Title :
Secure authorization, access control and data integrity in Bluetooth
Author :
Nguyen, Lan ; Safavi-Naini, Rei ; Susilo, Willy ; Wysocki, Tadeusz
Author_Institution :
Centre for Comput. Security Res., Wollongong Univ., NSW, Australia
Abstract :
The Bluetooth standard has a provision for mutual authentication of connecting devices but not their actual users and allows access control during connection setup only. We propose a user authorization and pairing (UAP) application, that has the ability to perform authentication and authorization of users using role based model. The pairing procedure, which exchanges link key between devices, is also performed as a part of the user authorization process. The integrity of the message is guaranteed by using message authentication codes. We also extend an attack on a short PIN during the pairing procedure for devices compliant with the Bluetooth specification version 1.1.
Keywords :
Bluetooth; access protocols; authorisation; cryptography; data integrity; message authentication; telecommunication security; Bluetooth specification version 1.1; Bluetooth standard; MAC protocol; access control; data integrity; encryption algorithm; link key exchange; message authentication codes; notebook computers; personal area network; role based model; secure authorization; short PIN attack; user authentication; user authorization and pairing; Access control; Authentication; Authorization; Bluetooth; Cryptography; Personal digital assistants; Protection; Security; Teeth; Wireless communication;
Conference_Titel :
Networks, 2002. ICON 2002. 10th IEEE International Conference on
Print_ISBN :
0-7803-7533-5
DOI :
10.1109/ICON.2002.1033349
