Today’s society is one where technological advances are made daily, which
increases the need to stop and assess the risks against users’ integrity when
integrating new technology in contemporary systems all the greater. We have
taken two technologies, Near Field Communication and Certified Wireless USB,
whose envisioned area of use is to be integrated into mobile phones, and
evaluated what security threats are revealed for the respective technologies.
The threats against security have been identified through research of the
standards and existing reports for each technology. Practical experiments have
not been conducted on account of us not having access to any equipment to run
such trials. The result of our studies is indecisive; pitched against Certified
Wireless USB’s rigorous and robust security measures, implemented on hardware
level, Near Field Communication’s lack of any such security implementations
shines all the brighter. The real difference can be traced to the philosophy
behind the technologies – Certified Wireless USB can be perceived as a complete
product, while Near Field Communication bears more resemblance to a tool. In
order to safely use a tool, knowledge about its use is required, thus in order
to securely use Near Field Communication we propose two solutions; secure
channel and secure identification, which developers can implement on a software
level. Furthermore, we suggest that the implementation of security should be
based on an incremental model where the security measures are scaled up in
direct correlation with the sensitivity of the information managed. Our results
imply that Near Field Communication does not have the inherent security that it
should have in order to be safely and securely integrated into any system as it
is. Therefore, measures have to be taken in order to implement this technology
securely on a software level. For Certified Wireless USB it implies that
nothing further is needed t...
