Ja’afer Al-Saraireh

A new authentication protocol for UMTS mobile networks

This paper analyzes the authentication and key agreement (AKA) protocol for universal mobile telecommunications system (UMTS) mobile networks, where a new protocol is proposed. In our proposed protocol, the mobile station is responsible for generating of authentication token (AUTN) and random number (RAND). The home location register is responsible for comparison of response and expected response to take a decision. Therefore, the bottleneck at authentication center is avoided by reducing the number of messages between mobile and authentication center. The authentication time delay, call setup time, and signalling traffic are minimized in the proposed protocol. A fluid mobility model is used to investigate the performance of signalling traffic and load transaction messages between mobile database, such as home location register (HLR) and visitor location register (VLR) for both the current protocol and the proposed protocol. The simulation results show that the authentication delay and current load transaction messages between entities and bandwidth are minimized as compared to current protocol. Therefore, the performance and the authentication delay time have been improved significantly.

Analytical model for authentication transmission overhead between entities in mobile networks

This paper analyses the authentication and key agreement (AKA) protocol for UMTS mobile networks. In this research the current authentication protocol has been enhanced by reducing the network traffic, signalling message between entities. Consequently the bottleneck at authentication centre is avoided. This is achieved by reducing the number of messages between mobile and authentication centre, then reducing the authentication times, and setup time as well as improving authentication efficiency as shown in analytical analysis and simulation results. In this paper dynamic length (L) for an array for authentication vector (AV) has been proposed. This requires designing a new technique to predict the numbers of records in AV in each authentication data request depending on the arrival rate of authentication events and residence time of the mobile station (MS) in VLR/SGSN. The analytical and simulation study have been carried out to explore the impact of dynamic length for authentication vector on the signalling traffic in mobile network. To validate the simulation results in this research work, the results have been compared with the analytical results and fill match has been achieved.

Analyses Authentication and KeyAgreement (AKA) Protocol for UMTS Mobile Networks

This paper analyses the authentication and key agreement (AKA) protocol for UMTS mobile networks, where a new authentication protocol which is able to reduce the network traffic and signaling message between entities, and consequently the bottleneck at authentication centre is avoided, this is achieved by reducing the number of messages between mobile and authentication centre, and then reducing the authentication times and setup time as well as improving authentication efficiency as shown in numerical analysis and simulation results. In this paper we propose dynamic length (L) for an array for authentication vector (AV). This required designing new technique to predict the numbers of records in AV in each authentication data request depending on the to arrival rate of authentication events and residence time of MS in VLR/SGSN. The proposed AKA with dynamic L for AV is compared with the current AKA with fixed length for AV.

SSOAM: Automated Security Testing Framework for SOA Middleware in Banking Domain

In the banking domain, a high level of security must be considered and achieved to prevent a core-banking system from vulnerabilities and attackers. This is especially true when implementing Service Oriented Architecture Middleware (SOAM), which enables all banking e-services to be connected in a unified way and then allows banking e-services to transmit and share information using simple Object Access Protocol (SOAP). The main challenge in this research is that SOAP is designed without security in mind and there are no security testing tools that guarantee a secure SOAM solution in all its layers. Thus, this paper studies and analyzes the importance of implementing secure banking SOAM design architecture and of having an automated security testing framework. Therefore, Secure SOAM (SSOAM) is proposed, which works in parallel with the banking production environment. SSOAM contains a group of integrated security plugins that are responsible for scanning, finding, analyzing and fixing vulnerabilities and also forecasting new vulnerabilities and attacks in all banking SOAM layers.

An Efficient Approach for Query Processing Over Encrypted Database

A novel approach proposes in this research to improve the performance of the query over encrypted database. This approach based on using hash map function to generate a unique hash value for each and every sensitive data. In this a proposed approach, there are no relationship between the hashed value and encrypted value. This method can reduce the cost of the encryption and decryption operations and improve the query performance. Results of the set of experiments show that the query performance over encrypted data reduces the response time to 25s, 51s, 34s, 61s and 31s for queries 1, 2, 3,4 and 5; respectively. The comparison with other methods are carried out when database size is ranging from 50,000 to 100,000 rows.

Location-Aware Mobile Learning Model: A Case for Positioning Performance Measurements

This research work explores the use of mobile and positioning technologies stimulating a context adaptive and location-based learning model. The proposed model utilizes a set of context factors for learning service dissemination; described as learning service area, learning service type, and service interaction level. In addition, the new model considers the availability of positioning technology for authoring location-based learning content, and for accurately disseminating learning services. Hence, tolerance to position errors is used to classify learning services into two types; generic and specific. An evaluation experiment was conducted measuring the relationship between the positioning performance and successful implementation of the m-learning model. Results have shown a significant affect of position accuracy towards learners’ context understanding and interaction with learning activity.

Mobility Handoff Management During Active Session Using H.323 Protocol

Mobility Support Requiers an efficient Handoff mechanism to handle the new conditions that might occure during handoff .However, the mobile terminal will experience call disruption due to message losses if the cells do not overlap closely enough to complete a handoff before the old connection is lost. In this work we present the mobile IP model compering to the H.323 protocol model trying to enhance the existing H.323 model for better handoff managment. Our approach allows, during handoff, a mobile terminal to simply close an existing logical channel for an old cell and open a logical channel for a new cell without an extra H.323 connection. The proposed approach needs no modification to the existing H.323 message set and handles environment changes such as bandwidth after handoff, to reduce the handover latency and packet loss during handover. The delay can be reduced and the mobile terminal can handle handoff without MC (Multipoint Controler) functionality .