Mobile devices can provide many benefits to the warfighter, from health monitoring to navigation assistance. Since these uses will involve critical data in transit and at rest on the mobile device, securing the device is imperative. Existing techniques require too much overhead for mobile devices. This project proposes to build MSPECS, Mobile Storage Protection & Efficient Communication Security, upon CFDRCs existing data integrity technology to add new low-overhead encryption methods to mobile devices. In addition to protecting both the communication and storage of the devices, this project will protect the data on a mobile device from theft. In Phase I, a preliminary version of the system will be developed and tested based on the resource requirements of a mobile device. To show feasibility, several security engineers will perform information assurance attacks against a protected mobile device. A complete performance evaluation of the system will also be conducted during Phase I to demonstrate its applicability to mobile devices based on resource limitations. During Phase II, new communication protections will be added to the system and a complete external security review will be performed by an independent company.
Benefit: The mobile device security solution developed under this project, called MSPECS, will be greatly beneficial to the DoD as they move to more personal area-based networks. MSPECSs low-overhead encryption techniques for protecting both data in transit and at rest will provide needed protection to the critical data contained in a warfighters equipment. The MSPECS protection against stolen devices, rendering the data contained on them useless, will also be of value to the DoD by providing an anti-tamper method of protecting critical data from enemies that might capture a device. During Phase III, CFDRC will help the DoD incorporate the MSPECS technology into their mobile devices. In addition to incorporating MSPECS on military devices, CFDRC will also deploy the technology to medical device manufacturers. During Phase II, CFDRC will provide an end-to-end demonstration showing how MSPECS can protect critical data sent from the sensor to the mobile device and on to a remote server. CFDRC will use the end-to-end demonstration to market the MSPECS technology to device manufacturers. One such manufacturer already showing interest is Halo Monitoring, a small business providing a philological medial sensor. During Phase III, CFDRC will work with Halo Monitoring and other health manufacturing companies to incorporate the MSPECS technology onto their mobile devices and sensors.
Keywords: Cryptography, Encryption, Data Integrity, Mobile Devices, Embedded Systems