Adaptive security protocol selection for mobile computing

Abstract

The mobile computing paradigm has introduced new problems for application developers. Challenges include heterogeneity of hardware, software, and communication protocols, variability of resource limitations and varying wireless channel quality. In this scenario, security becomes a major concern for mobile users and applications. Security requirements for each application are different, as well as the hardware capabilities of each device. To make things worse, wireless medium conditions may change dramatically with time, incurring great impact on performance and QoS guarantees for the application. Currently, most of the security solutions for mobile devices use a static set of algorithms and protocols for services such as cryptography and hashes. In this work we propose a security service, which works as a middleware, with the ability to dynamically change the security protocols used between two peers. These changes can occur based on variations on wireless medium parameters and system resource usage, available hardware resources, application-defined QoS metrics, and desired data “security levels”. We compare our solution to some widespread static security protocols, demonstrate how our middleware is able to adapt itself over different conditions of medium and system, and how it can provide a performance gain in the execution of cryptographic primitives, through the use of data semantics.