MPKIX: Towards More Accountable and Secure Internet Application Services via Mobile Networked Systems

Tian Xie, Sihan Wang, Xinyu Lei, Jingwen Shi, Guan Hua Tu, Chi Yu Li

研究成果: Article同行評審

摘要

Nowadays, both Internet Application Service (IAS) providers and users face various security threats and legal issues. Due to the lack of reliable user information verification mechanisms, adversaries can abuse IASs to launch various cyberattacks, such as misinformation distributing and phishing, by using fake user accounts. IAS providers may thus inadvertently offer inappropriate content to restricted users, thereby suffering a serious risk of prosecution under local or international laws. Also, IAS users may suffer from nefarious ID theft attacks. In this paper, we proposed a novel security framework, MPKIX, designated as Mobile-assisted PKIX (Public-Key Infrastructure X.509). MPKIX secures both IAS providers and users by leveraging the broadly used PKIX services and mobile networked systems. It not only provides IAS providers with a reliable user verification mechanism while simultaneously enabling cross-IAS user privacy protection, but also largely mitigates the possibility of ID theft attacks and benefits other involved parties, such as cellular network operators and PKIX service providers. We further conduct a security analysis of MPKIX and implement an MPKIX prototype. The evaluation results based on the prototype confirm the effectiveness and efficiency of MPKIX with low overhead.

原文English
期刊IEEE Transactions on Mobile Computing
DOIs
出版狀態Accepted/In press - 2022

指紋

深入研究「MPKIX: Towards More Accountable and Secure Internet Application Services via Mobile Networked Systems」主題。共同形成了獨特的指紋。

引用此