Secure web Push system

In existing push systems, there is no provision for additional security and the push messages from any content provider can be simply viewed by the user. This could cause problems in certain cases where additional security, privacy and authentication might be desirable before the user is allowed to...

Full description

Saved in:
Bibliographic Details
Main Authors: Saride, Girija, Aaron, Jaya Balan, Bose, Joy
Format: Conference Proceeding
Language:English
Subjects:
Architecture
Authentication
Computer networks
Devices
Gateways (computers)
Logic gates
Messages
Performance evaluation
Privacy
Security
Servers
Training
Web Push Notification
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In existing push systems, there is no provision for additional security and the push messages from any content provider can be simply viewed by the user. This could cause problems in certain cases where additional security, privacy and authentication might be desirable before the user is allowed to view the push message, for example a message from the user's bank giving the current bank balance. In this paper we present a Smart Push system that ensures user security and privacy. Our push architecture incorporates a Gateway Client and Gateway Server component, enabling additional security measures and encryption of sent push messages at the gateway server before the messages reach the client device. In our system, a unique subscription Id is generated during the registration process, which hides the actual registration Id of the client device and thus ensures privacy. An additional spam filter at the gateway server further protects the client device from spam push messages. We present the architecture of the system and results of some tests performed to measure the effectiveness of the security aspects of the push architecture.
ISSN:2155-2509
DOI:10.1109/COMSNETS.2016.7439931