NFC özellikli mobil cihazların kullanıldığı relay saldırılarını önleyen bağlama duyarlı bir güvenlik modelinin tasarımı.


Tezin Türü: Doktora

Tezin Yürütüldüğü Kurum: Orta Doğu Teknik Üniversitesi, Türkiye

Tezin Onay Tarihi: 2020

Öğrenci: Davut Çavdar

Danışman: AYSU BETİN CAN

Özet:

Near Field Communication (NFC) is a promising communication technology used in smart mobile devices. As an effective and flexible communication technology, NFC is frequently used in innovative solutions nowadays such as payment, access control etc. Because of the nature of these transactions, security is an important issue since NFC is used in critical applications such as payment and access control. There are several attacks mentioned in literature against NFC-enabled applications, yet, none of the security solutions offered provides sufficient protection for NFC enabled access control systems due to their static nature. In this context, the contribution of this work is threefold. First, we demonstrate how easy to perform such attacks implementing a relay attack in a realistic testbed. Second, we propose a context-aware security model for preventing relay attacks for NFC enabled mobile devices even if attackers compromise authentication tokens. Third, we prove the validity of our proposed security model both theoretically by formal verification and practically by the deployment of the model on a testbed infrastructure where we also analyze the performance in comparison to other approaches.