Information security of a bluetooth-enabled handheld device

M.Tech. === Mobile handheld devices are moving from being peripheral devices and are now fulfilling functionality provided by laptops and desktops. The capability and functionality of handheld devices have improved. This makes the devices more prominent within public and private environments, allowi...

Full description

Bibliographic Details
Main Author: Tvrz, Frankie
Published: 2009
Subjects:
Online Access:http://hdl.handle.net/10210/3004
Description
Summary:M.Tech. === Mobile handheld devices are moving from being peripheral devices and are now fulfilling functionality provided by laptops and desktops. The capability and functionality of handheld devices have improved. This makes the devices more prominent within public and private environments, allowing information to be processed inside and outside of the organisation’s network. Of all mobile handheld devices, the personal digital assistant (PDA) is seen to be more robust and powerful, increasing its use and popularity among users. PDAs offer wireless connectivity like Bluetooth and operate with multiple operating systems, also allowing them to be considered as a private or organisational enterprise tool. Bluetooth connectivity allows workers to access information anywhere, including both personal and corporate information. Software and applications have been specifically developed for handheld devices such as PDAs, giving users a high level of usability and functionality. The purpose of this dissertation is to present an information security evaluation of a Bluetooth-enabled handheld device, such as a PDA. The use of Bluetooth wireless technology and functionality provides added benefits, but also brings new information security threats to an organisation’s information assets. The research attempts to understand the implications of using a Bluetooth-enabled handheld device in both public and private environments. Five high-level layers are defined for this discussion. Information security risks are evaluated based on current research into vulnerabilities, attacks and tools that exist to compromise a Bluetooth-enabled handheld device. A Bluetooth penetration testing methodology is suggested for the identified vulnerabilities, attacks and tools, where a practical assessment is performed for a critical analysis of the information security mechanisms implemented by the Bluetooth-enabled handheld device (PDA). Possible recommendations to mitigate identified information security risks are also made. This study motivates the necessity of understanding the risks presented by a mobile workforce using Bluetooth connectivity in mobile handheld devices which can be used in both private and public environments.