MobiSecServ 2016 - Second Conference On Mobile And Secure Services, 26-27 February 2016

University of Florida,Gainesville, FL 32611

26-27 February 2016

MobiSecServ is sponsored by the The IEEE Gainesville Florida IEEE Section.
IEEE conference ID 37761

Papers will be published in the IEEE Xplore Digital Library
ISBN: 978-1-4673-9684-4
PartNumber: CFP16RAC-PRT

Full and Short Papers deadline: November 30th 2015
The submission link for EDAS is the following

Posters and Works in Progress deadline: January 11th 2016
The submission link for EDAS is the following

The first MobiSecServ held in February 2015 at the Gainesville University, see the conference website
A video of MobiSecServ 2015 is available at this link

An early version of MobiSecServ was organized in February 2014 at the Gainesville University, see the workshop website

A video of this previous event is available at this link

The University of Florida (UF) is a major, public, comprehensive, land-grant, research university. With more than 50,000 students, UF is now one of the largest universities in the nation. UF has a 2,000-acre campus and more than 900 buildings (including 170 with classrooms and laboratories).

Agenda (draft)

Location: 101 Stuzin Hall, University of Florida Campus, Gainesville,Florida, 32601, USA

Friday February 26th

10h45: Welcome
Selwyn Piramuthu, University Of Florida

11h00-12h00: Tutorial 1
"The SIMulation project: Secure mobile NFC service in the cloud, a HCE legacy payment use case"
Pascal Urien, Telecom ParisTech and Xavier Aghina, Orange Labs

SIMulation is a research project involving Telecom Paristech and Orange laboratories. The main idea is to deploy secure NFC services in the cloud, secured by SIM modules. From a technological point of view it is based on Host Card Emulation (HCE), Open Mobile API, RACS servers, and SIM modules providing strong mutual authentication and TLS secure channels. Experiments were successfully performed in France over the 3G/4G networks with commercial mobiles in order to perform NFC mobile payments.

Xavier Aghina works in the security department at Orange Labs as a cyber-security expert and technical project leader. He manages a mobile payment research program whose main focus is to design and implement security solutions. He also provides active support and consultancy to other Orange subsidiaries within my main area of expertise security audit, risk analysis, vulnerability assessment and recommendations.

Pascal Urien is full professor at Telecom ParisTech, and coFounder of the EtherTrust Company. His main research interests include security and secure elements, especially for networks and distributed computing architectures. He wrote about one hundred papers dealing with these topics and holds fifteen patents.

12h00-13h30: Lunch

13h30-14h30: Tutorial 2
"Is it easier to fraud with mobile phone paiement than with contactless card paiement?" Pr Marc Pasquet

Marc Pasquet is full professor at ENSICAEN, France. He obtained his Master degree from ENSAM (Ecole Nationale Supérieure des Arts et Métiers) in 1977. He worked for 13 years for different companies belonging to the signal transmission field and 15 years for the banking sector in the field of electronic payment. He joined ENSICAEN (National Engineer School of Caen in France) in 2006 where he is now leading research in the field of secure electronic payment architecture

Investigating the Keylogging threat in Android - User Perspective
Fadi Mohsen, Emmanuel Bello-Ogunu and Mohamed Shehab
Department of Software and Information Systems University of North Carolina at Charlotte

Improvising performance of Advanced Encryption Standard Algorithm
Mokshitha Pathuri, Subhakar Yandrathi, Vandan Pendli, Abdul Razaque
Department of Electrical Engineering, Cleveland State University, Cleveland State University, Cleveland, Ohio.

An Online Security Protocol for NFC Payment Formally Analyzed by The Scyther Tool
Nour El Madhoun, Fouad Guenane Guy Pujolle
Sorbonne Universités, UPMC University Paris 6, France
Devoteam Group, France

Mobile Payment Security, Threats, and Challenges
Yong Wang Christen Hahn and Kruttika Sutrave
College of Computing College of Computing Dakota State University Dakota State University

17h00-17h30: break

17h30-18h15: Panel
The future of mobile payment, payment for objects, towards a cashless world, trust for the IoT ?

Panel introduction: "The next generation of RACS server, trust for the IoT"
Andreas Lux, CEO of the Implementa Company
Implementa gmbh is a german privately held company founded in 1977. Implementa provides industrial-strength communication products and solutions. For more than 15 years implementa has been specializing in wireless and smartcard technologies. Implementa is the market leader for cloud-based SIM and Secure Element solutions.
Andreas Lux is the CEO of implementa. He studied computer science and economy at Universität Göttingen. His diploma thesis was about fault tolerant search algorithms for text retrieval in full-text databases. Before joining Implementa in 1994 he worked as a consultant for industrial automation and communication systems. His technical background is software and hardware development for embedded systems and Smartcards.

19h30: Social
Dinner in Gainesville downtown, free to all participants

Saturday February 27th

8h45-9h30: Breakfast

9h30-10h30: Keynote
"Trusted Execution Environment: Trusted Model, Architecture Overview, Challenges and Future Directions", Mohamed Sabt, Orange

Trusted Execution Environment (TEE) was designed to enrich the previously defined trusted platforms, such as TPM. TEE is commonly known as an isolated processing environment in which applications can be securely executed irrespective of the rest of the system. However, TEE still lacks a precise definition as well as representative building blocks that systematize its design. In this keynote, we present TEE within a well-defined trusted model: the Dual Execution Environment approach. We discuss the different technologies used to implement TEE, in particular we show how ARM TrustZone is well designed to support such architecture. Furthermore, we analyze the core properties of TEE. Some related concepts, such as trust and formal verification, are also presented. Finally, we give a survey on the existing academic and industrial ARM TrustZone-based TEE. Some known attacks on deployed TEE are presented and discussed.

As a PhD student in Orange Labs, Mohamed Sabt investigates new approaches that offer hardware supported security and trusted computing inside complex systems. The goal is to re-think security for small connected objects, such as mobile devices and IoT (Internet of Things), by solving the following problem: how the execution of an application can be secured despite a compromised OS. His research focuses on the Trusted Execution Environment (TEE) and leads to several publications in internationally recognized conferences (ifip sec, trustcom and icac). Mohamed received an MS in Computer Science from the université de technologie de Compiègne (UTC) in France. He has a strong background in trusted computing, applied cryptography and mobile services based on Secure Element (e.g. SIM).

Optimized Node Selection Process for Quality of Service Provisioning over Wireless Multimedia Sensor Networks
Adwan Alanazi and Khaled Elleithy
Department of Computer Science and Engineering, University of Bridgeport, USA

Towards Secure Elements For The Internet of Things:The eLock Use Case
Pascal Urien, LTCI, UMR 5141, Telecom ParisTech, Paris, France

NFC4Sure: Mobile Ticketing System
Diogo Antunes, Joao Lima, Goncalo Pereira, Nelson Escravana, Carlos Ribeiro
INO INESC Inovacao
INESC-ID Instituto Superior Tecnico Universidade de Lisboa

Fraud on Host Card Emulation architecture Is it possible to fraud a payment transaction realized by a mobile phone using an “Host Card Emulation” system of security ?
Marc Pasquet, Sylvie Gerbaix
ENSICAEN, GREYC Laboratory Caen, France
Montpellier University, Research in Management Lab, France

12h30-12h40: Conference Closing

12h40-14h00 : Lunch

Important Dates

November 23rd 2015, Papers submission deadline

Due to numerous requests the full/short papers submission deadline has been extended to November 30th 2015

January 2nd 2016, Full/Short Papers Acceptance/Rejection notification

January 6th 2016, Full/Short Papers Acceptance/Rejection notification

January 25th 2016, Posters/Works in Progress Papers Acceptance/Rejection notification

January 10th 2016, the registration is opened? Go there to register

Full/Short final papers submission has been extended to January 29th 2016

Posters/Works in Progress final papers submisssion has been extended to February 3rd 2015


The goal of the "Conference on Mobile Applications, Security, and Services" is to explore the challenges, issues and opportunities both for academic researchers and industrial innovators.
We are looking for both research papers on new applications and presentations of deployment experiments or new business opportunities.
In an always-on and everything connected context, mobile applications are more and more interacting with sensitive or personal resources hosted in cloud computing infrastructures. As a consequence, security and trust are critical issues.
Among other, the NFC technology enables communication in close proximity. With NFC mobiles surfacing the market so quickly, mobile operating systems are prepared for support with dedicated frameworks. This offers researchers and developers a great opportunity for getting quick traction with novel applications.
So far, the main NFC-enabled services deal with payment, access control, or ticketing. Commercial applications today mainly target contactless payments, i.e., eWallets or eTickets managed by transportation companies. The broad availability of NFC-technology fertilizes research and development of novel applications and can go well beyond these intended applications.
This conference aims to bring researchers and industrial experts together to discuss the latest frontiers of mobile technology and also novel applications that have not been thought of before.

The workshop welcomes contributions addressing (but not limited to) the following topics:

Proximity communication technologies for mobile (NFC, Low Power Bluetooth,…), secure transactions over proximity communications;

Trust for mobile applications and services, Secure Elements, SIM frameworks; SecureSD, (including Google Vault) platforms; Single Wire Protocol (SWP); Trusted Service Manager (TSM); Secure over the air (OTA) services;

New mobile secure architectures. Host Card Emulation (HCE). Trusted Execution Environment (TEE).

New services and business perspectives New payment applications; Apple Pay, Google Pay, Samsung Pay Services; secure tokenisation technologies; proximity communication for access control; automotive industry perspectives; applications for the consumer industry; applications for smart cities; Internet Of Things (IoT) new perspectives;

Mobile Applications for Social Networks.

Deployment experiments and testing Payments, transport, ticketing, access control, couponing, macro localization (Tags).

Conference Organizers

Selwyn Piramuthu, University Of Florida, FL, USA -

Pascal Urien, Télécom ParisTech, Paris, France -

MobiSecServ Conference