[04WI2025] Security for Mobile Applications

Prof. Dr. Rüdiger Grimm

Prof. Dr. Rüdiger Grimm, Institute for Information Systems Research, Research Group IT-Risk Management

 

Content

The course will present a reference model for the security of mobile systems and its applications. According to the structure of this model, security threats, security requirements and security mechanisms will be identified and explained. A set of selected applications, like RFID ID cards, mobile working places, location based services with their security and privacy concerns will be analyzed. The lecture will cover these topics:

  • Reference model of security for mobile applications
  • The mobile workplace, example Blackberry
  • Mobile technology (incl. RFID, Bluetooth, WLAN, VPN) and related security means
  • Basic protection of mobile technology (BSI)
  • Access, Authorization, Accounting for mobile devices
  • Application ePassport and eIdentification (nPA)
  • Local Based Services, examples, privacy and security concerns
  • M-commerce, incl. mobile TANs, mobile payment, mobile tickets
  • Mobile DRM, ring tones, iTunes, Open Mobile Allience
  • Applications Remote Management, Liberty Allience, Shibboleth, DFN Roaming, Mobile PKI

Target Group

Master Informatics, Focus MSE - Mobile Systems Engineering

Required Knowledge

IT Security Basics (Encryption, Signatures, PKI, access control, authentication)

Acquired Competence

Successful attendants of this module will understand security risks of selected applications of mobile systems. They will also master methods to control those risks. They will understand the underlying technology and its application opportunities that exploit the mobility of persons, data and services in a network. They will also understand the history of mobile systems. Therefore, they will be able to derive tendencies of their future development.

Examination

Written test one week after the course.

Literature

Recent:

  • Stephen Fried: Mobile Device Security - A Comprehensive Guide to Securing Your Information in a Moving World, Auerbach Publications, Boca Raton Florida 2010, 274 pages.
  • Himanshu Dwivedi, Chris Clark, David Thiel: Mobile Application Security, McGraw Hill, New York 2010, 408 pages.
  • Ken Dunham (Ed.): Mobile Malware Attacks and Defense, Elsevier, Burlington MA 2009, 409 pages.
  • Wolfgang W. Osterhage: Sicher & Mobil - Sicherheit in der drahtlosen Kommunikation, Springer-Verlag, Berlin/Heidelberg 2010, 168 Seiten.

Older:

  • K. Randall, N. and P. C. Lekkas: Wireless Security: Models, Threats and Solutions, McGraw Hill, 2002.
  • G. Wiehler: Mobility, Security and Web Services, Publicis MCD, 2004.
  • J. Zobel: Mobile Business and M-Commerce, Hanser, 2001.
  • Knospe, Pohl: RFID Security, Information Security Technical Report, 9,4, S. 39-50, Elsevier 2004, http://www.inf.fh-bonn-rhein-sieg.de/Aufsaetze.html

Standard Basics:

 

Duration / Credity: 2 SWS, 3 ECTS


UNIKO Students: Please register for this course via KLIPS