MobiSecServ 2016 - Second Conference On Mobile And Secure Services, 26-27 February 2016
University of Florida,Gainesville, FL 32611
26-27 February 2016
MobiSecServ is sponsored by the The IEEE Gainesville Florida IEEE
Section.
IEEE conference ID 37761
Papers will be published in the IEEE Xplore Digital Library
ISBN: 978-1-4673-9684-4
PartNumber: CFP16RAC-PRT
Full and Short Papers deadline: November 30th 2015
The submission link for EDAS is the following
http://edas.info/newPaper.php?c=21181
Posters and Works in Progress deadline: January 11th 2016
The submission link for EDAS is the following
http://edas.info/newPaper.php?c=21181&track=77938
The first MobiSecServ held in February 2015 at the Gainesville University, see the conference website
A video of MobiSecServ 2015 is available at this link
An early version of MobiSecServ was organized in February 2014 at the Gainesville University, see the workshop website
A video of this previous event is available at this link
The University of Florida (UF) is a major, public, comprehensive, land-grant, research university. With more than 50,000 students, UF is now one of the largest universities in the nation. UF has a 2,000-acre campus and more than 900 buildings (including 170 with classrooms and laboratories).
Agenda (draft)
Location: 101 Stuzin Hall, University of Florida Campus, Gainesville,Florida, 32601, USA
Map
Friday February 26th
10h45: Welcome
Selwyn Piramuthu, University Of Florida
11h00-12h00: Tutorial 1
"The SIMulation project: Secure mobile NFC service in the cloud, a HCE legacy payment use case"
Pascal Urien, Telecom ParisTech and Xavier Aghina, Orange Labs
SIMulation is a research project involving Telecom Paristech and Orange laboratories.
The main idea is to deploy secure NFC services in the cloud, secured by SIM modules.
From a technological point of view it is based on Host Card Emulation (HCE), Open Mobile API, RACS servers, and SIM modules providing strong mutual authentication and TLS secure channels.
Experiments were successfully performed in France over the 3G/4G networks with commercial mobiles in order to perform NFC mobile payments.
Xavier Aghina works in the security department at Orange Labs as a cyber-security expert and technical project leader.
He manages a mobile payment research program whose main focus is to design and implement security solutions.
He also provides active support and consultancy to other Orange subsidiaries within my main area of expertise security audit, risk analysis, vulnerability assessment and recommendations.
Pascal Urien is full professor at Telecom ParisTech, and coFounder of the EtherTrust Company.
His main research interests include security and secure elements, especially for networks and distributed computing architectures.
He wrote about one hundred papers dealing with these topics and holds fifteen patents.
12h00-13h30: Lunch
13h30-14h30: Tutorial 2
"Is it easier to fraud with mobile phone paiement than with contactless card paiement?" Pr Marc Pasquet
Marc Pasquet is full professor at ENSICAEN, France.
He obtained his Master degree from ENSAM (Ecole Nationale Supérieure des Arts et Métiers) in 1977.
He worked for 13 years for different companies belonging to the signal transmission field and 15 years for the banking sector in the field of electronic payment.
He joined ENSICAEN (National Engineer School of Caen in France) in 2006 where he is now leading research in the field of secure electronic payment architecture
14h30-15h00
Investigating the Keylogging threat in Android - User Perspective
Fadi Mohsen, Emmanuel Bello-Ogunu and Mohamed Shehab
Department of Software and Information Systems University of North Carolina at Charlotte
15h30-16h00
Improvising performance of Advanced Encryption Standard Algorithm
Mokshitha Pathuri, Subhakar Yandrathi, Vandan Pendli, Abdul Razaque
Department of Electrical Engineering, Cleveland State University, Cleveland State University, Cleveland, Ohio.
16h00-16h30
An Online Security Protocol for NFC Payment Formally Analyzed by The Scyther Tool
Nour El Madhoun, Fouad Guenane Guy Pujolle
Sorbonne Universités, UPMC University Paris 6, France
Devoteam Group, France
16h30-17h00:
Mobile Payment Security, Threats, and Challenges
Yong Wang Christen Hahn and Kruttika Sutrave
College of Computing College of Computing Dakota State University Dakota State University
17h00-17h30: break
17h30-18h15: Panel
The future of mobile payment, payment for objects, towards a cashless world, trust for the IoT ?
Panel introduction: "The next generation of RACS server, trust for the IoT"
Andreas Lux, CEO of the Implementa Company
Implementa gmbh is a german privately held company founded in 1977.
Implementa provides industrial-strength communication products and solutions.
For more than 15 years implementa has been specializing in wireless and smartcard technologies.
Implementa is the market leader for cloud-based SIM and Secure Element solutions.
Bio
Andreas Lux is the CEO of implementa.
He studied computer science and economy at Universität Göttingen.
His diploma thesis was about fault tolerant search algorithms for text retrieval in full-text databases.
Before joining Implementa in 1994 he worked as a consultant for industrial automation and communication systems. His technical background is software and hardware development for embedded systems and Smartcards.
19h30: Social
Dinner in Gainesville downtown, free to all participants
Saturday February 27th
8h45-9h30: Breakfast
9h30-10h30: Keynote
"Trusted Execution Environment: Trusted Model, Architecture Overview, Challenges and Future Directions", Mohamed Sabt, Orange
Trusted Execution Environment (TEE) was designed to enrich the previously defined trusted platforms, such as TPM.
TEE is commonly known as an isolated processing environment in which applications can be securely executed irrespective of the rest of the system.
However, TEE still lacks a precise definition as well as representative building blocks that systematize its design.
In this keynote, we present TEE within a well-defined trusted model: the Dual Execution Environment approach.
We discuss the different technologies used to implement TEE, in particular we show how ARM TrustZone is well designed to support such architecture.
Furthermore, we analyze the core properties of TEE.
Some related concepts, such as trust and formal verification, are also presented.
Finally, we give a survey on the existing academic and industrial ARM TrustZone-based TEE.
Some known attacks on deployed TEE are presented and discussed.
As a PhD student in Orange Labs, Mohamed Sabt investigates new approaches that offer hardware supported security and trusted computing inside complex systems.
The goal is to re-think security for small connected objects, such as mobile devices and IoT (Internet of Things), by solving the following problem: how the execution of an application can be secured despite a compromised OS.
His research focuses on the Trusted Execution Environment (TEE) and leads to several publications in internationally recognized conferences (ifip sec, trustcom and icac).
Mohamed received an MS in Computer Science from the université de technologie de Compiègne (UTC) in France.
He has a strong background in trusted computing, applied cryptography and mobile services based on Secure Element (e.g. SIM).
10h30-11h00
Optimized Node Selection Process for Quality of Service Provisioning over Wireless Multimedia Sensor Networks
Adwan Alanazi and Khaled Elleithy
Department of Computer Science and Engineering, University of Bridgeport, USA
11h00-11h30
Towards Secure Elements For The Internet of Things:The eLock Use Case
Pascal Urien, LTCI, UMR 5141, Telecom ParisTech, Paris, France
11h30-12h00
NFC4Sure: Mobile Ticketing System
Diogo Antunes, Joao Lima, Goncalo Pereira, Nelson Escravana, Carlos Ribeiro
INO INESC Inovacao
INESC-ID Instituto Superior Tecnico Universidade de Lisboa
12h00-12h30
Fraud on Host Card Emulation architecture Is it possible to fraud a payment transaction realized by a mobile phone using an “Host Card Emulation” system of security ?
Marc Pasquet, Sylvie Gerbaix
ENSICAEN, GREYC Laboratory Caen, France
Montpellier University, Research in Management Lab, France
12h30-12h40: Conference Closing
12h40-14h00 : Lunch
Important Dates
November 23rd 2015, Papers submission deadline
Due to numerous requests the full/short papers submission deadline has been extended to November 30th 2015
January 2nd 2016, Full/Short Papers Acceptance/Rejection notification
January 6th 2016, Full/Short Papers Acceptance/Rejection notification
January 25th 2016, Posters/Works in Progress Papers Acceptance/Rejection notification
January 10th 2016, the registration is opened? Go there to register
Full/Short final papers submission has been extended to January 29th 2016
Posters/Works in Progress final papers submisssion has been extended to February 3rd 2015
Scope
The goal of the "Conference on Mobile Applications, Security, and Services" is to explore the challenges, issues and opportunities both for academic researchers and industrial innovators.
We are looking for both research papers on new applications and presentations of deployment experiments or new business opportunities.
In an always-on and everything connected context, mobile applications are more and more interacting with sensitive or personal resources hosted in cloud computing infrastructures. As a consequence, security and trust are critical issues.
Among other, the NFC technology enables communication in close proximity. With NFC mobiles surfacing the market so quickly, mobile operating systems are prepared for support with dedicated frameworks. This offers researchers and developers a great opportunity for getting quick traction with novel applications.
So far, the main NFC-enabled services deal with payment, access control, or ticketing. Commercial applications today mainly target contactless payments, i.e., eWallets or eTickets managed by transportation companies. The broad availability of NFC-technology fertilizes
research and development of novel applications and can go well beyond these intended applications.
This conference aims to bring researchers and industrial experts together to discuss the latest frontiers of mobile technology and also novel applications that have not been thought of before.
The workshop welcomes contributions addressing (but not limited to) the following topics:
Proximity communication technologies for mobile (NFC, Low Power Bluetooth,…), secure transactions over proximity communications;
Trust for mobile applications and services, Secure Elements, SIM frameworks; SecureSD, (including Google Vault) platforms; Single Wire Protocol (SWP); Trusted Service Manager (TSM); Secure over the air (OTA) services;
New mobile secure architectures. Host Card Emulation (HCE). Trusted Execution Environment (TEE).
New services and business perspectives New payment applications; Apple Pay, Google Pay, Samsung Pay Services; secure tokenisation technologies; proximity communication for access control; automotive industry perspectives; applications for the consumer industry; applications for smart cities; Internet Of Things (IoT) new perspectives;
Mobile Applications for Social Networks.
Deployment experiments and testing Payments, transport, ticketing, access control, couponing, macro localization (Tags).
Conference Organizers
Selwyn Piramuthu, University Of Florida, FL, USA - Selwyn.Piramuthu@warrington.ufl.edu
Pascal Urien, Télécom ParisTech, Paris, France - Pascal.Urien@telecom-paristech.fr