Gatekeeper: providing secure interoperability between mobile web-browser and local resources
Pages 59 - 62
Abstract
The most popular platforms being developed currently are those used in mobile devices. In particular, mobile Web-based services have attracted the attention of platform developers. However, mobile Web applications offer limited functionality. Therefore, in this paper, we propose a scheme called Gatekeeper, which offers secure interworking for mobile Web-browsers that maintains the convenience of normal Web use. In our scheme, a Web-browser calls Gatekeeper using a URL protocol handler. Gatekeeper then provides secure communication using pre-established keys shared between a remote server and local resource. Compared to related studies, the Gatekeeper scheme shows an improvement in security. Moreover, the scheme is not constrained to a specific environment.
References
[1]
]]ITU-D, "The WORLD IN 2009: ICT FACTS AND FIGURES, ITU TELECOM WORLD 2009", 2009.10. {online} Available: http://www.itu.int/ITU-D/ict/material/Telecom09_flyer.pdf
[2]
]]Cowen and Company, "wireless equipment", November 2008.
[3]
]]IDC, "Worldwide Quarterly Mobile Phone Tracker", April 2010.
[4]
]]Sang Ok Park, "The Framework for Providing Compatibility to various Web Browser Plug-ins", Master's Thesis, KAIST, August 2009.
[5]
]]Jesse James Garrett, "Ajax: A New Approach to Web Applications", February 2005. {online} Available: http://www.adaptivepath.com/ideas/essays/archives/000385.php
[6]
]]J. Ruderman, "Same origin policy for JavaScript", 2008. {online} Available: http://developer.mozilla.org/En/Same_origin_policy_for_JavaScript.
[7]
]]Ian Hickson, "HTML5 Web Messaging", Editor's Draft 15, W3C, June 2010. {online} Available: http://www.w3.org/TR/postmsg/
[8]
]]D. Chappell, "Understanding ActiveX and OLE", Microsoft Press, 1997.
[9]
]]T. Berners-Lee, R. Fielding, and H. Frystyck, "Hypertext Transfer Protocol-HTTP/1.0", RFC 1945, May 1998.
[10]
]]Tomas Joelsson, "Mobile Web Browser Extensions", Master of Science Thesis, KTH Information and Communication Technology, July 2008.
[11]
]]Sing Li and Jonathan Knudsen, "Beginning J2ME Platform, From Novice to Professional", Apress, third edition, 2005
[12]
]]R. Petke and I. King, "Registration Procedures for URL Scheme Names", RFC 2717, November 1999.
[13]
]]Y. Oiwa, H. Watanabe, H. Takagi, and H.Suzuki, "Mutual Authentication Protocol for HTTP", IETF Internet Draft, February 2010. {online} Available: http://tools.ietf.org/html/draft-oiwa-http-mutualauth-06
[14]
]]International Organization for Standardization, "Information technology - Security techniques - Key management - Part 4: Mechanisms based on weak secrets", ISO Standard 11770-4, May 2006.
Index Terms
- Gatekeeper: providing secure interoperability between mobile web-browser and local resources
Recommendations
A Web-based, Offline-able, and Personalized Runtime Environment for executing applications on mobile devices
An increasing number of people use cell phones daily. Users are not only capable of making phone calls, but can also install applications on their mobile phones. When creating mobile applications, developers usually encounter the cross-platform ...
A Cross-Platform Runtime Environment for Mobile Widget-Based Application
CYBERC '11: Proceedings of the 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge DiscoveryIn recent years, the market of mobile device keeps growing dramatically. Apple iPhone and Google Android are the two representatives of this kind of devices. However, the mobile applications of these platforms can only be executed on some specific ...
A Mobile Peer-to-Peer Search and Retrieval Service for Social Networks
MS '12: Proceedings of the 2012 IEEE First International Conference on Mobile ServicesThis paper describes iTrust over SMS, a peer-to-peer search andretrieval service for social networks of mobile devices. iTrust overSMS enables mobile devices to collaborate with other mobile devices to distribute, search for, and retrieve information ...
Comments
Information & Contributors
Information
Published In
October 2010
70 pages
Copyright © 2010 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 08 October 2010
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CCS '10
Sponsor:
CCS '10: 17th ACM Conference on Computer and Communications Security 2010
October 8, 2010
Illinois, Chicago, USA
Acceptance Rates
DIM '10 Paper Acceptance Rate 8 of 16 submissions, 50%;
Overall Acceptance Rate 16 of 34 submissions, 47%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 180Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in