Secure Mobile Computing Via Public Terminals

Mobile computing is considered to be one of the four technologies, which will affect the world in the future. In mobile computing, security is the key point; it will determine whether the mobile computing could be successfully deployed in practical or not. The thesis mainly focuses on secure mobile computing via public terminals. It analyzes the key technologies used to access remote data and applications, according to the potential security problems in mobile computing; we construct a threat model, and then address the threat model presented above by adopting some security principles which form a security policy model in our system. Using the combination of public terminals and a trusted device, the user can make full use of the rich interaction capabilities of the public terminals to access their personal data and applications. According the following four aspects, we propose a new architecture of secure mobile computing via public terminals: (1) base on the trust establishment protocol, leveraging the trusted device to verify the identity and integrity of the software loaded on the public terminal; (2) establishing a trusted tunnel between the trusted device and the public terminal to secure sensitive user input, and making sure that the user inputs are delivered to the expected application; (3) base on the VNC and RFB protocol, the remote server is augmented with two extra components: the Image Processor removing private content from public display and the UI Security Controller filtering the UI events from the public terminal; (4) the public terminal is equipped with a RDC Agent module, which multiplexing the connection between the public terminal and the remote server, and it also supports split-trust browsing. According to the security analysis of the system, our architecture can resist all the attacks mentioned in the threat model efficiently, and protect the interaction between the user and the public terminals.