TY - GEN
T1 - Securing app distribution process of iOS exploiting the notion of authentic update
AU - Akter, Sajeda
AU - Rahman, Farzana
AU - Al Islam, A. B.M.Alim
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/2/5
Y1 - 2016/2/5
N2 - iOS is, perhaps, considered as one of the most secured and reliable operating systems available now-a-days. However, its loopholes are coming into light in recent times causing a few security breaches such as the Masque attack. Even though prompt and pragmatic fixes for such breaches are of utmost significance, a fix for the Masque attack is yet to be proposed. To address this issue, in this paper, we propose a novel mechanism for guarding against the Masque attack. In our proposed mechanism, we exploit a synergy between authentication and non-repudiation to guard against different forms of Masque attack. Our exploitation leads towards a simple mechanism for preventing Replay attacks and for rejecting unauthenticated update, both of which generally paves the way of performing Masque attack. Consequently, the mechanism offers a pragmatic and easy-to-implement solution for the Masque attack.
AB - iOS is, perhaps, considered as one of the most secured and reliable operating systems available now-a-days. However, its loopholes are coming into light in recent times causing a few security breaches such as the Masque attack. Even though prompt and pragmatic fixes for such breaches are of utmost significance, a fix for the Masque attack is yet to be proposed. To address this issue, in this paper, we propose a novel mechanism for guarding against the Masque attack. In our proposed mechanism, we exploit a synergy between authentication and non-repudiation to guard against different forms of Masque attack. Our exploitation leads towards a simple mechanism for preventing Replay attacks and for rejecting unauthenticated update, both of which generally paves the way of performing Masque attack. Consequently, the mechanism offers a pragmatic and easy-to-implement solution for the Masque attack.
UR - http://www.scopus.com/inward/record.url?scp=84964262061&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84964262061&partnerID=8YFLogxK
U2 - 10.1109/NSysS.2016.7400689
DO - 10.1109/NSysS.2016.7400689
M3 - Conference contribution
AN - SCOPUS:84964262061
T3 - Proceedings of 2016 International Conference on Networking Systems and Security, NSysS 2016
BT - Proceedings of 2016 International Conference on Networking Systems and Security, NSysS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - International Conference on Networking Systems and Security, NSysS 2016
Y2 - 7 January 2016 through 9 January 2016
ER -