Running Head: CYBER SECURITY IN MOBILE COMPUTING
1
S. Raghuram, "Man in the Cloud: Threat, Impact, Resolution, and the Bigger Picture," blog, 2015;
www.skyhighnetworks.com/cloud-security-blog/manin-the-cloud-threat-impactresolution-and-the-bigger-picture/ [accessed 8/23/2016]
Raghuram article describes the use cloud applications and services to avoid cyber-attacks,
to stay secure and compliant. He furthermore describes getting the visibility of the IT and
governance over mobile computing and data in clouds apps and how they are protected
against threats targeting cloud accounts. He describes how to achieve a better security with
less complexity. His article points out a clear indication and criticizes the removal of
CASBS, and rather it explains the importance of integrating it with the existing security
infrastructure to improve the management of the security in cloud computing. The article
explains the use of CloudSOC, which integrates with Symantec DLP, SWG, Endpoint,
Encryption, ATP, and Authentication will enhance a strong security coverage with a
reduction in operational cost and complexity. This article, therefore, is a good resource for
the Cyber-attacks security research; however, some of the contents in the article are not
indicating the cyber-attack concerns rather just explaining it in cloud computing
perspective only.
L. Francis et al., "Practical NFC peer-to-peer relay attack using mobile phones," in Proceedings of
the 6th international conference on Radio frequency identification: security and privacy
issues (RFID.
This article explains the use of NFC as a standardized technology that provides short-range
RFID communications channels for mobile devices. The issues of peer-to-peer applications
CYBER SECURITY IN MOBILE COMPUTING
2
in mobile devices are receiving increased interests, and in some cases, these services are
relying on the NFC communications. The article has relied much more on the suggestions
about the NFC systems and how they are vulnerable to attacks. The author finally gives a
conclusion that the attacks on the proxy devices are more likely to be implemented off-theshelf. Furthermore, the article describes how an attack can be implemented against systems
by use of the peer-to-peer NFC communication by developing and installing suitable
MIDlets on the attacker's NFC-enabled mobile phones. The article seemed to contradict
with other sources on how the attacks access the secure program rather it only suggest the
use of the APIs gain access. The article is purely good for researching security-related
issues in mobile computing and cyber-attacks. However, it only majors its focus on the
mobile environment and its countermeasure yet the computing field is very wide, and all
are subjected to different if not same threats.
M. Georgiev et al., "The most dangerous code in the world: validating SSL certificates in nonbrowser software," in Proceedings of the 2012 ACM conference on Computer and
communications security.
The article purely talks about Secure Sockets Layer (SSL) as the main factor for secure
Internet communications. It describes that the security of SSL connections security
depends on correctly validating the public-key certificates presented when establishing the
network security infrastructure. He demonstrated on how the SSL certificate validation is
completely broken in many security-critical applications and libraries. The article explains
CYBER SECURITY IN MOBILE COMPUTING
3
the cause of the mobile computing vulnerabilities. However, the vulnerabilities sources are
not described rather they are badly described with a confusing array of settings and options.
This article is very important to anyone who researches SSL certificate and cryptography
issues in the computing environment. Writes about how fierce Geronimo was at his early
age a character that made him be adored by more and thus was given a chance to lead his
people. Finally, to extend my understanding, it is good to use some of outside sources that
he has cited in his work. This will help you add more content your research.
K. Zetter, "Darkhotel: A Sophisticated New Hacking Attack Targets high profile Hotel Guests,"
Wired, 10 Nov. 2014
The article deals with the controversial issues surrounding the mobile technology,
information technology and cyber-security attacks and threats. The author moves on and
explains on how the guest hotel executed malicious programs that they were directed by
the attackers and explained on how mobile technology has encouraged the cyber-attacks
on different platforms. In the article, it does not give the outside sources as a point of
reference in case one would like to know where the information was extracted from. This,
therefore, makes the article to be doubted when compared to other sources that I have
cited. The author only focuses on the executable malicious programs directed to the
network and simply giving out the whole threat and what are the vulnerabilities
associated with. Further for good research, the article requires a backup of other sources
for it to bring a clear knowledge on cyber-attacks about mobile computing.
CYBER SECURITY IN MOBILE COMPUTING
4
S. Merlot, "FTC Goes After Firm for Tracking Shoppers' Cell Phones," PCMag, 24 Apr. 2015;
www.pcmag.com/article2/0,2817,2482985,00.asp
In this article, the author talks about the company that allows tracking consumers'
movement through their stores. He critics the company for not informing their customers
that their information was tracked, rather they had a responsibility of cautioning them.
The article explains the number of customers’ information. It indicates that for the
company to avoid cyber-attacks and security threats, its import for the company to their
privacy promises to customers when implementing the new technology. The author uses
quite some useful sources that can give specific information about how to avoid these
threats. The article is useful for researching the impacts of new mobile technologies in
relationship to security threads. To narrow the area of study, it is advisable to use the
sources cited as outside sources to look for more understanding and to broaden the
knowledge. This journal is good for citing as a resource, but only it has a small problem
whereby it didn't classify the specific threats that sharing of information in mobile
distributed systems face. Therefore it is recommended to back up with other external
sources to avoid the narrow point of view of the author.
L. Carettoni, C. Merloni, and S. Zanero, "Studying Bluetooth Malware NISTIR 8144 (DRAFT)
ASSESSING THREATS TO MOBILE TECHNOLOGIES 24 Propagation: The BlueBag
Project", Proceedings of the 2007 IEEE Symposium on Security and Privacy, pp. 17-25,
2007.
CYBER SECURITY IN MOBILE COMPUTING
5
The journal is about how wireless and hoc networks play a crucial role in communication
dominance in the market. The journal particularly explains the need for having or
deploying a decentralized system and protocols so that no single node is exposed the
vulnerability of the network to avoid mobile-based attacks in the company. The author
focused more on multicasting applications for the tactical networks, where information has
to be distributed from the source to different nodes.
Z. Wang et al., "Implementation and Analysis of a Practical NFC Relay Attack Example," in
Proceedings of the 2012 Second International Conference on Instrumentation,
Measurement, Computer, Communication, and Control, 2012, pp 143-146
This article focuses on the Near Field Communication (NFC), this is a kind of
technology that provide close with RFD communication channel based on mobile
devices. The author describes and gives examples on how peer-to-peer application based
on mobile devices and how they rely on NFC. A clear description of the security
problems the NFC system is facing which are susceptible to the relay attacks. This article
furthermore explains the mobile-based attacks happen on a peer-to-peer NFC
technology. This source is very important for researching cybersecurity topics that relate
to mobile dives. This because a vivid description of how attackers use mobile phone with
the NFC functions on Android platforms to install and run malicious programs. The
source is very reliable for more research, and it can be used solely because it comprises
several external references.
CYBER SECURITY IN MOBILE COMPUTING
6
M. Maass et al., Demo: NFCGate - An NFC Relay Application for Android [Extended Abstract],
presented at 8th ACM Conference on Security and Privacy in Wireless and Mobile
Networks, 26 June 2015; https://github.com/nfcgate/nfcgat
The author of the article explains the problems and threats that the mobile devices pose to
the enterprises. It points out that it might be very difficult to use isolated sandboxes and
remote wipe device, because all may fail to mitigate the security challenges associated
with the complexity of mobile information systems. He writes that there is the need to a
set security controls and countermeasures that address threats posed by the use of mobiles
in a holistic manner. The author is very clear on the issues, and he provides the reasons
why enterprises should put in place a mobile security system to control the cybersecurity
issues. This source according to my view is very legitimate to be used in research because
it gives a lot of broad areas concerning the topic. This includes cellular networks and the
cloud infrastructure that is used to support mobile application and other mobile devices.
C. Miller, Exploring the NFC Attack Surface, BLackhart presentation, 5 July 2012;
https://mediaattacks.blackhat.com/bh-us12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
The article as well describes how the NFC technology has been used in mobile devices n
some developed countries to mitigate the risks of cyber-security. Also, the description of
the emerging mobile devices technology is described. The author explains how the NFC
technology enables the mobile devices to communicate with each other in close range to
avoid being exposed to vulnerabilities. This article explores more on how NFC and its
CYBER SECURITY IN MOBILE COMPUTING
7
associated protocols are integrated to provide reliable and secure communication systems.
The main focus of the article is on how to build software that can take control the issues
associated with mobile communication and sharing of information be it personal or
enterprise based communication. The article is useful and more important for those who
want to carry out research, and I can prove that the authors ensured that all the contents of
the article are tangible.
M. Brignall, “Sim-Swap Fraud Claims Another Mobile Banking Victim," The Guardian, 16 Apr. 2016
This article describes the challenge the e-commerce and the mCommerce sector are facing with
the rise of mobile fraud. The author focuses on the how the companies practicing ecommerce and m-commerce should do to ensure implementation of fraud management.
The article although gives the negatives site on the mobile technology although the positive
sector and less depicted. Possible countermeasure to create a firm and secure mobile
channel for business also is narrated in the article. The author suggests the use of devices
that implement an integrated SIM or eSIM that cannot be readily replaced by malicious
components and the use of strong physical controls also is important. This source is very
relevant to the topic, and its publication has an impact on various stakeholders be it the
researchers, e-commerce companies and also the customers who practice e-commerce or
m-commerce.
D. Goodin, "New Attack Steals Secret Crypto Keys from Android and iOS Phones," Ars Technica,
3 Mar. 2016; secret-crypto keys-from-android-and-ios-phon
CYBER SECURITY IN MOBILE COMPUTING
8
This journal mainly describes the controversial issues associated with mobile security threats
surrounding the iPhone users. The article gives us the background understanding of the
main security issues facing the mobile users which he describes as manufactures problem
and not its users. Based on the mobile devices and cybersecurity concerns the author points
out that despite criticizing the manufactures also the end users should ensure they have a
well-integrated system to protects any mobile operation from malicious attacks. He stresses
the innovativeness among the youth in this century, which according to him it poses risks
as per as mobile computing is a concern. The article doesn't provide external sources.
Therefore, it is not much reliable for quality research.
J. Cichonski, J.M. Franklin, and M. Bartock, Architecture Overview and Security Analysis,
National Institute of Standards and Technology, 2016;
This article describes the architecture overview and security analysis in mobile computing
technologies. It explains on how the new design of optimal utility that is associated with
mobile call admission control framework by the use of Bacterial Foraging Optimization.
The aim of this is to maximize the quality of service and to reduce the performances
degradation as well mobile usage security issues. The author also provided some of the
standard physical security mitigations that the industry should implement to ensure a good
system that is free from vulnerabilities and attacks. The article is very clear to comprehend
and so useful for research although it must be accompanied by other externals sources
because the author majored mostly on call security concerns.
WRTG 391
Writing Assignment #2
The Critical Annotated Bibliography
Writing Assignment #2 will be a critical annotated bibliography of 12 sources.
In this assignment you will write a list of at least 12 references in alphabetical order in APA format. In
addition, each reference will be followed by a short analytical summary of 150-200 words.
At the end of the short summary, you will include a sentence or two that critically analyzes the source
and that mentions distinctive features about the article and why it may or may not be useful for you in
writing a literature review.
You may select a topic of your choice. However, when selecting a topic, keep in mind that it
should be a topic on which a number of studies or scholarly articles have been published.
Examples of topics students have chosen in the past or that would be workable for this assignment are
the following:
Moreover, the following website from UMUC's Information and Library Services provides more
information on how to complete this assignment:
http://sites.umuc.edu/library/libhow/bibliography_apa.cfm
The following are some links to sample Annotated Bibliographies. Some of them give examples in
APA format. You may want to observe these examples and perhaps model your work after them.
.
A variety of samples from The University of North Carolina Writing Center, including these
specific examples of APA-style annotations.
Some instruction from Cornell University. The website also provides more information on the
process of writing an annotated bibliography.
Some instruction from East Carolina University.
Examples of topics students have chosen in the past or that would be workable for this assignment are
the following:
.
The impact of the Internet on research methods of students and plagiarism in student papers
The impact of The No Child Left Behind (NCLB) Act on primary school education
The impact of mobile devices on cybersecurity
.
Overall, in considering a topic, you might consider your major, topics that will be covered in future
classes you plan to take at UMUC, and your interests.
For example, please examine the following ideas:
If your major is criminal justice, you might consider researching criminal behavior among
homeless individuals, criminal behavior among youth, society's perception of law enforcement,
etc.
If your major is psychology, you might consider researching counseling strategies, consumer
behavior in online shopping, decision-making in upper-management positions, etc.
If your major is history, you might consider researching theories on the Civil War, studies on
labor patterns in the United States, an aspect of military history, etc.
If your major is social science, you might consider researching community responses to health
care threats, co-parenting patterns after divorce, etc.
If your major is graphic communication, you might consider researching different categories of
graphic communication technology, trends in graphic communication through the years, etc.
Whatever topic you consider, keep in mind that it should be a topic on which a number of studies
or scholarly articles have been published. You will conduct all or most of your research using
UMUC's OneSearch function in finding scholarly articles.
This assignment will be an analytical/critical/ annotated bibliography. The difference between the
descriptive/informative annotated bibliography and the analytical/critical annotated bibliography is
explained in the following video:
http://sites.umuc.edu/library/libhow/bibliography tutorial.cfm
The transcript is at http://sites.umuc.edu/library/libhow/bibliography tutorial.cfm#transcript
Purchase answer to see full
attachment