Nader M. Nassar

Context Sensitive Smart Device Command Recognition and Negotiation

The Internet of Things (IoT) represents a dramatic shift in how computing and communication interrelate. Devices can potentially connect to anything at any time in any place. While many researchers focus on how to make the IoT seamless, faster, and add more devices into the mesh, our approach is to introduce a new approach whereby devices not only communicate, but also have a level of context awareness that results in optimal intelligence among the mesh of connected devices.

Method for secure credit card transaction

Traditional credit cards are not secured as the card numbers could be copied and repetitively used for unauthorized transactions. Credit card security is a major concern for any business establishment. With that in mind, it is hard to put the blame of credit card fraud on one entity versus another (card issuer, card holder, card processor, or funds collector) because all share the same risk. The answer to credit card security is to secure the payment process between the card issuer, and the card reader terminal. By securing those two end points and ensuring that card number is not known to any other entity between those two end points, the card itself would not hold any value even if it got lost or stolen. This paper introduces a new approach to credit card security which takes the pardon and the risk away from all entities by securing the card number so that only the issuer and the reader know what it is. Technically this approach reduces the chances of card fraud by exponential magnitude.

Techniques and real world experiences in mobile device security

Mobile devices have become ubiquitous in todays technology-enabled organization. Not only have they become commonplace, many business practices have not only matured to support mobile interaction, but embraced it at all levels, culminating in a rising “mobile first” philosophy throughout the organization. With this rise in mobile presence, however, comes significant challenges. The rise of “Bring Your Own Device” (BYOD) brings new requirements on organizations, including new approaches to security, data protection and information flows. It no longer suffices to craft organizational policies and procedures around wholly-owned corporate devices; todays security policy makers must craft more flexible and dynamic systems that can support privately- owned devices. Here in this paper, we discuss the many different factors and considerations that go into approaching security for mobile devices in an organization, not just from existing technologies, but to our experience in putting these models to use in the enterprise. We talk about not only high-level techniques, such as encryption and identity/authorization, but also of new and developing security approaches surrounding the mobile ecosystem. We will show examples of our own experiments in novel security approaches, and discuss our successes and failures in the course of bringing our organizational security.

Enhanced mobile security using SIM encryption

Mobile security is a main topic of concern for the enterprise. Corporate data stored in employees device post a potential security risk of getting lost, stolen or get accessed by unauthorized personal. There are many solutions in the market that addresses this issue. Most of these solutions revolve around applying stronger password, others make use of the encryption of either full or partial hard drive. Data encryption for mobile devices is a known art. However, the existing mobile data encryption solutions share the same methodology with slight implementation variation. The common techniques used to secure mobile data and or mobile code is wither on the application layer using software encryption or on the hardware layer. Our proposed solution introduces a new approach for securing data in mobile devices with encryption technique that is integrated with the mobile SIM card and robust enough to accommodate the common use case of mobile upgrade and yet keep corporate data encrypted.