security setting on your device to ensure appropriate protection.

Enable storage encryption to help protect the data stored on your device in the event it is lost or stolen.

Beware of downloading any software to your device.

Before disposing of the device, wipe all data from it

As device capabilities became more diversified and included several wireless communication capabilities, software grew more complex, and the vulnerabilities of the corresponding software and hardware increased. Existing software security is vulnerable, not only in terms of access to the hardware of lost devices by other people but also to mobile malicious code. To answer the call for a better trusted computing environment for the future, in 2003 TCG (Trusted Computing Group) was organized by major IT corporations such as Intel, IBM, AMD, etc., to develop an open security platform that can be used in all industrial fields and solves existing software security vulnerabilities via a hardware security module. A section will be dedicated to discuss trusted Computing in this paper.

Figure 2: Mobile Communication architecture[12]

In current distributed systems as shown in Figure 2, authentication is a necessary procedure for verifying an entity's identity and authority. Authentication protects the service provider from unauthorized intrusion. The level of trust for a particular entity depends on the outcome of the authentication process. Ideally, user authentication should be carried out transparently, without disruption to whatever the user's task is at the moment. By mutual authentication, mobile station also authenticate with the base station. This is of great importance to prevent a malicious station from pretending to be a base station. In practice most authentication protocols require the home authentication authority (or authentication server) to be contacted during the execution of the protocol.

Trusted Computing

TCG standardizes a hardware-based security module as a security function for trust computing; known as TPM (Trusted Platform Module) for general PC (Personal Computer) environments and MTM (Mobile Trusted Module), for applying TPM in mobile environments. Referring to [19] the main reasons why Trusted Computing should be adopted for computing/mobile security are:

Trusted Computing-based Full Disk Encryption: An enhanced full disk encryption solution alerts the user if their computer has been hacked.

Unified secure login to your favorite sites: Servers can be assured who the user really is as the password is backed with the guaranteed identity from the TPM, and the user can be assured that access to the services can only be made from the computer with the TPM installed.

Network assurance: Trusted Network Connect (TNC) has a whole group of protocols defined around IF-MAP, Interface for Metadata Access Protocol that allows clients to be queried as to their state and for other network devices to talk amongst them about the state of the network.

Digital Rights Management: If media companies want to deliver content over the network to client; they can have highly secure DRM.

Mobile phone security: Trusted Computing defines the Mobile Trusted Module, a security chip (or some software running in a highly-trusted and secure mode performing the same function) that adds the same features as the TPM

Since mobile phones are much smaller than PCs and already have full circuitry, they have limited space for another chip. The most challenge is how to integrate TCG circuitry into a phone to make the technology work with the handset's software because most mobile devices have limited memory, power, and processing resources. A mobile device stores a high volume of private information and makes it high risk. Hence, MTM is an applicable security module that can be embedded in the platform and will provide strong security. However, a secure migration scheme is necessary for the secret key (TPM Based). Some other security services need also be migrated or updated after migration, for example, user authentication, platform authentication, communication confidentiality, data integrity, efficiency, consistency and completeness [10].


Location Based Services (LBS) Security

Currently, many operators of cell phone networks offer LBS to their customers. Since many operators outsource service provisioning to a third-party LBS provider and a person's location could reveal sensitive information about the person. It is imperative that the operator must comply with privacy preserving guidelines produced by the regulators, and that the service provider should process location information about the customers in a privacy-preserving way. To this end we propose an enhanced architecture for LBS based on Trusted Computing, Secure Logging and Remote Attestation functions that provide the required privacy preserving mechanisms. First, the system application lets an authorised operator to query the configuration of a location-based service. The operator will hand over user location information to the LBS service provider only if the service is configured the location information is anonymized. The LBS provider will monitor information flow, and scans for any active man in the middle attacks. In the next section we discuss the role of an anonymizer in fulfilling privacy preserving requirement.


In this section we discuss anonymity because preserving anonymity in LBS is a greater concern in mobile systems. Mobile systems succumb more easily to eavesdropping and tapping compared to fixed networks, making it easier to unauthorized access user information. Current mobile communication systems store a lot of their user related information on network databases to assist in user mobility support as well as authentication and billing. This makes the user information more widespread and highly available. It is also uncertain whether the environment where this data is stored is safe and trustworthy. The following issues should be considered to solve the eavesdropping and tapping problems [1]:

Preventing any association of the user with messages that he sent or received.

Preserving the privacy of location and movement information of users.

Preventing the disclosure of the relationship between a user and his home domain.

Preventing any association of the user with the foreign domains that were visited.

Disallowing the exposure of a user's activities, by hiding the relationship between him and the visited domains.

Figure 3: Our Approach on LBS Attestation Architecture based on TCG Spec

The protection of user location data and user's private data through anonymity has attracted many research efforts. Most of the existing approach utilizes anonymizer between the users and the LBS server. The above problems can be resolved through implementation of an Anonymizer. The anonymizer will act as a middleware, having several security mechanisms to defend against passive and active attacks. There are many proposed anonymization techniques that are considered as great privacy tools that preserve users' private information. Our proposed solution is as shown in Fig. 3. The task of Anonymizer is to obfuscate or cloak location information of the query issuer with a group of users in the vicinity. The Anonymizer server will to do the following [19]:

receive exact location information from mobile users along with a privacy profile of each user.

anonymize exact location information into cloaked spatial areas based on each user privacy profile.

send cloaked spatial areas to the location-based database server. The privacy-aware query processor is embedded inside location-based database server to tune its functionality to deal with anonymous queries

In the following section we present the attestation protocol that is being used together with the Anonymizer described above.

Attestation Protocol

Remote attestation is an important attribute in trusted computing. Attestation is the process of vouching for the accuracy of information, a platform can attest to its description of platform characteristics that affect integrity (trustworthiness) of a platform [13]. One of the purpose of remote attestation is to attest whether the remote platform is trustworthy but not revealing actual identity of the platform [14]. To guarantee trustworthiness and freshness, description of characteristics needs to be signed by the TPM. Usually this signature is generated by using Endorsement Key (EK) of TPM, which is a cryptographically unique and bounded to TPM and develops a solution using a trusted third party (Privacy CA). The drawback of this solution is that Privacy CA needs to be involved in all the transactions of the attestation. When a challenger requests the proof of trustworthiness of an attesting platform, it also requests the responding PCR value from that platform. An agent on the attesting platform will collect the proof data and request the built-in TPM for AIK signed PCR and returns to the challenger as well as credentials that vouch for the TPM. The challenger verifies the proof and other information returned by the platform agent and determines the trustworthiness of the attesting platform [15]. We emphasize the necessity of using attestation mechanism in our proposed solution in which a trusted agent is assured to measure and report to the service provider the state related information of its resided platform. To achieve this remote attestation process in mobile environment without hardware support, increasing the software complexity is an effective choice. Software obfuscation can make the program more complicated, and if the agent can also work independently to the services supplied by the resided platform, it can thus be trusted by its distributor during a significant period [16].

Trusted Network Connect (TNC) is a specification from the Trusted Computing Group [17] intended to enable the enforcement of security policy for endpoints connecting to a corporate network. While Trusted Network Connect is architecture for attestation, it is of much narrower scope than our approach. Its purpose is to provide trust in endpoints connecting to a network and for this reason it is generally seen as supporting activity at network layers 2 or 3. Existing attestation proposals, including those put forth by the TCG, are generally aimed at specific use-cases and typically lack in addressing a more general attestation problem. Further, existing definitions of attestation primarily focus on describing the particular properties [18] desirable in those use-cases. As user privacy becomes a notable security issue in wireless communications, it is desirable to keep mobile users' identities and whereabouts anonymous, the following five properties should be satisfied [18]:

Server Authentication: the user assure about the identity of the foreign server;

Subscription Validation: the foreign server is sure about the identity of the home server of the user;

Key Establishment: the user and the foreign server establish a random session key which is known only to them and is derived from contributions of both of them.

User Anonymity: besides the user and the home server, no one including the foreign server can tell the user's identity; and

User Untraceability: besides the user and the home server, no one including the foreign server is able to identify any previous protocol runs which have the same user involved Attestation platforms.


This paper has presented recent studies on enhancing mobile communication security and proposed a solution using remote attestation function of the TPM in support for trusted Location Based Services (LBS). We proposed trusted hardware based solution as the basis for software security mechanisms and to preserve privacy of user's information. In future, we will continue our work on the trusted computing based LBS architecture, and examining in greater detail the privacy performance and verifying the system behaviors in a large system, in which each mobile user terminal has different security requirements. Many works on mobile agent security including platform realization and trust chain mechanism which is based on trusted hardware and trusted computing will be next hot topics in research. There are numerous issues regarding security, privacy and trust, and we believe that more research works are needed to support mobile computing, communications and services.