Author_Institution :
EADS North America Test & Services, Irvine, CA, USA
Abstract :
Measurement data collected from hardware systems using a mobile application needs to be protected from falling into malicious hands. To circumvent security concerns, many sensitive ATE systems are simply isolated from networks and run in stand-alone environments. Using mobile connections with ATE equipment introduces a whole new level of security issues which can be a large concern for many companies. These concerns can generally be overcome by using a number of industry standard security protocols. Mobile application developers need to focus on several main areas when securing data: the mobile device´s configuration, the application running on the mobile device, the the equipment communicating to the mobile device, and the wireless connection between the ATE equipment and the mobile device. First and foremost the mobile device must be free of any security threat before adding a new application. If the mobile device has already been compromised or can be easily compromised in the future, the new application will also be compromised the instant it is installed. Next, mobile applications should be security hardened by employing a number of techniques including disabling the caching of secure data, preventing escalation of privileges, and restricting the execution of untrusted code. Many of the techniques that can be used are similar to good practices that should be applied when programming non-mobile applications. On the ATE side, the system making the measurements and/or pushing the data out to the mobile device could use an https connection, data encryption, and user authentication to ensure that non-trusted sources will not have access to the measurement data. Finally the wireless connection between the device and the server should be secured by employing various access point security protocols such as WPA, WPA2, HTTPS, and AES encryption. This paper will discuss various techniques and protocols which will help ensure a safe and secure system for mobile applicati- n use in the ATE industry.
Keywords :
automatic test equipment; cryptographic protocols; message authentication; mobile computing; AES encryption; HTTP connection; WPA2; access point security protocol; data encryption; data security; hardware system; industry standard security protocol; malicious hand; measurement data; mobile application developer; mobile automatic test equipment; mobile device configuration; security issue; stand-alone environment; user authentication; wireless connection; Androids; Companies; Humanoid robots; Mobile communication; Mobile handsets; Security; Servers;
