Mobile security is important due to widespread mobile device use. Mobile devices face threats like malware, phishing attacks, and device theft. A comprehensive mobile security strategy includes mobile device management, secure app distribution, encryption, authentication, and user education. Successful attacks can result in data loss, resource misuse, reputation damage, and identity theft. Implementing security best practices can help mitigate these risks.

1. MUC – IT5050
LESSON 8
Summary Report
Mobile Security
L H A N N Buddhadasa – MS23002456
1.
Mobile security is a crucial aspect of today's digital landscape, considering the widespread
use of smartphones and tablets.
 Current State of Mobile Security:
o Mobile security has become increasingly important due to the proliferation of
mobile devices and their integration into various aspects of our lives.
o The mobile operating systems, such as iOS and Android, have implemented
security measures to protect user data and prevent unauthorized access.
o App stores have implemented app vetting processes to minimize the distribution
of malicious applications.
 Threats to Mobile Devices:
o Malware: Mobile devices are vulnerable to various forms of malware, including
viruses, worms, Trojans, ransomware, and spyware.
o Phishing Attacks: Attackers may attempt to trick users into revealing sensitive
information through deceptive emails, SMS messages, or fake websites.
o Unsecured Wi-Fi Networks: Public Wi-Fi networks can be insecure, allowing
attackers to intercept and monitor the data transmitted between a mobile device
and the network.
o Device Theft or Loss: If a mobile device falls into the wrong hands, it can lead to
unauthorized access to personal information.
2
 Common Device Vulnerabilities:
o Outdated Software: Failure to update the mobile operating system and applications
regularly can leave devices exposed to known vulnerabilities.
o Weak or Default Passwords: Using easily guessable or default passwords can
compromise the security of mobile devices.
o Insecure Connections: Connecting to unsecured Wi-Fi networks or using outdated
encryption protocols can expose sensitive data.
o Side-Channel Attacks: Attackers may exploit physical characteristics of the device,
such as power consumption or electromagnetic emissions, to gather sensitive
information.
 Risks Associated with Mobile Security:
o Unauthorized Access: Attackers can gain access to sensitive data, such as personal
information, financial details, or login credentials, leading to identity theft or
financial loss.
o Privacy Breaches: Mobile apps may request excessive permissions or collect user
data without consent, violating privacy rights.
o Financial Fraud: Malicious apps or phishing attacks can trick users into providing
payment information, leading to financial fraud or unauthorized transactions.
3
o Reputation Damage: Mobile security breaches can harm an individual's or
organization's reputation, particularly if customer data is compromised.
 Governance Advice:
o Establish Mobile Device Policies: Implement clear policies and guidelines for the
use of mobile devices within organizations, including acceptable use, data
protection, and security measures.
o Mobile Device Management (MDM): Employ MDM solutions to enforce security
policies, remotely manage devices, and ensure data encryption and secure access.
o User Education and Awareness: Regularly train users about mobile security best
practices, including avoiding suspicious links, installing apps from trusted
sources, and using strong passwords.
o Regular Updates and Patches: Keep mobile operating systems, apps, and security
software up to date to protect against known vulnerabilities.
 Safeguards and Best Practices:
o Use Strong Passwords: Employ unique, complex passwords or biometric
authentication methods to secure mobile devices.
o Enable Device Lock: Set up device lock screens, such as PIN, pattern, or biometric
lock, to prevent unauthorized access in case of theft or loss.
4.

2. o Install Apps from Trusted Sources: Download apps only from official app stores to
minimize the risk of downloading malicious software.
o Regularly Update Software: Install updates and patches for the mobile operating
system and applications to address security vulnerabilities.
o Secure Network Connections: Avoid connecting to unsecured Wi-Fi networks and use
a virtual private network (VPN) when accessing sensitive information.
o Be Cautious of Phishing Attempts: Exercise caution while clicking on links or
providing personal information, especially in emails or messages from unknown
sources.
o Enable Remote Tracking and Wiping: Activate features that allow remote tracking and
data wiping in case of device theft or loss.
Example: To illustrate best practices, let's say you want to enhance mobile security. You
would:
 Use a strong, unique password or biometric authentication for device unlock.
 Update your mobile operating system and apps regularly.
 Install a reputable mobile security app from an official app store.
 Avoid connecting to unsecured Wi-Fi networks and use a VPN when accessing
sensitive data.
 Enable remote tracking and data wiping in case of theft or loss.
5
 Exercise caution while clicking on links or providing personal information,
particularly from unknown sources.
Remember, mobile security is an ongoing effort, and it is crucial to stay informed about
emerging threats and best practices to ensure the protection of your mobile devices and
data.
A mobile security stack refers to a collection of technologies, tools, and practices that work
together to provide comprehensive security for mobile devices. Here are some key
components of a mobile security stack:
 Mobile Device Management (MDM): MDM solutions help manage and secure mobile
devices by enforcing policies, remotely configuring devices, and ensuring data
encryption. They enable IT administrators to monitor and control devices within an
organization.
 Mobile Application Management (MAM): MAM solutions focus on securing and
managing mobile applications. They allow organizations to distribute, update, and
secure enterprise apps, control app access and permissions, and enforce app-level
security policies.
 Mobile Threat Defense (MTD): MTD solutions protect against mobile-specific threats
such as malware, network attacks, and phishing attempts. They use techniques like
behavior-based analysis, machine learning, and threat intelligence to detect and
prevent mobile threats. 6
Mobile Data Protection: Mobile data protection solutions encrypt sensitive data stored
on mobile devices, preventing unauthorized access in case of theft or loss. They may
also include features like remote data wiping and secure containers to separate personal
and work-related data.
Mobile App Security Testing: These tools and services help identify security
vulnerabilities in mobile applications. They perform static and dynamic analysis,
penetration testing, and code review to uncover potential weaknesses and ensure apps
meet security standards.
Mobile Identity and Access Management (IAM): IAM solutions provide secure
authentication, authorization, and access control for mobile users. They enable
organizations to manage user identities, enforce strong authentication methods, and
ensure appropriate access to resources.
Secure Mobile Communication: This includes tools and protocols that ensure secure
communication between mobile devices and networks. It may involve using secure
messaging apps, encrypted email, virtual private networks (VPNs), or secure voice and
video calling solutions.
Mobile Containerization: Containerization separates personal and work-related data on
mobile devices. It creates isolated containers or secure environments where enterprise
apps and data are stored separately, enhancing security and privacy.
7
Mobile Security Awareness and Training: Education and training programs are crucial
to raising awareness about mobile security best practices among users. They provide
guidance on avoiding phishing attacks, recognizing malicious apps, and practicing
good mobile security hygiene.
Mobile Security Policies and Governance: Establishing mobile security policies and
governance frameworks ensures consistent security practices across an organization.
It includes defining acceptable use policies, data protection guidelines, and incident
response procedures for mobile devices.
The specific components of a mobile security stack can vary depending on the
organization's needs, industry, and risk profile. It's essential to assess the unique
requirements and adopt a comprehensive approach to protect mobile devices and data
effectively.
Mobile security stack
Here's an expanded version of the mobile security stack,
Infrastructure Layer:
 Mobile Device Management (MDM): Software or services that enable the
management, configuration, and monitoring of mobile devices within an
organization. MDM solutions help enforce security policies, remote device
tracking, and data wiping. 8

3.  Mobile Application Management (MAM): Tools or platforms that focus on
managing and securing mobile applications. MAM solutions allow organizations
to distribute, update, and control access to enterprise apps while enforcing security
policies.
Hardware Layer:
o Secure Elements: Hardware components embedded in mobile devices, such as
Trusted Platform Modules (TPM) or Secure Enclave, that provide secure storage
and cryptographic operations.
o Biometric Authentication: Hardware-based features like fingerprint scanners or
facial recognition systems that enable secure and convenient user authentication.
 Secure Boot: A feature that ensures only trusted and authorized code runs during
the boot process, preventing the execution of malicious or tampered software.
 Device Encryption: Encryption mechanisms at the OS level that protect data stored
on the device, making it unreadable without the appropriate credentials.
 Permissions Model: OS permissions that regulate access to sensitive resources and
data, requiring user consent for apps to access certain functionalities or
information.
 Sandboxing: Isolation mechanisms that restrict the capabilities of apps, preventing
them from accessing data or resources beyond their designated boundaries. 9

o Patching and Updates: Regular security updates and patches released by the OS
provider to address known vulnerabilities and improve overall device security.
 Application Layer:
o App Vetting and Review: App store policies and review processes that assess the
security and integrity of mobile applications before making them available for
download.
o Code Signing: Digitally signing mobile app code with cryptographic certificates
to verify the authenticity and integrity of the app.
o Secure Network Communication: Implementing secure protocols (e.g., HTTPS,
VPN) within mobile applications to protect data transmitted over networks.
o User Authentication and Access Control: Implementing strong authentication
mechanisms (e.g., multi-factor authentication) and access controls within apps to
ensure authorized user access.
o Secure Data Storage: Utilizing encryption techniques to protect sensitive data
stored within mobile applications.
It's important to note that the mobile security stack is not limited to these layers. Additional
components, such as network security, backend infrastructure security, and security
analytics, can also be part of a comprehensive mobile security strategy.
10
Mobile Attack Vectors
Mobile attack vectors refer to various techniques and methods used by attackers to exploit
vulnerabilities and gain unauthorized access to mobile devices. Here are some common
mobile attack vectors along with examples:
 Malicious Apps: Attackers create malicious applications and distribute them through
app stores or third-party sources. These apps may appear legitimate but contain hidden
malware or malicious code. Once installed, they can steal sensitive information, control
the device, or perform unauthorized actions. For example, a fake banking app that tricks
users into entering their login credentials, which are then captured by the attacker.
 Phishing Attacks: Attackers send deceptive messages via SMS, email, or social media
to trick users into revealing their personal information or downloading malware. For
instance, a phishing message may claim to be from a reputable organization, asking
users to click on a link to update their account information. The link leads to a fake
website designed to steal login credentials.
 Network Spoofing: Attackers set up rogue Wi-Fi networks with legitimate-sounding
names to lure users into connecting to them. These networks are often used to intercept
sensitive data transmitted over unsecured connections. For example, an attacker might
create an open Wi-Fi network at a coffee shop and intercept users' unencrypted data,
such as login credentials or financial information. 11
Operating System Vulnerabilities: Mobile operating systems, like any software, can
have vulnerabilities that attackers exploit. They may create malware that specifically
targets these vulnerabilities to gain unauthorized access to the device. For instance, a
flaw in the operating system's code may allow an attacker to execute malicious code
remotely and take control of the device.
Bluetooth Attacks: Bluetooth-enabled devices can be targeted through various attacks,
such as BlueBorne. In this attack, an attacker exploits vulnerabilities in Bluetooth
implementations to gain unauthorized access to a device. Once connected, the attacker
can extract sensitive data or take control of the device.
USB Attacks: Attackers may physically connect to a mobile device using USB cables
or adapters to install malware, steal data, or gain control. For example, an attacker may
use a malicious USB charging station that infects connected devices with malware
when they are plugged in.
SMS Attacks: Attackers send malicious SMS messages to exploit vulnerabilities in the
messaging application or operating system. These messages may contain links that,
when clicked, install malware on the device or trick users into providing sensitive
information. For instance, an SMS might claim that the user has won a prize and
provide a link to claim it, leading to a malicious website.
12

4. Social Engineering: Attackers exploit human psychology to manipulate users into
taking actions that compromise their mobile devices. They may impersonate trusted
individuals or organizations to deceive users into sharing sensitive information or
performing actions that lead to device compromise. For example, an attacker might
pretend to be a tech support representative and convince the user to provide remote
access to their device.
It's essential to stay vigilant and take precautionary measures, such as keeping software up
to date, installing apps from trusted sources, and being cautious about clicking on links or
providing personal information. Additionally, using security software, enabling device
encryption, and implementing strong authentication mechanisms can help protect against
mobile attack vectors.
Consequences of mobile attack vectors can have severe impacts on individuals and
organizations. Here are the potential consequences of mobile attack vectors you mentioned:
Losing Your Data:
 Data Loss: Mobile attacks, such as malware or unauthorized access, can lead to the
loss of personal or sensitive data stored on the device, including photos, contacts,
messages, and documents.
 Financial Loss: If mobile devices are used for financial transactions or banking,
attackers gaining access to banking credentials can result in financial loss through
unauthorized transactions. 13
 Productivity Disruption: Losing critical data stored on mobile devices, such as
work-related documents or project files, can disrupt productivity and cause
operational setbacks.
 Prevent them:
o Regularly backup your mobile device's data to ensure you can recover it in case
of loss, theft, or device failure. Use cloud storage, external hard drives, or
computer backups to securely store your data.
o Enable automatic backup settings on your device to ensure your data is
continuously backed up.
o Utilize remote tracking and wiping features provided by your device's
operating system or third-party apps to locate and erase data from a lost or
stolen device.
Bad Use of Your Mobile Resources:
 Battery Drain: Malicious apps or processes running in the background can
consume excessive battery resources, leading to faster battery depletion and
reduced device usage time.
 Data Usage and Bandwidth Consumption: Attackers may utilize compromised
devices to perform activities like sending spam emails or launching distributed
denial-of-service (DDoS) attacks, resulting in increased data usage and network
congestion. 14
 Performance Degradation: Mobile devices infected with malware or running
resource-intensive malicious apps may experience decreased performance, slow
responsiveness, and frequent crashes.
 How to prevent them:
o Avoid installing unnecessary or untrusted apps that could consume excessive
resources, drain battery life, or compromise device performance.
o Monitor and manage background processes and apps that may be running
unnecessarily and consuming resources. Close unused apps and disable
unnecessary background activity.
o Regularly review app permissions and revoke access for apps that do not
require certain permissions to function properly.
Reputation Loss:
 Privacy Breach: Mobile attacks compromising personal data, such as contacts,
emails, or private messages, can damage an individual's or organization's
reputation, leading to loss of trust from customers, partners, or stakeholders.
 Unauthorized Access to Social Media: If an attacker gains control of a user's social
media accounts, they may post inappropriate content, spread misinformation, or
engage in harmful activities using the compromised account, resulting in
reputational damage. 15
 How to prevent them:
o Be cautious when sharing personal information online or with apps and
services. Limit the amount of personal data you provide and review the privacy
policies of apps and websites.
o Be mindful of the content you share on social media platforms and ensure your
privacy settings are appropriately configured to control who can access your
information.
o Regularly monitor your online presence and search for your name or personal
information to identify any potentially damaging content or unauthorized use
of your identity.
Identity Theft:
 Financial Fraud: Mobile attacks that involve stealing personal information, such as
login credentials, social security numbers, or credit card details, can lead to financial
fraud, unauthorized transactions, or identity misuse.
 Impersonation: Attackers can use stolen identities to impersonate individuals,
leading to reputation damage or involvement in criminal activities.
 Unauthorized Account Access: By obtaining login credentials, attackers can gain
access to various online accounts, including email, social media, or banking,
potentially leading to unauthorized actions, data breaches, or further compromise.16

5.  How to prevent them:
o Use strong, unique passwords or consider utilizing password managers to
generate and store complex passwords for your accounts.
o Enable two-factor authentication (2FA) whenever possible to add an extra
layer of security to your accounts.
o Be cautious of phishing attempts and avoid clicking on suspicious links or
providing personal information in response to unsolicited requests.
o Regularly review your financial statements, credit reports, and account
activities to detect any signs of unauthorized transactions or identity theft.
o Consider using identity theft protection services that can monitor your
personal information and alert you to potential risks or breaches.
It's crucial to implement robust security measures, such as using reputable security software,
practicing strong authentication, being cautious of suspicious links or apps, and staying
updated with security patches, to mitigate these risks and protect against the consequences
of mobile attack vectors.
By implementing these practices, you can reduce the risks associated with losing data,
misuse of resources, reputation loss, and identity theft on your mobile devices.
17
Mobile Top 10 vulnerabilities:
Spoofing:
 Caller ID Spoofing: Attackers manipulate the caller ID information to make it
appear as if a call is coming from a trusted source, tricking the user into answering
and potentially revealing sensitive information.
 SMS Spoofing: Attackers manipulate the sender information in SMS messages to
appear as a legitimate source, which can be used for phishing or spreading
malware.
Tampering:
 App Code Modification: Attackers modify the code of a legitimate app to introduce
malicious functionality, such as stealing user data or performing unauthorized
actions.
 Man-in-the-Middle (MitM) Attacks: Attackers intercept and modify data
exchanged between a mobile device and a server, allowing them to tamper with
the data or inject malicious code.
Repudiation:
 Message Alteration: Attackers modify or tamper with messages sent from the
mobile device, enabling them to deny sending or altering the content of the
messages.
18
 Transaction Repudiation: Attackers manipulate transactional data or digital
signatures to repudiate a legitimate transaction, claiming it was unauthorized.
Information Disclosure:
 Insecure Data Storage: Attackers gain access to sensitive data stored on the device,
such as passwords, financial information, or personal data, due to weak encryption
or inadequate storage practices.
 Insufficient Transport Layer Protection: Attackers eavesdrop on data transmitted
between the mobile device and servers due to insecure network protocols or weak
encryption, leading to the disclosure of sensitive information.
Denial of Service (DoS) Attacks:
 Resource Exhaustion: Attackers exploit vulnerabilities in the mobile device's
operating system or apps to consume excessive resources, causing the device to
slow down or crash.
 Network Flooding: Attackers flood the mobile device or the network it is
connected to with a large volume of requests or data, overwhelming the resources
and causing service disruption.
Elevation of Privilege:
 Jailbreaking or Rooting Exploits: Attackers leverage vulnerabilities to gain
privileged access (root or administrator) to a mobile device, 19
allowing them to bypass security controls and install unauthorized apps or access
sensitive data.
 Privilege Escalation: Attackers exploit vulnerabilities in the operating system or
apps to elevate their privileges and gain access to sensitive resources or perform
actions reserved for higher privilege levels.
These examples illustrate how mobile attack vectors can be categorized based on the type
of vulnerability they exploit. It's crucial to be aware of these threats and employ security
measures to mitigate the risks associated with them.
Anatomy of a Mobile Attack: Infecting the device
When it comes to infecting a mobile device and gaining unauthorized access, attackers
employ various techniques to achieve their goals. Here's an overview of the anatomy of a
mobile attack involving infecting the device, installing a backdoor, and bypassing
encryption mechanisms to exfiltrate information:
 Initial Compromise:
o Attack Vector: Attackers may exploit vulnerabilities in the mobile operating
system, apps, or network protocols to gain initial access to the device. This could
involve leveraging software vulnerabilities, social engineering techniques, or other
attack vectors like malicious links or attachments.
20

6. o Malware Delivery: Attackers deliver malware to the target device through various
means, such as malicious apps, phishing messages, drive-by downloads, or
network-based attacks.
 Establishing Persistence:
o Malware Execution: Once the initial compromise is achieved, the malware is
executed on the device, often through exploiting vulnerabilities in the operating
system or app security.
o Privilege Escalation: Attackers attempt to gain elevated privileges on the device,
allowing them to bypass security mechanisms and access sensitive resources. This
could involve exploiting privilege escalation vulnerabilities or leveraging known
weaknesses in the device's security configuration.
 Installing a Backdoor:
o Backdoor Deployment: Attackers install a backdoor on the compromised device,
which provides them with persistent access and control even after the initial
infection. The backdoor can be a modified legitimate app, a malicious payload
injected into the device's firmware, or a separate component installed alongside
other apps.
o Stealth Techniques: To evade detection, the backdoor may employ various stealth
techniques, such as hiding its presence from the user, encrypting communication
channels, or disguising its network traffic as legitimate traffic. 21
 Bypassing Encryption:
o Keylogging: Attackers deploy keyloggers on the device to capture user input,
including passwords or encryption keys. This allows them to bypass encryption
mechanisms by obtaining the necessary credentials to decrypt protected data.
o Screen Recording: Some malware may capture screen activity, allowing attackers
to record sensitive information or bypass encryption by visually observing user
actions.
o Exploiting Encryption Flaws: Attackers may target vulnerabilities in encryption
implementations or cryptographic libraries to weaken or bypass encryption
mechanisms and gain access to encrypted data.
 Exfiltrating Information:
o Data Theft: Attackers extract sensitive information from the compromised device,
such as login credentials, personal data, or intellectual property. This can be
achieved by exfiltrating data directly from the device or by leveraging
compromised user accounts associated with the device.
o Covert Communication: To transmit the stolen data, attackers often use covert
communication channels, such as encrypted connections to remote command-and-
control (C2) servers or hiding data within seemingly harmless network traffic.
22
It's important to note that preventing such attacks requires a combination of measures,
including regular device updates, installing apps from trusted sources, practicing good
security hygiene, using strong encryption and authentication mechanisms, and leveraging
mobile security solutions to detect and prevent malware infections.
When a hacker successfully compromises a mobile device, they can profit in various ways.
Here are a few examples:
 Financial Fraud:
o Example: Suppose a hacker gains access to a user's mobile banking app by stealing
their login credentials through a phishing attack. With this access, the hacker can
transfer funds, make unauthorized transactions, or access sensitive financial
information, resulting in financial loss for the victim.
 Identity Theft:
o Example: If a hacker obtains personal information, such as social security numbers,
addresses, or date of birth, from a compromised mobile device, they can use this
information to impersonate the victim. They might apply for loans, open credit card
accounts, or conduct fraudulent activities in the victim's name, causing significant
harm to their credit history and financial well-being.
 Ransomware:
23
o Example: A hacker may deploy ransomware on a mobile device, encrypting the
user's data and rendering it inaccessible. The hacker then demands a ransom
payment in exchange for providing the decryption key. If the victim pays the
ransom, the hacker profits financially, although there is no guarantee that they will
provide the decryption key or restore the data.
 Data Theft and Sale:
o Example: After compromising a mobile device, a hacker can extract sensitive
information stored on the device, such as personal documents, login credentials,
or intellectual property. They can sell this stolen data on the dark web to other
cybercriminals or interested parties, who may use it for various malicious
purposes like identity theft, fraud, or corporate espionage.
 Ad Fraud:
o Example: A hacker can install malicious apps on a compromised mobile device
that generate fraudulent ad clicks or impressions in the background without the
user's knowledge. By inflating ad engagement metrics, the hacker can earn illicit
profits from ad networks or advertisers.
 Mobile Botnets:
24

7. o Example: By compromising multiple mobile devices and turning them into a
botnet, a hacker can utilize the combined computing power for activities like
launching distributed denial-of-service (DDoS) attacks, mining cryptocurrencies,
or participating in other illicit activities. They can profit by offering botnet services
to other cybercriminals or by exploiting the compromised devices for their own
purposes.
These examples illustrate how hackers can exploit compromised mobile devices for
financial gain, personal information theft, or engaging in other malicious activities. It
underscores the importance of implementing strong security measures and practicing good
mobile security hygiene to protect against such threats.
5 myths about Mobile security and their realities:
Myth 1: Mobile devices don't store sensitive corporate data. Reality: Mobile devices often
contain sensitive corporate data, including emails, documents, customer information, and
access to corporate networks. If not properly secured, these devices can be compromised,
leading to data breaches or unauthorized access.
Myth 2: Strong authentication schemes, password management controls, and device PINs
are sufficient to prevent unauthorized access.
Reality: While strong authentication measures and device PINs are essential, they alone are
not sufficient to ensure complete security.
25
Additional layers of security, such as biometric authentication, multi-factor authentication,
and encrypted storage, should be implemented to protect sensitive data from unauthorized
access.
Myth 3: Users are running the latest versions of iOS and Android, so they're up to date
with bug fixes and other security patches. Reality: Unfortunately, not all users keep their
mobile devices up to date with the latest operating system versions and security patches.
Many devices are vulnerable to known security vulnerabilities, making them attractive
targets for attackers. It's crucial for users to regularly update their devices to stay protected
against emerging threats.
Myth 4: Public app stores like Apple's App Store and Google's Play are safe sources
because they verify apps and block malware. Reality: While app stores have security
measures in place, malicious apps can still slip through the cracks. Attackers may use
techniques like obfuscation or delayed malicious behavior to bypass app store security
checks. Users should exercise caution, read app reviews, and verify the reputation and
credibility of app developers before installing any app, even from trusted app stores.
Myth 5: Secure access is not possible using a public Wi-Fi network. Reality: Public Wi-Fi
networks can be insecure and prone to attacks such as man-in-the-middle attacks or
network spoofing. However, secure access is possible by taking appropriate precautions.
26
Users should utilize VPN (Virtual Private Network) connections, ensure encrypted
communication (HTTPS) when accessing sensitive information, and avoid transmitting
sensitive data over public Wi-Fi networks whenever possible.
It's important to be aware of these realities and take proactive measures to enhance mobile
security, such as using robust security solutions, keeping devices and apps updated,
practicing good password hygiene, and being cautious while connecting to networks or
installing apps.
seven common security mistakes people make with their mobile devices. Let's explore
each of them:
 Failing to lock down your device:
o Reality: Many users neglect to use strong authentication methods like PINs,
passwords, or biometric authentication to secure their devices. Without these
measures, unauthorized individuals can easily access personal and sensitive data if
the device is lost or stolen.
 Not having the most up-to-date versions of your apps:
o Reality: App updates often include security patches that address vulnerabilities and
protect against known threats. Failing to update apps regularly leaves devices
susceptible to exploitation by attackers who target known security flaws. 27
 Storing sensitive, work-related data on an unauthorized device:
o Reality: Storing sensitive work-related data on personal devices that lack proper
security controls increases the risk of data breaches. Unauthorized access, device
loss, or malware infections can compromise sensitive information, leading to
serious consequences for individuals and organizations.
 Opening questionable content:
o Reality: Opening suspicious emails, clicking on unknown links, or downloading
files from untrusted sources can lead to malware infections or phishing attacks.
Attackers often use social engineering techniques to trick users into revealing
sensitive information or gaining access to their devices.
 Not adhering to your company's social media policies:
o Reality: Sharing sensitive information or engaging in inappropriate behavior on
social media platforms can have negative consequences for individuals and their
organizations. Employees should follow their company's social media policies and
guidelines to protect sensitive information and maintain a professional online
presence.
 Using public or unsecure Wi-Fi:
o Reality: Public Wi-Fi networks often lack adequate security measures, making
them attractive targets for attackers. 28

8. o Connecting to these networks without using a Virtual Private Network (VPN) or
taking precautions can expose users to risks such as data interception, network
spoofing, or malware distribution.
 Not equipping employees' devices with some form of Mobile Device Management
(MDM) or encryption:
o Reality: Without MDM or encryption solutions, devices are more susceptible to
unauthorized access or data theft. MDM helps manage and secure devices
remotely, enforce security policies, and protect sensitive information. Encryption
adds an extra layer of protection by encoding data, making it unreadable without
the appropriate decryption key.
To enhance mobile security, individuals should prioritize device locking mechanisms, keep
apps updated, separate personal and work-related data, exercise caution when interacting
with unfamiliar content, follow company policies, implement MDM or encryption, and use
secure networks or VPNs when accessing sensitive information.
7 enterprise mobility security issues:
 Inadequate Control over Lost/Stolen Devices:
o Enterprises face the risk of sensitive data exposure when mobile devices are lost
or stolen. Without proper controls in place, unauthorized individuals may gain
access to the device and its data. 29
 Users Who Don't Follow Mobile Policies:
o Employees who disregard or bypass mobile security policies can introduce
vulnerabilities into the enterprise network. This includes actions like using
unapproved apps, connecting to unsecured Wi-Fi networks, or disabling security
features.
 Rogue Apps and Malware:
o The presence of rogue apps and malware on mobile devices can lead to data
breaches, unauthorized access, and compromise of sensitive information. Such
malicious software can be introduced through app downloads from untrusted
sources or by exploiting vulnerabilities in the device's operating system.
 Poor Separation of Work and Personal Content and Apps:
o When work-related and personal content and apps are not properly separated on
mobile devices, there is a higher risk of unauthorized access to corporate data.
Personal apps and activities may inadvertently expose sensitive enterprise
information.
 Limited Protection for Data at Rest and in Transit:
o Inadequate safeguards for data stored on mobile devices and during data
transmission increase the risk of data breaches. Without encryption or secure
communication protocols, sensitive information can be intercepted or accessed by
unauthorized parties. 30
 Difficulty Monitoring the Entire Mobile Fleet:
o Organizations may struggle to effectively monitor and manage a large number of
mobile devices. This can result in delayed detection of security incidents, missed
updates, or insufficient visibility into device activity.
 Challenges with Compliance and Flexibility:
o Balancing security requirements with user demands for flexibility and productivity
can be challenging. Meeting compliance standards while accommodating the
diverse needs of users, such as supporting different operating systems or device
types, can pose security risks if not properly addressed.
Addressing these enterprise mobility security issues requires implementing robust mobile
security policies, utilizing mobile device management (MDM) solutions, educating users
about best practices, deploying mobile threat defense mechanisms, and ensuring ongoing
monitoring and compliance efforts.
OWASP Mobile Top 10 Risks
The OWASP Mobile Top 10 Risks is a list of the most critical security risks for mobile
applications. Let's briefly explain each of these risks:
 M1: Improper Platform Usage:
31
o This risk refers to the incorrect use of mobile platforms' security features or failure
to implement platform-specific security controls. It includes issues such as not
properly configuring permissions, insecure storage of sensitive data, or using
deprecated or insecure APIs.
 M2: Insecure Data Storage:
o Inadequate protection of sensitive data stored on mobile devices is a significant
risk. It encompasses issues like storing sensitive information in plain text, using
weak encryption, or not securely deleting data when it is no longer needed.
 M3: Insecure Communication:
o This risk involves vulnerabilities in network communication between mobile apps
and servers. Examples include transmitting sensitive data over unencrypted
channels, improperly validating SSL certificates, or not implementing secure
communication protocols.
 M4: Insecure Authentication:
o Insecure authentication mechanisms can lead to unauthorized access to mobile
apps or user accounts. Weak passwords, lack of multi-factor authentication, or
improper session management are some examples of this risk.
 M5: Insufficient Cryptography:
32

9. o Inadequate implementation of cryptography can result in weak encryption, easily
crackable keys, or improper use of cryptographic algorithms. This risk highlights
the importance of robust cryptography practices for securing sensitive data.
 M6: Insecure Authorization:
o This risk focuses on flaws in authorization mechanisms, including improper access
controls, insufficient privilege validation, or improper handling of user roles. It
highlights the need for strong authorization mechanisms to prevent unauthorized
actions within mobile apps.
 M7: Client Code Quality:
o Poorly coded mobile apps can introduce vulnerabilities that attackers can exploit.
This risk includes issues such as buffer overflows, input validation flaws, or
insufficient error handling.
 M8: Code Tampering:
o Attackers may modify the code or behavior of mobile apps to introduce malicious
functionality or bypass security controls. Code tampering risks include
unauthorized changes to app binaries, modifying configuration files, or injecting
malicious code.
 M10: Extraneous Functionality:
o Including unnecessary or unused features in mobile apps can increase the attack
surface and provide opportunities for exploitation. 33
o This risk highlights the need to remove or disable unused functionality to
minimize potential vulnerabilities.
 M9: Reverse Engineering:
o Reverse engineering involves attackers analyzing the mobile app's code to
understand its inner workings, identify vulnerabilities, or extract sensitive
information. This risk emphasizes the importance of implementing code
obfuscation and anti-reverse engineering techniques.
Understanding and addressing these risks is crucial for developers, security professionals,
and organizations to build and maintain secure mobile applications. By following best
practices, implementing secure coding techniques, and regularly testing for vulnerabilities,
mobile app security can be significantly enhanced.
Malicious Mobile Applications (MMAs)
Malicious Mobile Applications (MMAs) encompass various types of threats and attacks
targeting mobile devices. Here are some examples:
 Spyware:
o Spyware is a type of MMA that secretly tracks and collects user activities on the
device. It can monitor and record text messages, emails, phone calls, GPS location,
contacts, browsing history, and other sensitive information. The collected data is
then often sent to the attacker, compromising user privacy and potentially leading
to identity theft or blackmail. 34
 Trojans:
o Mobile Trojans are MMAs that disguise themselves as legitimate apps but contain
malicious functionality. For example, a Trojan might generate unauthorized
premium rate calls, texts, or purchases without the user's knowledge or consent.
These charges are then billed to the victim's wireless account, leading to financial
losses.
 Phishing Sites:
o MMAs can include phishing sites designed to mimic legitimate services like online
banking or social networks. These sites trick users into entering their login
credentials, which are then captured by the attacker. By stealing user credentials,
the attackers can gain unauthorized access to personal accounts, leading to identity
theft, financial fraud, or other malicious activities.
 Hidden Processes:
o Some MMAs run stealthily in the background, concealing their presence and
waiting for specific behaviors to occur. For example, an MMA may remain
dormant until the user initiates an online banking session. At that point, the hidden
process may intercept and steal sensitive information, such as login credentials or
banking details, compromising the user's financial security.
35
These examples demonstrate the various ways MMAs can compromise the security and
privacy of mobile device users. To protect against such threats, it is crucial to download
apps only from trusted sources, keep devices and apps up to date with the latest security
patches, exercise caution when providing sensitive information, and use mobile security
solutions that detect and mitigate MMAs. Regularly monitoring account activities and
being aware of common phishing techniques can also help users stay vigilant against MMA
attacks.
36

10. MUC – IT5050
LESSON 7
Summary Report
Mobile OS
L H A N N Buddhadasa – MS23002456
37
There have been several mobile operating systems (OS) that have been developed and used
over the years. Here are some examples of different mobile operating systems:
 Symbian OS: Symbian OS was a popular mobile operating system developed by
Symbian Ltd. It was commonly used in Nokia smartphones before being phased out.
Symbian OS was known for its flexibility and customization options.
 iPhone OS (now iOS): iPhone OS, developed by Apple Inc., is the operating system
used in iPhones, iPads, and iPod Touch devices. It is a closed-source operating system
known for its sleek design, security features, and tight integration with Apple's
ecosystem.
 RIM BlackBerry OS: BlackBerry OS, developed by Research In Motion (RIM) (now
known as BlackBerry Limited), was primarily used in BlackBerry smartphones. It was
known for its strong security features, efficient email handling, and physical
QWERTY keyboards.
 Windows Mobile (now Windows Phone): Windows Mobile was developed by
Microsoft and served as the operating system for Windows-based smartphones. It had
a user-friendly interface and integration with Microsoft services but has since been
replaced by Windows Phone and Windows 10 Mobile.
 Linux-based mobile operating systems: Several mobile operating systems are based
on the Linux kernel, offering open-source and customizable platforms.
38
Examples include Ubuntu Touch, Sailfish OS, and Tizen OS (developed by Samsung
and the Linux Foundation).
 Palm OS (now webOS): Palm OS was used in Palm devices before being acquired by
Hewlett-Packard (HP). It was later renamed webOS and used in HP smartphones and
tablets. It featured a unique card-based multitasking interface.
 Android: Android, developed by Google, is currently the most widely used mobile
operating system. It is based on the Linux kernel and offers an open-source platform
for smartphones and tablets. Android supports a vast ecosystem of apps and devices
from various manufacturers.
These are just a few examples of the different mobile operating systems that have been used
over time. Each operating system has its own features, strengths, and weaknesses, catering
to different user preferences and device capabilities.
Android and Hardware
Android is an open-source mobile operating system that is developed by Google. It is
designed to run on a variety of devices, including smartphones, tablets, smart TVs, and
more. Android is built on top of the Linux kernel, which serves as the underlying foundation
for the operating system.
One of the key aspects of Android is its ability to support a wide range of applications.
39
Android provides developers with a software development kit (SDK) that includes various
tools, libraries, and documentation to create apps specifically for the Android platform.
These apps can be installed on Android devices and are typically distributed through the
Google Play Store or other app marketplaces.
Android also comes with a set of built-in apps that are included as part of the operating
system. These apps, such as the Phone app, Contacts app, Messaging app, and others, are
developed by Google and are pre-installed on Android devices. They provide essential
functionalities and serve as core components of the Android user experience.
When it comes to interfacing with hardware, Android leverages the Linux kernel. The
Linux kernel provides the necessary drivers and interfaces to communicate with various
hardware components, such as the processor, memory, display, camera, sensors, and more.
Android builds on top of this foundation and provides higher-level abstractions and APIs
that developers can use to access and control hardware functionality in their apps.
Being an open-source platform, Android encourages contributions and development from
a global community of developers. The Android Open Source Project (AOSP) is the
initiative responsible for the development and maintenance of the Android platform. It
allows developers to access the source code, modify it, and contribute their changes back
to the project. This open approach promotes collaboration, innovation, and the
development of customized versions of Android by various manufacturers, developers, and
communities. 40

11. Overall, Android's combination of built-in apps, support for app development through the
SDK, utilization of the Linux kernel for hardware interaction, and open-source nature
contribute to its widespread adoption and the vibrant ecosystem surrounding the platform.
Android Features
Android offers a range of features that contribute to its popularity and versatility as a mobile
operating system. Here are some key features of Android:
Reuse and Replacement of Components: Android follows a component-based architecture,
allowing developers to reuse and replace various components of the operating system. This
promotes modularity and flexibility in app development, enabling developers to build apps
using pre-existing components and customize them as needed.
Dalvik Virtual Machine: In earlier versions of Android, apps were executed in the Dalvik
virtual machine (VM), which provided a runtime environment for running Android
applications. However, starting with Android 5.0 Lollipop, Android switched to the Android
Runtime (ART) system, which improved performance and efficiency.
Integrated Browser: Android includes an integrated web browser based on the open-source
Chromium project. This allows users to browse the web directly within the Android
operating system, without the need for a separate browser app.
Optimized Graphics: Android provides a powerful graphics rendering framework that
allows developers to create visually appealing and responsive user interfaces. 41
It supports hardware-accelerated 2D and 3D graphics, animation, and advanced rendering
effects.
SQLite: Android includes a lightweight and efficient relational database management
system called SQLite. It allows developers to store and retrieve structured data within their
applications, making it easy to implement data-driven features.
Media Support: Android offers comprehensive multimedia support, including playback
and recording of audio and video, image display and manipulation, and support for various
media formats. This enables developers to create media-rich applications such as music
players, video players, and image editing apps.
GSM Telephony: Android provides built-in support for GSM telephony, allowing devices
to make and receive phone calls, send and receive SMS messages, and access mobile data
services. This functionality is essential for smartphones and enables communication
features in Android apps.
Connectivity: Android supports a wide range of connectivity options, including Bluetooth,
EDGE, 3G, and WiFi. These capabilities enable devices to connect to other devices,
networks, and the internet, facilitating communication, data transfer, and internet access.
Camera, GPS, Compass, and Accelerometer: Android devices typically come equipped
with various sensors, such as a camera, GPS receiver, compass, and accelerometer.
42
Android provides APIs that allow developers to access and utilize these sensors in their
applications, enabling functionalities like capturing photos and videos, location-based
services, and motion sensing.
Rich Development Environment: Android offers a rich development environment,
including a comprehensive software development kit (SDK) with tools, emulators, and
documentation. It also supports popular programming languages such as Java and Kotlin,
providing developers with a familiar and powerful ecosystem for building Android apps.
These features, along with many others, contribute to the flexibility, functionality, and
extensibility of the Android platform, making it a popular choice for both developers and
users.
Here are some application fundamentals in the context of Android:
Apps are written in Java: The primary programming language for developing Android
applications is Java. Developers write their code in Java and utilize the Android SDK to
access various APIs and libraries provided by the Android platform.
Bundled by Android Asset Packaging Tool (AAPT): The Android Asset Packaging Tool
(AAPT) is responsible for packaging and compressing the application's assets, resources,
and manifest file into a binary format known as the Android Package (APK). The APK is
the file format used for distributing and installing Android applications.
43
Every app runs its own Linux process: In Android, each application runs in its own isolated
Linux process. This process provides a sandboxed environment for the app, ensuring that
it runs independently and does not interfere with other apps or the operating system. This
approach enhances security and stability on the Android platform.
Each process has its own Java Virtual Machine (JVM): Each Android application runs
within its own instance of the Java Virtual Machine (JVM). This isolation ensures that each
app has its own dedicated runtime environment, allowing apps to execute independently
without conflicts.
Each app is assigned a unique Linux user ID: Android assigns a unique user ID to each
installed application. This user ID is used for enforcing access control and permissions. By
assigning a unique user ID, Android ensures that each app's data and resources are
protected and accessible only to the app itself unless explicitly shared.
Apps can share the same user ID to see each other's files: Android provides a mechanism
for apps to share the same user ID, known as a shared user ID. When two or more apps
share the same user ID, they can access each other's files and data. This feature is useful in
scenarios where multiple apps need to interact or share data securely.
These application fundamentals in Android help to ensure the security, isolation, and
efficient execution of applications on the platform. They provide a robust foundation for
app development and help maintain a stable and secure environment for users. 44

12. MUC – IT5050
LESSON 6
Summary Report
Native, web or hybrid Mobile app Development
L H A N N Buddhadasa – MS23002456
45
common types of mobile applications:
 Native Apps: Native apps are developed specifically for a particular mobile platform
(e.g., Android or iOS) using the platform's native programming language (Java or
Kotlin for Android, Swift or Objective-C for iOS). They offer the best performance,
integration with device features, and access to platform-specific functionalities.
 Web Apps: Web apps are websites that are optimized for mobile devices. They are
accessed through a mobile browser and do not require installation from an app store.
Web apps are typically built using web technologies such as HTML, CSS, and
JavaScript and can be developed to be responsive and accessible across multiple
platforms.
 Hybrid Apps: Hybrid apps combine elements of both native and web apps. They are
built using web technologies (HTML, CSS, JavaScript) and wrapped in a native shell
that allows them to be installed and run as a regular app on the device. Hybrid apps
can access device features through plugins or APIs.
 Progressive Web Apps (PWAs): PWAs are web apps that leverage modern web
capabilities to deliver a more app-like experience. They can be installed on the user's
home screen, work offline, send push notifications, and have access to certain device
features. 46
PWAs are designed to be responsive, fast, and provide a seamless user experience.
 Augmented Reality (AR) Apps: AR apps overlay virtual content onto the real world,
enhancing the user's perception and interaction with their surroundings. These apps use
the device's camera, sensors, and advanced algorithms to recognize objects, track
movement, and render virtual elements in real-time.
 Gaming Apps: Gaming apps are specifically designed for entertainment purposes and
offer interactive gameplay experiences. These apps can range from casual games to
complex, high-performance games, and can utilize various technologies such as 2D/3D
graphics, physics engines, and multiplayer capabilities.
These are just a few examples of the different types of mobile applications. Each type has
its own advantages and use cases, and the choice of app type depends on factors such as the
target audience, desired functionalities, development resources, and platform requirements.
three types of mobile app development with simple examples:
 Native Mobile App Development: Native app development involves building
applications specifically for a particular mobile platform, such as Android or iOS.
These apps are developed using the platform's native programming languages and
development tools. Here are a couple of examples: 47
o Android Native App: If you want to develop an app that is exclusively for Android
devices, you would use Java or Kotlin as the programming language and Android
Studio as the development environment. This allows you to leverage the full
capabilities of the Android platform and provide the best performance and
integration with the device. Examples of popular native Android apps include
WhatsApp, Instagram, and Google Maps.
o iOS Native App: If you want to create an app that runs exclusively on iOS devices
like iPhones and iPads, you would use Swift or Objective-C as the programming
language and Xcode as the development environment. Native iOS apps have
access to iOS-specific features and can provide a seamless user experience.
Examples of native iOS apps include Facebook, Spotify, and TikTok.
 Web App Development: Web app development involves building applications that are
accessed through a mobile browser and do not require installation from an app store.
They are developed using web technologies such as HTML, CSS, and JavaScript.
Here's an example:
o Responsive Web App: Let's say you want to create an online shopping application
that users can access from their mobile browsers.
48

13. You would develop the app using HTML, CSS, and JavaScript, making it responsive
so that it adapts to different screen sizes. Users can access the app by simply visiting
its website through their mobile browsers, without the need to install it. Examples of
web apps include Twitter's mobile web app and Gmail's mobile web interface.
 Hybrid Mobile App Development: Hybrid app development combines elements of both
native and web apps. These apps are built using web technologies but are wrapped in a
native container that allows them to be installed and run as regular apps on the device.
Here's an example:
o Hybrid To-Do List App: Imagine you want to create a to-do list app that can run
on both Android and iOS devices. Instead of building separate native apps for each
platform, you can develop a hybrid app using frameworks like React Native or
Ionic. These frameworks allow you to write the app's code using web technologies
and package it as a native app. The app will have a native look and feel and can
access device features like camera or geolocation. Examples of hybrid apps include
the Instagram app (built with React Native) and the McDonald's app (built with
Ionic).
Each approach—native, web, and hybrid—has its own advantages and considerations, so
the choice depends on factors like target platform, desired features, development resources,
and user experience requirements. 49
MUC – IT5050
LESSON 5
Summary Report
MANET- Mobile Ad Hoc Networks
L H A N N Buddhadasa – MS23002456
50
mobile Ad hoc Networks (MANETs) are self-configuring networks composed of mobile
devices or nodes that communicate with each other without the need for a centralized
infrastructure. In MANETs, nodes act as both endpoints and routers, relaying data for other
nodes in the network. Here are some key characteristics and concepts related to MANETs:
 Infrastructure-less: MANETs do not rely on any pre-existing infrastructure such as
routers or access points. Instead, the nodes form a decentralized network where each
node can act as a router, forwarding packets to other nodes.
 Dynamic Topology: The topology of a MANET can change frequently as nodes move,
join, or leave the network. Nodes may enter or exit the network at any time, causing
the network structure to adapt dynamically.
 Ad hoc Routing Protocols: MANETs employ ad hoc routing protocols that enable
nodes to discover and maintain routes to other nodes in the network. These protocols
determine the most efficient path for data transmission, considering factors such as
node mobility and network conditions.
 Limited Resources: Mobile devices in MANETs typically have limited resources such
as battery power, processing capabilities, and memory. Efficient resource management
and energy conservation are important considerations in MANET design.
51
 Multihop Communication: Since MANETs lack a centralized infrastructure,
communication between nodes often requires multiple hops through intermediate
nodes. Each node acts as a relay, forwarding packets to the destination, enabling
communication over longer distances.
 Security Challenges: MANETs face security challenges due to their decentralized and
dynamic nature. Threats such as node misbehavior, eavesdropping, routing attacks,
and data integrity issues need to be addressed to ensure secure communication.
 Applications: MANETs find applications in scenarios where a fixed infrastructure is
unavailable, unreliable, or impractical. They are particularly useful in military
operations, disaster management, remote areas with limited connectivity, and in ad hoc
social or collaborative networks.
MANETs pose several research and implementation challenges, including efficient
routing, energy management, security, quality of service (QoS) provisioning, and
scalability. Various routing protocols have been developed specifically for MANETs, such
as Ad hoc On-Demand Distance Vector (AODV), Dynamic Source Routing (DSR), and
Optimized Link State Routing (OLSR), among others.
Overall, MANETs offer a flexible and adaptable networking solution, enabling mobile
devices to communicate and collaborate without relying on a fixed infrastructure, opening
up possibilities for innovative and resilient communication in diverse environments. 52

14. MANETs have several advantages that make them unique and suitable for various scenarios.
Here's an overview of the key points you mentioned:
 Easy to Configure: MANETs are designed to be easily configurable, allowing nodes to
join or leave the network seamlessly. The decentralized nature of MANETs eliminates
the need for manual configuration or centralized control, making it convenient to set up
and maintain the network.
 Rapidly Deployable: MANETs can be rapidly deployed in situations where establishing
a traditional network infrastructure is not feasible or time-consuming. Nodes can form
a network on-the-fly, without the need for pre-existing infrastructure, allowing for
quick deployment in emergency situations or ad hoc environments.
 Existing Infrastructure not Needed: Unlike traditional networks that rely on fixed
infrastructure such as routers or access points, MANETs operate independently of any
existing infrastructure. This makes MANETs suitable for scenarios where there is no
pre-existing network infrastructure or where the infrastructure is unreliable or
unavailable.
 Wireless Link: MANETs utilize wireless communication for node-to-node
connectivity. Nodes communicate with each other using wireless links, which can be
established using Wi-Fi, Bluetooth, or other wireless technologies. The absence of
physical wired connections allows for greater mobility and flexibility. 53
 Dynamic Topology, Nodes are Mobile: MANETs have a dynamic topology due to the
mobility of the nodes. Nodes can move freely within the network, resulting in a
constantly changing network topology. Ad hoc routing protocols in MANETs adapt
to these changes, finding and maintaining optimal routes to ensure efficient
communication.
 Standalone Network or Connected to an External Network: A MANET can operate as
a standalone network, enabling communication between nodes within the MANET
itself. However, it can also be connected to an external network, such as the internet,
to facilitate communication between the MANET and nodes outside of it. This
connectivity can be achieved through gateways or specific protocols for
interconnecting MANETs and external networks.
These features make MANETs versatile and suitable for a wide range of applications, such
as military operations, disaster response, outdoor events, vehicular networks, and scenarios
where traditional infrastructure is limited or impractical. MANETs provide a self-
configuring and adaptable network solution that can be quickly deployed and offers
wireless connectivity even in dynamic and challenging environments.
54
characteristics of Mobile Ad hoc Networks (MANETs)
Multihop Mobility: In MANETs, nodes communicate with each other through multiple
hops, utilizing other nodes as relays to transmit data. This enables communication over
longer distances, especially in scenarios where direct communication between nodes is
not possible due to limited transmission range.
Mobile Nodes with Limited Resources: Nodes in MANETs, such as smartphones or
laptops, are characterized by limited resources, including memory, weight, power, and
processing capabilities. These limitations need to be taken into account when designing
and optimizing protocols for MANETs.
Minimum Human Intervention for Configuration: MANETs are designed to operate
with minimal human intervention in terms of network configuration. The network can
self-organize and adapt to changing conditions, such as node movements or join/leave
operations, without requiring manual configuration by network administrators.
Dynamic Topologies: MANETs have dynamic and changing topologies due to the
mobility of nodes. Nodes can move independently, resulting in the continuous
reconfiguration of network connectivity. Routing protocols in MANETs need to handle
these dynamic topologies efficiently. 55
Bandwidth-Constrained, Variable Capacity Links: The links between nodes in
MANETs may have limited bandwidth and varying capacity. This can be due to
factors such as interference, node mobility, or channel conditions. MANET protocols
need to consider these constraints when optimizing data transmission and resource
allocation.
Autonomous Behavior: Nodes in MANETs operate autonomously, making their own
decisions about routing, resource management, and communication. Each node
participates in the network as an equal entity, contributing to the overall network
functionality.
Energy-Constrained Operation: Nodes in MANETs are typically powered by limited
energy sources, such as batteries. Energy conservation is critical in MANETs to
maximize the operational lifetime of nodes. Energy-aware protocols and strategies are
employed to minimize energy consumption.
Limited Security: MANETs present security challenges due to their decentralized and
dynamic nature. The absence of a centralized authority and the potential for malicious
nodes make securing MANETs a complex task. Security mechanisms such as
authentication, encryption, and intrusion detection are essential to protect the network.
56

15. Less Human Intervention: MANETs aim to reduce the need for human intervention in
network operation and maintenance. The network is designed to self-organize, self-
heal, and adapt to changing conditions with minimal manual configuration or
intervention.
These characteristics shape the behavior and operation of MANETs, addressing the unique
challenges and considerations associated with mobile and self-configuring networks.
Types of MANETS
Infrastructure-based MANETs: These MANETs have a centralized infrastructure or a
fixed base station that provides connectivity and coordination among the nodes. The
base station serves as a central point for routing, resource management, and control.
This type of MANET is suitable for scenarios where some level of infrastructure
support is available, such as urban environments or military bases.
Infrastructure-less MANETs: These MANETs operate without any centralized
infrastructure or base station. Nodes in the network communicate directly with each
other, forming a decentralized and self-organizing network. Infrastructure-less
MANETs are often used in scenarios where there is no existing infrastructure or in
situations requiring rapid deployment and mobility, such as disaster areas or remote
locations. 57
Delay-Tolerant MANETs: Delay-Tolerant MANETs (DTMANETs) are designed for
environments with intermittent or unpredictable network connectivity. These
networks may have long delays, disruptions, or gaps in connectivity. Nodes in
DTMANETs store and forward messages opportunistically whenever network
connectivity is available. They are commonly used in scenarios such as remote areas,
rural regions, or environments with limited network infrastructure.
Vehicular Ad hoc Networks (VANETs): VANETs are MANETs specifically designed
for communication between vehicles on the road. These networks enable vehicles to
exchange information about traffic conditions, accidents, road hazards, and other
relevant data. VANETs can enhance road safety, traffic efficiency, and enable vehicle-
to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication.
Mobile Sensor Networks: Mobile Sensor Networks (MSN) are MANETs that involve
mobile sensor nodes. These networks are used in various applications, such as
environmental monitoring, surveillance, and disaster management. Mobile sensor
nodes can move freely, collecting data from different locations and transmitting it to
a central base station or other nodes in the network.
58
 Flying Ad hoc Networks (FANETs): FANETs are MANETs composed of autonomous
flying devices, such as drones or unmanned aerial vehicles (UAVs). FANETs enable
communication and coordination between flying devices for applications such as aerial
surveillance, search and rescue operations, or aerial data collection.
These are just a few examples of the types of MANETs that exist. Each type has its own
characteristics, requirements, and use cases, depending on the specific application and
environment in which it is deployed.
Mechanism for manet
 Multihop Routing Mechanism: MANETs rely on multihop routing mechanisms to
establish communication paths between nodes that are not within direct transmission
range of each other. Various routing protocols are used in MANETs, such as Ad hoc
On-Demand Distance Vector (AODV), Dynamic Source Routing (DSR), and
Optimized Link State Routing (OLSR). These protocols enable nodes to discover and
maintain routes to other nodes in the network, allowing for efficient data transmission
through multiple hops.
 Internet Access Mechanism: MANETs can be connected to the internet through
gateways or specific protocols designed for interconnecting MANETs with external
networks. 59
Gateways act as intermediaries between the MANET and the internet, facilitating
communication between MANET nodes and nodes outside the MANET. Protocols
like Proxy Mobile IPv6 (PMIPv6) or Mobile IP can be used to enable internet access
for MANET nodes while preserving their mobility.
 Mechanism for Network Merging: When multiple MANETs come into proximity, a
mechanism is required to detect and act on the merging of the existing networks. This
mechanism can involve network discovery protocols, such as HELLO messages
exchanged between nodes, to identify neighboring networks. Once the merging is
detected, the MANETs need to synchronize their routing tables and network
parameters to ensure seamless communication and avoid routing conflicts.
 Address Allocation Mechanism: MANETs require an address allocation mechanism
to assign unique addresses to individual nodes in the network. Dynamic Host
Configuration Protocol (DHCP) can be used to allocate IP addresses to nodes in a
dynamic manner. Other mechanisms, such as address auto-configuration or distributed
address assignment protocols, can also be employed to ensure self-configurability and
flexibility in address allocation.
 Security Mechanism: MANETs face security challenges due to their decentralized and
dynamic nature. 60

16.  Security mechanisms are crucial to protect the network from attacks and ensure the
confidentiality, integrity, and availability of data. These mechanisms include
authentication and access control mechanisms to verify the identity of nodes,
encryption techniques to secure data transmission, intrusion detection systems to detect
malicious activities, and key management protocols to establish and maintain secure
communication channels.
Each of these mechanisms plays a vital role in the efficient and secure operation of
MANETs, enabling them to establish communication, adapt to dynamic network conditions,
ensure address uniqueness, and protect against security threats.
Transmission standards
 Piconet: Piconet is a wireless communication standard used in Bluetooth technology.
In a piconet, one device acts as a master, while other devices, known as slaves, connect
to it. Piconets are typically used for short-range communication, allowing devices to
exchange data and establish connections.
 Home RF (Radio Frequency): Home RF is a wireless communication standard designed
for home networking applications. It operates in the 2.4 GHz frequency band and
supports voice and data transmission. Home RF provides a convenient way to connect
devices within a home environment, such as computers, telephones, and consumer
electronics. 61
 IEEE 802.11 Wireless LAN WG: The IEEE 802.11 Wireless LAN Working Group
defines standards for wireless local area networks (LANs). The most common
standard within this group is IEEE 802.11b/g/n, which operates in the 2.4 GHz
frequency band. These standards are used for wireless networking, allowing devices
to connect to a LAN and access the internet or other network resources.
 Bluetooth SIG (Special Interest Group): Bluetooth SIG is an organization that
oversees the development and promotion of Bluetooth technology. Bluetooth operates
in the 2.4 GHz frequency band and is used for short-range wireless communication
between devices. Bluetooth enables various applications, including wireless audio
streaming, file transfer, and device connectivity.
 IrDA (Infrared Data Association): IrDA is a standard that uses infrared (IR)
technology for wireless communication. It operates by transmitting data using infrared
light pulses. IrDA is commonly used for short-range communication between devices,
such as infrared data transfer between mobile phones, printers, and other devices.
These transmission standards provide different options for wireless communication, each
with its own characteristics, range, and applications. They enable wireless connectivity
and data exchange between devices, promoting convenience and flexibility in various
scenarios. 62
MANET Security
Authentication and Access Control: To ensure secure communication, authentication
mechanisms are employed to verify the identities of participating nodes in the network.
Access control mechanisms, such as encryption and secure key exchange protocols, are
used to prevent unauthorized access to the network.
Secure Routing Protocols: Routing protocols in MANETs need to be secure against
attacks such as routing table manipulation, selective forwarding, or sinkhole attacks.
Secure routing protocols incorporate mechanisms to detect and mitigate these attacks,
such as cryptographic techniques, secure route discovery, or reputation-based routing.
Intrusion Detection and Prevention: Intrusion detection and prevention systems are
used to detect and respond to malicious activities in the network. These systems employ
techniques such as anomaly detection, signature-based detection, or behavior-based
detection to identify and mitigate attacks in real-time.
Key Management: Key management is crucial for secure communication in MANETs.
Mechanisms for key distribution, establishment, and revocation are employed to ensure
that nodes can securely communicate with each other and prevent unauthorized access
to the network. 63
Secure Data Transmission: Encryption techniques, such as symmetric or asymmetric
encryption, are used to protect data during transmission in MANETs. This ensures that
even if the data is intercepted, it remains confidential and cannot be accessed by
unauthorized parties.
Trust and Reputation Systems: Trust and reputation systems can be utilized in
MANETs to assess the reliability and trustworthiness of nodes. These systems
consider factors such as node behavior, past interactions, and recommendations from
other nodes to determine the trustworthiness of a node and make informed decisions
regarding communication and cooperation.
Physical Layer Security: In addition to securing the network protocols and data
transmission, physical layer security measures can be employed in MANETs. This
includes techniques such as radio frequency (RF) signal jamming detection, signal
strength-based localization, or secure antenna beamforming to protect against physical
layer attacks.
It is important to note that securing MANETs is a challenging task due to the absence of a
centralized authority, the dynamic topology, and the limited resources of the nodes.
Therefore, a combination of security mechanisms, including encryption, authentication,
intrusion detection, and secure routing, needs to be employed to provide robust security in
MANETs. 64

17. MILITARY SCENARIO.
In a military scenario, Mobile Ad hoc Networks (MANETs) can play a crucial role in
enabling secure and efficient communication among military personnel and equipment in
the field. Here's how MANETs can be utilized in various military scenarios:
Sensor Network: MANETs can be used to deploy a sensor network for military
surveillance purposes. Sensors deployed in the field can form a self-configuring
MANET, allowing them to communicate with each other and relay data back to a
central command or control center. This enables real-time monitoring of the battlefield,
detection of enemy movements, or environmental conditions.
Rescue Operation: During rescue operations in disaster-stricken areas or combat zones,
MANETs can facilitate communication among search and rescue teams, medical
personnel, and command centers. MANETs provide reliable and flexible
communication channels, allowing teams to coordinate efforts, share real-time
information about survivors, and optimize rescue operations.
Student on Campus: In a campus environment, MANETs can be used to provide
connectivity among students, faculty, and staff. MANETs allow for seamless
communication, file sharing, and collaboration without relying on a fixed
infrastructure. This can be particularly useful in remote or temporary campus setups,
field research, or training exercises. 65
Free Internet Sharing: MANETs can enable free internet sharing among users in areas
where traditional internet infrastructure is limited or unavailable. By forming a self-
configuring network, MANET nodes can share their internet connectivity with others,
creating an ad hoc network that provides internet access to all participating devices.
This can be valuable in military camps, remote outposts, or during missions in areas
with limited communication infrastructure.
Conference: In a conference setting, MANETs can be utilized to provide wireless
communication among participants. MANETs allow attendees to exchange
information, share documents, and collaborate without the need for a dedicated
infrastructure. MANETs can also facilitate real-time polling, voting, or interactive
sessions during the conference.
In all of these scenarios, the use of MANETs provides advantages such as rapid
deployment, flexibility, and resilience to changes in the network topology. However, it's
important to consider the security aspects of MANETs in military applications to ensure
the confidentiality, integrity, and availability of sensitive information exchanged within
the network.
66
MUC – IT5050
LESSON 4
Summary Report
NFC – Near Field Communication
L H A N N Buddhadasa – MS23002456
67
Near Field Communication (NFC) is a short-range wireless communication technology that
enables devices to exchange data over a short distance, typically within a few centimeters.
Here's an overview of NFC, including its history, operation, communication mode,
comparison with other technologies, advantages, disadvantages, applications, security
threats, and security solutions:
History: NFC technology was developed in the early 2000s by Sony, Philips, and Nokia. It
is based on radio frequency identification (RFID) technology and builds upon the existing
contactless card standards.
Operation on NFC: NFC operates on the principle of electromagnetic induction. It uses
magnetic fields to establish communication between two NFC-enabled devices. It operates
in two modes: active and passive. In the active mode, both devices generate their own radio
frequency field and exchange data. In the passive mode, one device generates the radio
frequency field, and the other device only responds to it.
Communication Mode: NFC supports two communication modes: peer-to-peer mode and
reader/writer mode. In peer-to-peer mode, two NFC-enabled devices can exchange data
between each other. In reader/writer mode, an NFC-enabled device can read or write
information to NFC tags or smart cards.
68

18. Comparison with Bluetooth and Infrared: NFC has several advantages over Bluetooth and
infrared technologies. Unlike Bluetooth, NFC does not require complex pairing processes
and has faster connection establishment. NFC also consumes less power compared to
Bluetooth. In contrast to infrared, NFC does not require line-of-sight communication, and
the transfer speed is generally faster.
Advantages:
1. Easy and quick connection establishment between devices.
2. Simple and intuitive to use.
3. Low power consumption.
4. Supports secure communication through encryption.
5. Works in close proximity, providing added security.
Disadvantages:
1. Limited range of communication (a few centimeters).
2. Lower transfer speed compared to technologies like Wi-Fi or Bluetooth.
3. Not as widely supported on all devices as Bluetooth or Wi-Fi.
4. Vulnerable to eavesdropping and unauthorized access if not properly secured.
69
Applications:
1. Contactless payments, such as mobile payments and digital wallets.
2. Access control systems, including keycards and electronic locks.
3. Information exchange between devices, such as sharing contacts, photos, or files.
4. Ticketing systems for public transportation, events, or movie theaters.
5. Simplifying device pairing, such as connecting Bluetooth devices or Wi-Fi
networks.
Security Threats: Common security threats in NFC include eavesdropping, data
modification, relay attacks, and NFC tag cloning. Attackers can intercept or manipulate
data during communication, relay signals to deceive devices, or clone NFC tags for
unauthorized access.
Security Solutions: To enhance security in NFC, measures such as encryption,
authentication, and secure element integration can be implemented. Encryption ensures
that data transmitted over NFC remains confidential. Authentication mechanisms verify
the identities of devices before establishing communication. Secure elements, such as
secure chips or SIM cards, can be used to store sensitive data and perform secure
operations.
70
It's important to note that the security of NFC relies on proper implementation and
adherence to security protocols by device manufacturers and application developers.
Overall, NFC offers convenient and secure communication for a variety of applications, but
proper security measures must be implemented to mitigate potential risks and ensure the
privacy and integrity of data exchanged.
NFC operates in three main modes:
Card Emulation Mode: In this mode, an NFC-enabled device behaves like a contactless
smart card or tag. It can store information, such as credit card details or access
credentials, and be used for contactless payments or access control. When another NFC
device, like a card reader, comes into proximity, the NFC-enabled device emulates a
card and allows the reader to interact with it as if it were a physical card.
Peer-to-Peer Mode: This mode enables two NFC-enabled devices to communicate with
each other by establishing an NFC connection. It allows for the exchange of various
types of data, such as contacts, photos, videos, or files. Peer-to-peer mode is used for
applications like file sharing, wireless communication between devices, and initiating
actions on one device based on information from another device.
71
Read/Write Mode: In this mode, an NFC-enabled device can read or write data to NFC
tags or other NFC-enabled devices. NFC tags are small passive devices that can store
information, such as URLs, text, or commands. When an NFC-enabled device is
brought close to an NFC tag, it can read the information stored on the tag. Additionally,
some NFC-enabled devices can also write data to NFC tags, allowing them to update
or modify the information on the tag.
These three modes of NFC provide versatility and enable a wide range of applications,
including contactless payments, device pairing, data exchange, and interaction with NFC
tags in various scenarios. The specific mode used depends on the intended use case and the
capabilities of the NFC-enabled devices involved in the communication.
72

19. MUC – IT5050
LESSON 3
Summary Report
WiFi Networks and Applications
L H A N N Buddhadasa – MS23002456
73
Wi-Fi technology addresses several needs and provides numerous benefits in today's
connected world. Here are some key reasons for the need of Wi-Fi technology:
Wireless Connectivity: Wi-Fi technology allows devices to connect to networks and
the internet without the need for physical wired connections. It provides wireless
connectivity, enabling users to access information, communicate, and share data
seamlessly across devices.
Convenience and Mobility: Wi-Fi offers convenience and mobility by allowing users
to connect to networks and access the internet from anywhere within the coverage
area. Users can move freely with their devices, without being restricted by cables or
physical connections.
Broad Device Compatibility: Wi-Fi is supported by a wide range of devices, including
smartphones, tablets, laptops, gaming consoles, smart TVs, and IoT devices. Its
compatibility across different device types makes it a versatile and widely adopted
technology.
Internet Access Sharing: Wi-Fi enables multiple devices to share a single internet
connection. This is particularly useful in homes, offices, and public spaces where
multiple users and devices need internet access simultaneously.
74
High-Speed Data Transfer: Wi-Fi technology provides high-speed data transfer rates,
allowing for fast downloads, uploads, and streaming. This is essential for applications
that require large data transfers, such as video streaming, online gaming, file sharing,
and cloud-based services.
Scalability and Flexibility: Wi-Fi networks can be easily expanded or modified to
accommodate additional devices or cover larger areas. They offer scalability, allowing
networks to grow as the number of connected devices increases. Wi-Fi also provides
flexibility, as new devices can be added or removed from the network without the need
for rewiring.
Connectivity in Remote Areas: Wi-Fi technology enables connectivity in areas where
wired infrastructure is unavailable or costly to deploy. It provides an efficient and cost-
effective solution for extending internet access to remote locations, rural areas, and
developing regions.
Public Wi-Fi Access: Wi-Fi hotspots in public areas, such as cafes, airports, hotels, and
libraries, allow individuals to access the internet without consuming mobile data.
Public Wi-Fi access provides convenience for users on the go and promotes digital
inclusion.
75
Internet of Things (IoT) Connectivity: Wi-Fi plays a crucial role in connecting IoT
devices, allowing them to communicate with each other and transfer data to cloud
platforms for analysis and control. Wi-Fi provides a reliable and widely adopted
wireless connectivity option for IoT deployments.
Productivity and Collaboration: Wi-Fi enables seamless collaboration and productivity
in various settings, such as offices, educational institutions, and business
environments. It allows users to access shared resources, communicate, and
collaborate across devices, fostering teamwork and efficient workflows.
Overall, the need for Wi-Fi technology arises from the growing demand for wireless
connectivity, mobility, high-speed data transfer, and device compatibility in today's
connected world. It has become an integral part of our daily lives, supporting a wide range
of applications and enhancing productivity, communication, and access to information.
Limitations of WiFi
Range: Wi-Fi signals have limited range, typically a few hundred feet indoors. The range
can be affected by physical obstacles like walls, floors, and distance from the router. This
limitation may require additional access points or range extenders to ensure coverage
throughout a larger area. 76

20. Interference: Wi-Fi signals can be affected by interference from other electronic
devices operating on the same frequency bands, such as cordless phones, microwave
ovens, Bluetooth devices, and neighboring Wi-Fi networks. Interference can degrade
signal quality and reduce network performance.
Speed: While Wi-Fi technology has improved significantly over the years, it still may
not match the speeds offered by wired connections, such as Ethernet. The actual
throughput experienced on a Wi-Fi network may be lower than the theoretical
maximum due to factors like network congestion, distance from the access point, and
signal interference.
Security: Wi-Fi networks can be vulnerable to security threats if not properly secured.
If Wi-Fi security measures are not implemented, unauthorized users can potentially
gain access to the network, intercept data, or launch attacks. It is crucial to use strong
encryption, secure authentication protocols, and regularly update security settings to
mitigate these risks.
Cost: Setting up a Wi-Fi network involves the initial investment in hardware, including
routers, access points, and network infrastructure. The cost of Wi-Fi equipment and
installation can vary depending on the scale and complexity of the network.
Additionally, maintenance and upgrades may incur ongoing costs. 77
Power Consumption: Wi-Fi-enabled devices, particularly battery-powered devices
like smartphones and tablets, consume more power when connected to Wi-Fi
networks compared to when they are in standby mode or not connected to a network.
Continuous Wi-Fi usage can drain device batteries faster, necessitating frequent
recharging.
It's worth noting that advancements in Wi-Fi technology, such as the introduction of newer
standards (e.g., Wi-Fi 6 and Wi-Fi 6E), can address some of these limitations to varying
degrees. However, it is important to understand and consider these limitations when
planning and deploying Wi-Fi networks to ensure optimal performance, security, and user
experience.
Basic Service Set (BSS) and Extended Service Set (ESS) are two fundamental concepts in
Wi-Fi networking. Let's understand each of them:
Basic Service Set (BSS): A BSS is the most basic building block of a Wi-Fi network.
It consists of a single access point (AP) and the wireless devices (stations) associated
with it. In a BSS, the AP acts as a central point that coordinates communication
between the connected devices. The BSS can be thought of as a single-cell network,
where devices communicate directly with the AP.
78
Within a BSS, devices use the same radio channel and have the same Service Set Identifier
(SSID), which is the network name that identifies the BSS. The BSS can operate in either
ad-hoc mode, where devices communicate directly with each other without an AP, or
infrastructure mode, where devices communicate through the AP.
Extended Service Set (ESS): An ESS is formed when multiple BSSs are interconnected
to create a larger Wi-Fi network. In an ESS, multiple APs are deployed, each with its
own BSS, but they share the same SSID, allowing devices to seamlessly roam between
different APs without losing network connectivity. The APs in an ESS are typically
connected through a wired backbone network.
With an ESS, devices can move between different BSSs within the same network,
maintaining continuous network access as they transition between AP coverage areas. This
enables users to move around a physical area, such as an office building or a campus,
without experiencing disconnections or the need to manually switch networks.
ESS provides extended coverage and capacity by distributing Wi-Fi access points
strategically to ensure seamless connectivity across a larger area. It allows devices to
connect to the AP with the strongest signal or least congestion, improving overall network
performance and user experience.
79
In summary, a Basic Service Set (BSS) refers to a single access point and its associated
devices, while an Extended Service Set (ESS) encompasses multiple BSSs interconnected
to form a unified Wi-Fi network with seamless roaming capabilities.
wifi innovations
Wi-Fi technology has undergone continuous innovation and advancements over the years
to meet the growing demands for faster speeds, increased capacity, improved security, and
enhanced user experience. Some notable Wi-Fi innovations include:
Wi-Fi 6 (802.11ax): Wi-Fi 6 is the latest generation of Wi-Fi technology, offering
significant improvements over its predecessors. It provides higher data rates, increased
capacity, reduced latency, and improved performance in congested environments. Wi-
Fi 6 employs advanced features like Orthogonal Frequency Division Multiple Access
(OFDMA) and Multi-User Multiple Input Multiple Output (MU-MIMO) to support
simultaneous connections with multiple devices, resulting in more efficient and
reliable data transmission.
Wi-Fi 6E: Wi-Fi 6E extends the capabilities of Wi-Fi 6 to the 6 GHz frequency band,
in addition to the traditional 2.4 GHz and 5 GHz bands. The availability of the 6 GHz
band offers additional spectrum for Wi-Fi, enabling higher bandwidth and reduced
interference. 80

21. Wi-Fi 6E is expected to deliver even faster speeds and better performance for
bandwidth-intensive applications and crowded network environments.
Wi-Fi Mesh Networks: Mesh networking has revolutionized the way Wi-Fi networks
are deployed in homes and businesses. Mesh networks consist of multiple
interconnected access points that work together to provide seamless coverage over a
larger area. Mesh networks dynamically route data between access points to ensure
optimal performance and eliminate dead zones. They offer improved reliability,
extended coverage, and simplified network management compared to traditional single-
router setups.
WPA3 (Wi-Fi Protected Access 3): WPA3 is the latest security protocol for Wi-Fi
networks, replacing the older WPA2. It introduces stronger encryption algorithms and
provides enhanced protection against security vulnerabilities, such as brute-force
attacks and password guessing. WPA3 also offers individualized data encryption,
protecting data even if the Wi-Fi network is compromised.
Wi-Fi Direct: Wi-Fi Direct enables direct device-to-device communication without the
need for a traditional Wi-Fi network or access point. It allows devices to connect to
each other in a peer-to-peer manner, facilitating easy file sharing, media streaming,
printing, and other interactions. Wi-Fi Direct simplifies device connectivity and enables
quick ad-hoc connections between compatible devices. 81
Wi-Fi 6E and Wi-Fi Aware: Wi-Fi 6E introduces support for Wi-Fi Aware, a
technology that enables devices to discover and communicate with nearby devices
without the need for an internet connection or pre-existing network infrastructure. Wi-
Fi Aware facilitates proximity-based services, such as social networking, local
information sharing, and IoT device discovery.
These Wi-Fi innovations, among others, have significantly enhanced the capabilities of
wireless networks, providing faster speeds, wider coverage, improved security, and more
seamless connectivity. As technology continues to evolve, Wi-Fi is expected to undergo
further advancements to meet the ever-increasing demands of our connected world.
82
MUC – IT5050
LESSON 2
Summary Report
Mobile Handset Cellular Networks
L H A N N Buddhadasa – MS23002456
83
Mobile handset cellular networks, commonly referred to as cellular networks or mobile
networks, are telecommunication networks designed to provide wireless communication
for mobile devices, such as smartphones, tablets, and feature phones. These networks allow
users to make voice calls, send text messages, and access data services while on the move.
The primary components of mobile handset cellular networks include:
Base Stations (Cell Towers): Base stations, also known as cell towers, are physical
structures equipped with antennas that transmit and receive signals to and from mobile
devices within their coverage areas. They are strategically placed to provide broad
coverage and ensure seamless connectivity.
Mobile Switching Center (MSC): The MSC is a central component of the cellular
network that connects base stations to the wider telecommunications network. It
manages call routing, switching, and other network functions to facilitate voice and
data communications.
Home Location Register (HLR) and Visitor Location Register (VLR): The HLR stores
subscriber information, including phone numbers, account details, and service profiles,
for the subscribers registered with a particular network operator. The VLR stores
temporary subscriber information when users are roaming in a different network's
coverage area. 84

22. Mobile Switching Center – Gateway Mobile Switching Center (MSC-GMSC): The
MSC-GMSC serves as a gateway between the mobile network and the external
networks, such as the Public Switched Telephone Network (PSTN) or the internet. It
enables communication between mobile devices and devices connected to other
networks.
Authentication Center (AuC): The AuC authenticates and verifies the identity of mobile
devices and subscribers when they attempt to connect to the cellular network. It ensures
secure access to the network and protects against unauthorized usage.
Mobile Subscriber ISDN Number (MSISDN): The MSISDN is a unique number
assigned to each mobile device, representing its phone number. It allows other devices
to initiate calls or messages to a specific mobile device.
Subscriber Identity Module (SIM): The SIM is a small card inserted into mobile devices
that stores subscriber information, including the unique International Mobile
Subscriber Identity (IMSI) and authentication data. It allows users to access mobile
network services and identifies them within the network.
Various Cellular Network Technologies: Cellular networks employ different
technologies, such as 2G (GSM), 3G (UMTS), 4G (LTE), and 5G, to provide different
levels of performance, data speeds, and capabilities. 85
These components work together to enable mobile communication by establishing
connections between mobile devices, base stations, and the wider telecommunications
infrastructure. Mobile networks facilitate voice calls, messaging, internet access, and other
data services, allowing users to stay connected while on the move.
Cellular Network Basics
 Cellular Services: Cellular networks provide various types of services, including voice
calls, messaging (SMS), multimedia messaging (MMS), and data services. These
services allow users to communicate and access information using their mobile
devices.
 Radio-Based Technology: Cellular networks rely on radio waves for communication.
Radio waves are a type of electromagnetic wave that can be transmitted and received
by antennas. Mobile devices and base stations (cell towers) use antennas to send and
receive signals, enabling wireless communication.
 Frequency Bands: Cellular signals operate within specific frequency bands. The most
commonly used frequency bands for cellular networks include 850 MHz, 900 MHz,
1800 MHz, and 1900 MHz. Different regions and countries may use specific
frequency bands based on regulatory requirements.
 Cell Towers: Cell towers, also known as base stations, are physical structures
equipped with antennas that transmit and receive signals to and from mobile devices.
86
They are strategically located to provide coverage in specific areas, which are divided
into cells.
 Cell Structure: Cellular networks are divided into cells to manage the allocation of
resources and optimize coverage. Each cell is served by a specific base station and has
a limited geographic area it covers. The cells are arranged in a hexagonal grid pattern
to minimize interference and allow seamless handover of calls between cells.
 Handover: Handover is the process of transferring an ongoing call or data session from
one cell to another as a user moves within the coverage area. This ensures continuity
of the communication without interruption.
 Network Infrastructure: Cellular networks consist of various network elements,
including Mobile Switching Centers (MSCs), Home Location Registers (HLRs),
Visitor Location Registers (VLRs), authentication centers, and data centers. These
elements work together to manage call routing, subscriber information, authentication,
and network operations.
 Roaming: Roaming allows users to access cellular services outside the coverage area
of their home network. When traveling to a different location, the mobile device
connects to a visited network, and the user can make calls, send messages, and use data
services. Roaming agreements between network operators enable this seamless
connectivity. 87
Cellular Network
Base Station Transmission: Base stations, also known as cell towers, transmit signals
to mobile devices and receive signals from them using the assigned spectrum. The base
station serves as a communication hub for the mobile network in a specific geographic
area.
Spectral Reuse: To maximize the utilization of the available spectrum, multiple base
stations in a cellular network use the same frequency bands. This concept is known as
spectral reuse. By carefully planning the placement of base stations and controlling
their transmit power, operators can reuse the spectrum across different cells without
significant interference.
Cells: The service area covered by each base station is divided into individual cells.
Each cell represents a geographical region where mobile devices can connect to the
network. Cells are typically shaped in a hexagonal pattern to ensure optimal coverage
and minimize overlap between adjacent cells.
Closest Base Station: When a mobile device initiates a call or data session, it connects
to the base station that provides the strongest signal or is the closest in proximity. This
base station becomes the serving base station for that mobile device during the session.
88

23. Handoff: As mobile devices move within the network, their connection is handed off
from one base station to another. This process is called handoff or handover. Handoff
ensures uninterrupted communication as the mobile device transitions from the
coverage area of one base station to another. The handoff decision is based on factors
such as signal strength, quality, and other network parameters.
By dividing the coverage area into cells and employing handoff mechanisms, cellular
networks enable mobile devices to maintain continuous connectivity and communication
while on the move. This architecture allows for efficient spectrum utilization, seamless
coverage, and the ability to serve a large number of mobile users within a given area.
Types of Handoffs
Soft Handoff: Soft handoff, also known as soft handover, occurs when a mobile device
is within the coverage range of multiple base stations or cells. During a soft handoff,
the mobile device maintains simultaneous connections with multiple base stations,
allowing for seamless transition between them. This improves call quality, reduces call
drops, and enhances overall network reliability.
Hard Handoff: Hard handoff, also referred to as hard handover, involves the complete
disconnection from one base station before connecting to another. The handoff process
occurs quickly, and there is a brief interruption in the communication during the
transition. 89
Hard handoffs are commonly used in older cellular network technologies, such as 2G
(GSM), where simultaneous connections with multiple base stations are not
supported.
Forced Handoff: A forced handoff occurs when a mobile device is required to switch
to a different base station or cell due to specific network conditions or performance
requirements. It can be triggered by factors such as signal strength, congestion, or
network capacity limitations. The network operator or system controls initiate the
forced handoff to ensure efficient utilization of network resources.
Delayed Handoff: Delayed handoff occurs when a handoff decision is made by the
network but is intentionally delayed due to specific network conditions. It allows the
system to monitor the quality of the target cell before performing the handoff. Delayed
handoff helps prevent unnecessary handoffs and ensures that the target cell provides
better signal quality and service for the mobile device.
Mobile-Assisted Handoff: Mobile-assisted handoff, also known as mobile-initiated
handoff, involves the mobile device actively participating in the handoff decision-
making process. The mobile device measures signal quality, signal strength, and other
network parameters to determine when to request a handoff. 90
The decision is based on the mobile device's assessment of available base stations'
quality rather than relying solely on the network system's measurements.
Intersystem Handoff: Intersystem handoff occurs when a mobile device moves between
cellular networks of different technologies or service providers. For example,
transitioning from a 4G LTE network to a 3G network or switching between different
network operators. Intersystem handoffs require coordination and authentication
between the networks involved to ensure a seamless transition for the mobile device.
Intercell Handoff: Intercell handoff refers to the handoff process between two cells
within the same cellular network. It happens when a mobile device moves from the
coverage area of one cell to another cell, maintaining continuity of the ongoing call or
data session.
Intracell Handoff: Intracell handoff occurs within the same cell, where a mobile device
changes its connection parameters, such as frequency or power level, to optimize the
signal quality and maintain a stable connection.
These different types of handoffs enable seamless mobility and uninterrupted
communication for mobile devices as they move within the coverage area of cellular
networks. The specific type of handoff used depends on the network technology, network
conditions, and operational requirements of the cellular system. 91
Cellular Network Generations
Cellular networks have evolved through different generations to provide improved
capabilities and services. Here are the commonly recognized generations of cellular
networks:
0G: The first generation of cellular networks was primarily based on radio telephones,
which were large and often carried in briefcases. These early systems provided limited
coverage and were mainly used for voice communication.
1G: The first commercially deployed analog cellular networks fall under the 1G
generation. These networks introduced the concept of cellular telephony, allowing
mobile devices to connect to a network using analog signals. 1G networks provided
basic voice calling capabilities but had limited data capabilities.
2G: The second generation of cellular networks marked the transition to digital
communication. 2G networks utilized digital signals, which offered improved voice
quality and allowed for the development of text messaging (SMS) services. The most
well-known 2G technology is GSM (Global System for Mobile Communications).
3G: The third generation of cellular networks brought significant advancements in data
transmission. 3G networks enabled higher data speeds, allowing for the introduction
of services like mobile internet browsing, video calling, and multimedia messaging
(MMS). 92

24. The technologies associated with 3G include UMTS (Universal Mobile
Telecommunications System) and CDMA2000.
4G: The fourth generation of cellular networks, commonly known as 4G, introduced
significant improvements in data rates, network capacity, and overall performance. 4G
networks were designed to deliver high-speed, IP-based voice, data, and multimedia
services. The notable 4G technology is LTE (Long-Term Evolution), which enables
faster data rates and supports advanced applications like video streaming and online
gaming.
5G: The fifth generation of cellular networks, 5G, represents the latest advancement in
mobile network technology. 5G networks offer significantly faster data speeds, lower
latency, increased network capacity, and improved connectivity for a wide range of
devices. 5G aims to support emerging technologies like the Internet of Things (IoT),
augmented reality (AR), virtual reality (VR), and autonomous vehicles.
It's worth noting that the deployment timelines you mentioned for 4G (2012-2015) may vary
depending on the region and network operator. 4G networks have been widely deployed
globally, and 5G deployment has been ongoing since around 2019, with different stages and
rollouts in different countries.
93
GSM Technology
GSM (Global System for Mobile Communications) is a widely used second-generation
(2G) cellular technology that revolutionized the mobile communication industry. Here are
some key aspects of GSM technology:
Digital Cellular Technology: GSM is a digital cellular technology that replaced the
analog systems of the first-generation (1G) networks. It uses digital modulation
techniques to encode voice and data signals into binary format for transmission over
the airwaves.
Time Division Multiple Access (TDMA): GSM employs TDMA, a channel access
method, to allow multiple users to share the same frequency spectrum. In TDMA,
each frequency band is divided into time slots, and multiple users take turns
transmitting and receiving within their assigned time slots.
Frequency Bands: GSM operates in various frequency bands around the world,
including the 850 MHz, 900 MHz, 1800 MHz, and 1900 MHz bands. The specific
frequency band used depends on the regulatory and operational requirements of each
country or region.
SIM Cards: GSM introduced the use of Subscriber Identity Module (SIM) cards,
which are small, removable cards that store user information, including the
subscriber's phone number, contacts, and authentication data.
94
SIM cards allow users to easily switch between GSM-compatible devices and retain
their personal information.
International Roaming: One of the significant advantages of GSM is its international
compatibility. GSM networks are widely deployed worldwide, enabling users to roam
and access services in different countries. With a GSM-compatible device and a valid
SIM card, users can make and receive calls, send messages, and use data services while
traveling internationally.
Voice and Data Services: GSM initially focused on voice communication but later
evolved to support data services. GSM introduced data transmission capabilities,
including SMS (Short Message Service) for text messaging, as well as later iterations
such as GPRS (General Packet Radio Service) for packet-switched data and EDGE
(Enhanced Data rates for GSM Evolution) for higher data rates.
Security: GSM incorporates security features to protect user data and ensure secure
communication. It uses encryption algorithms to safeguard voice calls and data
transmissions over the network. The Authentication Center (AuC) and Home Location
Register (HLR) play critical roles in authenticating subscribers and managing security
functions.
95
GSM has played a crucial role in the widespread adoption of mobile communication
globally. It laid the foundation for subsequent generations of cellular technologies and has
remained a fundamental part of many networks, especially in areas where advanced
technologies like 3G and 4G are not extensively deployed.
Secrete of Upgrade
The upgrade of cellular networks aims to maximize spectrum efficiency, power efficiency,
and minimize complexity and cost. Here's a breakdown of each aspect:
Maximizing Spectrum Efficiency:
Frequency Division Multiple Access (FDMA): FDMA is a technique used in cellular
networks to divide the available frequency spectrum into multiple channels, allowing
multiple users to access the network simultaneously. It maximizes spectrum efficiency
by allocating different frequency bands to different users.
Time Division Multiple Access (TDMA): TDMA divides the available frequency
spectrum into time slots, allowing multiple users to share the same frequency channel.
Each user is assigned a specific time slot for transmitting and receiving data. TDMA
maximizes spectrum efficiency by dividing time into discrete intervals.
96

25. Code Division Multiple Access (CDMA): CDMA is a spread spectrum technique that
allows multiple users to transmit simultaneously over the same frequency band. Each
user is assigned a unique code to differentiate their signals from others. CDMA
maximizes spectrum efficiency by using codes to separate and distinguish signals.
Orthogonal Frequency Division Multiple Access (OFDMA): OFDMA is a multi-user
version of Orthogonal Frequency Division Multiplexing (OFDM). It divides the
available frequency spectrum into multiple subcarriers, which can be assigned to
different users simultaneously. OFDMA maximizes spectrum efficiency by allocating
subcarriers dynamically based on the users' needs.
Power Efficiency:
Battery Optimization: Power efficiency in cellular networks focuses on optimizing
mobile device battery usage. This involves implementing techniques such as power-
saving modes, adaptive transmission power control, and optimizing network protocols
to minimize the power consumption of mobile devices.
Minimizing Complexity:
System Simplification: The upgrade of cellular networks aims to minimize complexity
by simplifying system architecture and protocols. This simplification enhances network
reliability, reduces operational costs, and facilitates easier deployment and
maintenance.
97
Minimizing Cost:
Cost-effective Infrastructure: Cellular network upgrades aim to minimize costs by
utilizing cost-effective infrastructure solutions. This includes optimizing network
equipment, utilizing shared resources, and implementing cost-efficient deployment
strategies.
Customization: Upgrades take into consideration customer needs and requirements,
ensuring that the network upgrade aligns with their budget and cost expectations.
Customization allows network operators to offer flexible pricing plans and services to
customers.
By maximizing spectrum efficiency, power efficiency, and minimizing complexity and
cost, cellular network upgrades aim to enhance the overall performance and user
experience while ensuring efficient resource utilization and cost-effectiveness.
GSM Architecture Overview
GSM (Global System for Mobile Communications) architecture consists of several main
components that work together to provide cellular services. Here's an overview of the key
components:
Mobile Station (MS): The Mobile Station refers to the end-user device, such as a
mobile phone or a data terminal, used for communication in the GSM network.
98
It consists of two parts: the Mobile Equipment (ME), which includes the physical
device, and the Subscriber Identity Module (SIM) card, which contains subscriber-
specific information such as the phone number and authentication data.
Base Station Subsystem (BSS): The BSS is responsible for handling the radio interface
between the MS and the GSM network. It comprises two main elements:
o Base Transceiver Station (BTS): The BTS is the physical equipment that
communicates directly with the MS over the air interface. It consists of antennas
and transceivers that transmit and receive voice and data signals. The BTS is
responsible for encoding, modulation, and amplification of signals.
o Base Station Controller (BSC): The BSC acts as an intermediate control unit
between the BTS and the Mobile Switching Center (MSC). It manages the
allocation of radio channels, handover procedures, and other radio resource
management tasks. The BSC also controls multiple BTSs and handles call setup,
release, and other signaling functions.
Mobile Switching Center (MSC): The MSC is the central switching node in the GSM
network. It connects the GSM network to other networks, such as the Public Switched
Telephone Network (PSTN) or other mobile networks. The MSC handles call routing,
switching, and mobility management functions. 99
It also interfaces with various network elements, including the Home Location
Register (HLR) and Visitor Location Register (VLR), to manage subscriber
information and track their locations.
Home Location Register (HLR): The HLR is a database that stores subscriber-specific
information, including subscriber profiles, authentication keys, and location
information. It acts as the central repository for subscriber data within the GSM
network. The HLR is responsible for managing services, handling authentication, and
providing subscriber information to other network components when needed.
Visitor Location Register (VLR): The VLR is a database that stores temporary
information about subscribers who are currently within a specific area served by a
particular MSC. It holds location and roaming-related information for visiting
subscribers and allows for efficient call routing and service provisioning.
Equipment Identity Register (EIR): The EIR is a database that stores information about
mobile devices, such as their International Mobile Equipment Identity (IMEI)
numbers. It helps identify stolen or unauthorized devices and allows the network to
block or track them.
These components work together to establish and maintain voice and data communication
in the GSM network. The MS communicates with the BTS over the air interface, which is
controlled by the BSC. 100

26. The MSC handles call routing and switching, while the HLR and VLR manage subscriber
information and mobility management.
Services offered.
GSM (Global System for Mobile Communications) offers a range of services to users. Here
are some of the key services provided by GSM networks:
Voice Services: GSM networks primarily offer voice communication services. Users
can make and receive phone calls using their mobile devices. The voice services include
features such as call waiting, call forwarding, conference calling, and voicemail.
SMS (Short Message Service): GSM introduced SMS, commonly known as text
messaging, which allows users to send short text messages to other mobile phone users.
SMS has become a widely used communication method for sending quick messages
and notifications.
Data Services: GSM supports data services, allowing users to access the internet and
send/receive data over their mobile devices. This includes services like General Packet
Radio Service (GPRS), which enables mobile internet connectivity and access to online
applications, websites, and email.
Multimedia Messaging Service (MMS): MMS allows users to send multimedia content
such as pictures, videos, and audio files to other mobile devices. It enhances the
traditional SMS by adding rich media elements to messages. 101
USSD (Unstructured Supplementary Service Data): USSD is a text-based
communication protocol used for transmitting information between a mobile device
and the GSM network. It enables services like balance inquiries, prepaid top-ups, and
interactive menu systems.
Call Related Services: GSM networks offer various call-related services, such as call
forwarding (diverting incoming calls to another number), call barring (restricting
certain types of calls), call waiting (notifying users of incoming calls while they are
on a call), and call hold (placing an ongoing call on hold to answer another call).
Supplementary Services: GSM networks provide additional supplementary services
to enhance the user experience. These services include caller ID, call blocking, call
recording, call transfer, call conferencing, and more.
Roaming Services: GSM enables users to roam seamlessly between different networks
and countries, allowing them to use their mobile devices while traveling. Roaming
services ensure that users can make and receive calls, send messages, and access data
services even when they are outside their home network coverage area.
These services offered by GSM networks have evolved over time, and newer generations
of cellular technologies, such as 3G, 4G, and 5G, have introduced advanced features and
capabilities to enhance the user experience and support more data-intensive applications.
102
GSM Voice Network
The GSM (Global System for Mobile Communications) voice network is designed to
provide reliable and high-quality voice communication between mobile devices. Here are
the key components and processes involved in the GSM voice network:
Call Setup: When a user initiates a voice call, the mobile device sends a call setup
request to the network. The request includes the dialed number and other relevant
information. The request is received by the Base Station Subsystem (BSS), which
consists of the Base Transceiver Station (BTS) and the Base Station Controller (BSC).
Radio Resource Allocation: The BSS assigns a dedicated radio channel to the call for
the duration of the conversation. This is known as radio resource allocation. The BSS
manages the allocation of radio channels based on availability and quality of the signal.
Mobile Switching Center (MSC): The call setup request is then forwarded to the Mobile
Switching Center (MSC). The MSC is responsible for call routing and switching within
the GSM network. It determines the appropriate route for the call and establishes the
connection between the calling and called parties.
Home Location Register (HLR) and Visitor Location Register (VLR): The MSC
interacts with the Home Location Register (HLR) and Visitor Location Register (VLR)
databases. 103
The HLR stores subscriber information, including the subscriber's location and
services. The VLR contains temporary information about subscribers who are
currently within the coverage area of a specific MSC.
Call Routing: The MSC uses the subscriber information stored in the HLR and VLR
to route the call to the destination. It establishes a connection with the MSC serving
the called party.
Voice Transmission: Once the call is established, voice data is transmitted between the
mobile devices over the assigned radio channels. The voice signals are encoded and
modulated to ensure clear and reliable communication.
Call Handover: If the mobile device moves from one cell to another during an ongoing
call, the network performs a handover process to maintain the call. Handover ensures
seamless communication by transferring the call from the current cell to a neighboring
cell with better signal strength.
Call Termination: When either party decides to end the call, the termination request is
sent to the respective MSCs, which release the allocated resources and terminate the
connection. The billing information is recorded, and the call data is updated in the
relevant databases.
104

27. The GSM voice network ensures reliable and efficient voice communication by managing
call setup, call routing, resource allocation, and handover processes. It provides users with
the ability to make and receive calls with high-quality audio and minimal disruptions.
GSM (Global System for Mobile Communications) networks support both voice and data
calls, and the architecture involved in handling these calls includes various components and
processes. Here's an overview of the GSM voice and data call architecture:
Short Message Service Center (SMSC): The SMSC is responsible for handling SMS
(Short Message Service) messages in the GSM network. It stores and forwards SMS
messages between mobile devices. When a user sends an SMS, it is routed to the SMSC,
which then delivers it to the recipient's device.
Cell Planning (RF): Cell planning involves designing and optimizing the radio
frequency (RF) coverage areas of the GSM network. It ensures that the network
provides sufficient signal strength and capacity for voice and data communication
within each cell. Cell planning considers factors such as cell size, antenna placement,
power settings, and interference management.
Converged Networks: GSM networks have evolved to support convergence with other
networks, such as IP-based networks.
105
This allows for the integration of voice and data services from different technologies,
enabling seamless communication between GSM and other network types.
GSM Call Setup: The process of establishing a GSM voice call involves several steps:
 Call Origination: When a user initiates a voice call, the mobile device sends a call
setup request to the network. The request includes the dialed number and other
relevant information.
 Base Station Subsystem (BSS): The Base Station Subsystem (BSS) consists of the
Base Transceiver Station (BTS) and the Base Station Controller (BSC). The BSS
handles the radio interface between the mobile device and the network. It allocates
radio resources and manages the connection for the call.
 Mobile Switching Center (MSC): The call setup request is forwarded to the Mobile
Switching Center (MSC). The MSC performs call routing and switching functions.
It determines the appropriate route for the call and establishes the connection with
the destination party.
 Home Location Register (HLR) and Visitor Location Register (VLR): The MSC
interacts with the Home Location Register (HLR) and Visitor Location Register
(VLR) databases. 106
e. Voice Transmission: Once the call is established, voice data is transmitted between the
mobile devices over the allocated radio channels. The voice signals are encoded,
modulated, and transmitted over the air interface.
 The HLR stores subscriber information, while the VLR contains temporary
information about subscribers within the coverage area of a specific MSC. These
databases provide subscriber authentication, location information, and service data.
 Voice Transmission: Once the call is established, voice data is transmitted between
the mobile devices over the allocated radio channels. The voice signals are encoded,
modulated, and transmitted over the air interface.
GSM Data Call: In addition to voice calls, GSM networks support data calls for
accessing the internet and other data services. Data calls involve the following steps:
o Packet Data Protocol (PDP) Context Activation: The mobile device sends a request
to activate a Packet Data Protocol (PDP) context, which establishes a data connection
with the network.
o GPRS (General Packet Radio Service): GPRS provides packet-switched data
transmission in GSM networks. It allows for efficient use of network resources by
dividing data into packets and transmitting them over the network as needed.
o Data Routing and Transmission: The MSC routes the data packets to the appropriate
destination based on the requested service. The data is transmitted over the GPRS
network and, if necessary, through gateway nodes to reach the destination. 107
The GSM voice and data call architecture involves various components, including the
SMSC, cell planning, converged networks, and the MSC. These components work together
to establish and maintain voice and data connections in the GSM network, providing users
with reliable communication and access to data services.
108

28. MUC – IT5050
LESSON 1
Summary Report
MUC
L H A N N Buddhadasa – MS23002456
109
Mobile and Ubiquitous Computing
Mobile and ubiquitous computing are two closely related concepts that focus on the
integration of technology into everyday life, enabling continuous access to information
and services. Here's an overview of mobile and ubiquitous computing:
Mobile Computing: Mobile computing refers to the ability to use technology while on
the move, without being confined to a fixed location. It involves the use of portable
devices such as smartphones, tablets, and laptops to access and interact with digital
information and services. Mobile computing allows users to stay connected,
communicate, and perform various tasks while on the go.
Ubiquitous Computing: Ubiquitous computing, also known as pervasive computing,
aims to seamlessly integrate computing technology into the environment, making it
pervasive and transparent to users. The idea is to have technology present everywhere
and accessible without conscious effort. Ubiquitous computing involves embedding
sensors, actuators, and computing capabilities into various objects, infrastructure, and
everyday surroundings.
Key aspects and characteristics of mobile and ubiquitous computing include:
 Connectivity: Both mobile and ubiquitous computing rely on wireless connectivity,
such as cellular networks, Wi-Fi, Bluetooth, and other wireless communication
technologies, to enable continuous access to information and services. 110
 Context Awareness: Mobile and ubiquitous computing systems are designed to be
aware of the user's context, including location, preferences, environmental conditions,
and user behavior. This allows for personalized and adaptive interactions and services.
 Adaptability: These computing paradigms focus on adapting to different devices,
screen sizes, and user interfaces, ensuring a seamless user experience across various
platforms and form factors.
 Sensors and Actuators: Ubiquitous computing involves the use of sensors to collect
data from the environment and actuators to interact with physical objects. This enables
the integration of digital and physical worlds, enabling applications such as smart
homes, smart cities, and wearable devices.
 Cloud Computing: Mobile and ubiquitous computing often leverage cloud computing
infrastructure to store and process data, enabling access to vast computing resources
and services from anywhere and at any time.
Applications of mobile and ubiquitous computing are diverse and include:
Location-based services: Mobile apps and services that utilize the user's location for
navigation, local recommendations, and geographically targeted information. 111
 Smart homes and automation: Integration of various devices and sensors within
homes to enable automation, energy management, and remote control of
appliances.
 Wearable devices: Technologies such as smartwatches, fitness trackers, and
augmented reality glasses that provide personalized information and services
directly to the user.
 Internet of Things (IoT): Ubiquitous computing plays a crucial role in the IoT by
connecting everyday objects and enabling data collection, analysis, and control of
physical devices and environments.
 Healthcare and well-being: Mobile and ubiquitous computing contribute to
remote patient monitoring, health tracking, and personalized healthcare
applications.
Challenges in mobile and ubiquitous computing include privacy and security concerns,
interoperability of devices and services, energy efficiency, and managing the massive
amounts of data generated by connected devices. However, these computing paradigms
continue to evolve and have a significant impact on various industries, transforming the
way we live, work, and interact with technology. 112

29. Overview Mobile Computing & Ubiquitous Computing
Mobile Computing: Mobile computing refers to the ability to use computers and other
computing devices while on the move, allowing people to stay connected to other machines
or the internet. It involves the use of portable devices such as smartphones, tablets, and
laptops that enable individuals to access and interact with digital information and services
regardless of their location. Mobile computing takes advantage of the connectedness and
mobility of devices, enabling users to work, communicate, and access information while on
the go.
Ubiquitous Computing: Ubiquitous computing, also known as pervasive computing, aims
to create an environment where computing technology is seamlessly integrated into our
everyday physical world. The term "ubiquitous" means "to be found everywhere,"
indicating the vision of having computing devices and capabilities pervade every aspect of
our lives. Ubiquitous computing involves embedding computing devices, sensors, and
actuators into objects, infrastructure, and environments, enabling them to collect data,
interact with users, and provide services without conscious effort.
The key difference between mobile computing and ubiquitous computing lies in their focus:
Mobile computing focuses on individuals being able to travel with their computers and
stay connected while on the move. 113
It emphasizes the mobility and connectivity of devices, allowing users to access
resources and services regardless of their location.
Ubiquitous computing, on the other hand, concentrates on integrating computing
devices into the physical environment to make computing pervasive and transparent.
It envisions a world where technology seamlessly blends into our everyday lives,
adapting to our needs and preferences without requiring explicit user interaction.
Both mobile computing and ubiquitous computing leverage wireless connectivity, sensors,
and cloud computing infrastructure to enable continuous access to information and
services. They enable applications such as location-based services, smart homes, wearable
devices, and the Internet of Things (IoT), transforming the way we interact with
technology and the physical world.
In summary, mobile computing focuses on individuals staying connected while on the
move, while ubiquitous computing aims to create a world where computing devices are
seamlessly integrated into our everyday physical environment, making technology
pervasive and transparent.
Overview The ubiquitous computing vision.
The vision of ubiquitous computing, also known as pervasive computing, revolves around
the idea of technology seamlessly integrating into our everyday lives and becoming a quiet,
invisible servant that enhances our experiences without being the center of attention. 114
The key principles of the ubiquitous computing vision are as follows:
Purposeful Computing: The primary purpose of computers and technology is to assist
individuals in accomplishing their tasks and goals. Ubiquitous computing aims to
create technology that seamlessly integrates into our lives and helps us in a natural and
intuitive manner.
Invisible Presence: Ubiquitous computing envisions computers and technology to be
physically and mentally invisible. Physically invisible means that computing devices
and infrastructure are hidden and integrated seamlessly into the environment, becoming
indistinguishable from everyday objects. Mentally invisible implies that technology
should not draw unnecessary attention or disrupt the flow of our activities.
Intuitive Interaction: Ubiquitous computing emphasizes the importance of intuitive
interaction with technology. The more tasks can be performed intuitively and
effortlessly, the smarter and more effective the technology is considered to be. It aims
to extend our unconscious abilities, allowing us to interact with technology effortlessly
and without conscious effort.
Calmness and Serenity: The ubiquitous computing vision promotes technology that
creates a sense of calmness and serenity in our lives. 115
Instead of overwhelming us with information and distractions, technology should
provide a peaceful and harmonious environment, allowing us to focus on what matters
most.
In practical terms, the vision of ubiquitous computing includes technologies such as smart
homes, wearable devices, ambient intelligence, and the Internet of Things (IoT). These
technologies aim to integrate computing devices, sensors, and actuators seamlessly into our
surroundings, enabling context-awareness, adaptive behavior, and personalized services.
The overarching goal of the ubiquitous computing vision is to create a human-centered
technology environment that enhances our lives without demanding constant attention or
creating unnecessary complexity. By blending technology with our everyday experiences,
ubiquitous computing strives to make technology an integral and supportive part of our
daily routines.
Definition of Pervasive Computing
Pervasive computing, also known as ubiquitous computing, refers to the concept of
embedding computational capabilities into everyday objects and environments, making
them seamlessly interconnected and capable of interacting with each other and with users.
It involves the integration of various technologies, such as sensors, actuators, wireless
communication, and software systems, to create an environment where computing is
present and integrated into every aspect of daily life. 116

30. The goal of pervasive computing is to create a computing environment that is unobtrusive,
invisible, and omnipresent, allowing users to access and interact with computational
resources and services effortlessly. Instead of relying on traditional desktop computers or
mobile devices, pervasive computing envisions a world where computing power is
distributed throughout the environment, and users can access information and services from
any location and any device.
Pervasive computing encompasses a wide range of applications and scenarios. It can include
smart homes with interconnected devices that automate and enhance various aspects of daily
living, such as lighting, heating, security systems, and entertainment. It can also extend to
healthcare systems with wearable devices and sensors that monitor and collect vital signs,
or to transportation systems with interconnected vehicles and infrastructure that enable
intelligent traffic management and safer driving.
Overall, pervasive computing aims to create a highly interconnected and intelligent
environment where computing seamlessly integrates into our surroundings, enhancing our
daily lives, improving efficiency, and enabling new applications and experiences.
117
Characteristics of Ubiquitous Computing
Seamless Integration: Ubiquitous computing aims to seamlessly integrate
computational capabilities into everyday objects and environments, making them
indistinguishable from their non-computing counterparts. Users should be able to
interact with the technology effortlessly and without disruptions.
Always-on: Ubiquitous computing systems are designed to be continuously available
and operational. They remain active and ready to respond to user needs at all times,
ensuring a consistent and uninterrupted user experience.
Context-aware: Ubiquitous computing systems are capable of sensing and
understanding the context in which they operate. They utilize various sensors and
input sources to gather information about the environment, user behavior, and other
relevant factors, allowing them to adapt and provide personalized and relevant
services.
Multi-modal: Ubiquitous computing supports multiple modes of interaction, such as
touch, voice, gestures, and sensors. Users can choose the most convenient and natural
way to interact with the system based on the context and their preferences.
Distributed: Ubiquitous computing systems are distributed in nature, with
computational power and resources spread across multiple devices and locations. This
distribution allows for flexibility, scalability, and redundancy in providing services
and accommodating varying levels of computational requirements. 118
Proactive: Ubiquitous computing systems are proactive in anticipating user needs and
providing services before being explicitly requested. They can use historical data,
context information, and user preferences to offer personalized recommendations,
automation, and assistance.
Mobile: Ubiquitous computing extends beyond traditional desktop computers and
includes mobile devices as key components. Users can access and interact with services
and information on the move, regardless of their physical location.
Scalable: Ubiquitous computing systems are designed to scale in terms of the number
of connected devices, users, and the amount of data being processed. They can handle
increasing computational demands while maintaining performance and reliability.
Dynamic: Ubiquitous computing environments are dynamic and adaptable to changes
in the environment, user requirements, and technological advancements. They can
reconfigure themselves, add or remove devices, and adjust services and interactions
accordingly.
Secure: Ubiquitous computing systems prioritize security and privacy. They employ
robust authentication, encryption, and access control mechanisms to protect user data,
ensure the integrity of communications, and prevent unauthorized access or
manipulation.
119
These characteristics collectively contribute to the vision of ubiquitous computing, where
technology is seamlessly integrated into our daily lives, adapting to our needs, and
providing pervasive and personalized services.
Ad hoc networks and topology control issues
In ad hoc networks, where nodes communicate with each other directly without relying on
a centralized infrastructure, reaching nodes that are out of range can be challenging.
However, there are several approaches to address this issue:
Relay Nodes: One solution is to introduce relay nodes that act as intermediaries
between the source and destination nodes. These relay nodes can receive messages
from a source node and forward them to the destination node, effectively extending
the communication range.
Multi-Hop Routing: Another approach is to use multi-hop routing, where nodes
transmit messages through a series of intermediate nodes until they reach the
destination. Each node acts as a relay for the subsequent nodes in the route, enabling
communication over longer distances.
Mobility: In mobile ad hoc networks (MANETs), the nodes themselves may be
mobile. Exploiting node mobility can help reach out-of-range nodes by leveraging
their movement patterns. Nodes can opportunistically forward messages to other nodes
that are closer to the destination and within range. 120

31. Regarding the knowledge of devices about each other, the level of awareness can depend
on the specific requirements and design considerations of the ad hoc network. It is not
necessary for all devices to be aware of all other devices, especially in larger networks where
maintaining such awareness may be impractical.
Instead, hierarchical structures can be established to manage communication and control
within the network. For example, clustering techniques can be employed to group nodes
into clusters or partitions. In this case, each device would only need to be aware of other
devices within its own cluster, reducing the overall communication overhead.
However, in some scenarios, it may be important for all devices to have knowledge of each
other, such as in small-scale ad hoc networks or when a high level of coordination is
required. In such cases, broadcasting or flooding techniques can be used to disseminate
information among all nodes.
Ultimately, the decision on which devices should know about each other and the hierarchy
within the network depends on factors such as network size, communication requirements,
energy constraints, and the specific application or use case for the ad hoc network.
121
Q1: What is Mobile and Ubiquitous computing?
Mobile computing refers to the ability to access and use computational resources and
services while on the move, using portable devices such as smartphones, tablets, or laptops.
It enables users to connect to networks, access information, and interact with applications
regardless of their physical location.
Ubiquitous computing, also known as pervasive computing, refers to the concept of
seamlessly integrating computational capabilities into everyday objects and environments.
It extends beyond mobile devices and includes the idea of embedding computing power
into various objects and spaces, making them interconnected and capable of interacting
with each other and with users.
Mobile and ubiquitous computing are related but distinct concepts. Mobile computing
focuses on the mobility of devices and the ability to access services on the go, while
ubiquitous computing emphasizes the integration of computing into various aspects of
daily life, making technology omnipresent and unobtrusive.
Q2: Why Mobile and Ubiquitous computing?
Mobile and ubiquitous computing offer numerous benefits and opportunities:
Accessibility: Mobile and ubiquitous computing enable users to access information
and services anytime, anywhere. They break the barriers of location and time,
providing flexibility and convenience. 122
Connectivity: These computing paradigms promote connectivity between devices and
systems, allowing for seamless communication and collaboration. Users can easily
share data, exchange information, and interact with others.
Enhanced productivity: Mobile and ubiquitous computing provide tools and
applications that improve productivity by enabling users to work, communicate, and
access resources efficiently, regardless of their location.
Personalization: These computing paradigms leverage context-awareness and user
preferences to deliver personalized and tailored experiences. Services can adapt to
individual needs, providing relevant information and recommendations.
Automation and efficiency: Mobile and ubiquitous computing enable automation of
various tasks and processes. They can automate routine activities, optimize resource
utilization, and streamline workflows, leading to increased efficiency and productivity.
New applications and experiences: These computing paradigms open up possibilities
for innovative applications and experiences. From augmented reality to smart homes,
wearable devices to intelligent transportation systems, the integration of technology
into everyday life brings new functionalities and opportunities.
123
Data-driven insights: Mobile and ubiquitous computing generate vast amounts of data.
By collecting and analyzing this data, valuable insights can be gained, leading to
improvements in various domains such as healthcare, transportation, and urban
planning.
Overall, mobile and ubiquitous computing revolutionize the way we interact with
technology, making it more pervasive, accessible, and integrated into our daily lives. They
offer a wide range of benefits, from increased convenience and productivity to new
opportunities for innovation and improvement in various fields.
124

32. Past Papers – 2019
Question 1
a. Explain GSM architecture with a neat block diagram, highlighting all the interfaces.
GSM Architecture: GSM (Global System for Mobile Communications) architecture consists of various components and interfaces that
enable mobile communication. The following block diagram illustrates the GSM architecture with its interfaces:
+-------------------------+ +-------------------------+ +-------------------------------+
| Mobile Station (MS) |<-------->| Base Station Subsystem|<-------->| Network and Switching Subsystem|
| | | (BSS) | | (NSS) |
| | | | | |
| +---------+ +---------+ | | +---------+ +---------+ | | +------------+ +------------+ |
| | SIM | | UE | | | | BTS | | RBS | | | | MSC | | VLR | |
| +---------+ +---------+ | | +---------+ +---------+ | | +------------+ +------------+ |
+-------------------------+ +-------------------------+ +-------------------------------+
b. Using diagrams describe TDMA and CDMA.
TDMA (Time Division Multiple Access): TDMA is a digital cellular communication technique that allows multiple users to share the same
frequency channel by dividing the signal into different time slots. The diagram below illustrates how TDMA works:
Time Axis
------------------------------------
| User 1 | User 2 | User 3 |
------------------------------------
Frequency Axis
----------------
| Channel |
----------------
In TDMA, each user is assigned a unique time slot within a specific frequency channel. Users take turns transmitting their data during their
designated time slots. This division of time allows multiple users to share the same frequency band without interference.

33. CDMA (Code Division Multiple Access) is a digital cellular communication technique that allows multiple users to share the same
frequency band simultaneously. Unlike TDMA, which divides the frequency band into time slots, CDMA assigns a unique code to each
user and spreads the signal across the entire bandwidth. Here's a diagram illustrating how CDMA works:
Time Axis
------------------------------------
| User 1 |
------------------------------------
Frequency Axis
------------------------------------
| Channel |
------------------------------------
Code Axis
------------------------------------
| Code | Code |
------------------------------------
In CDMA, each user is assigned a unique spreading code. The user's data signal is multiplied (modulated) by this code before transmission,
spreading it across the entire frequency band. At the receiver end, the same spreading code is used to demodulate the signal and extract the
original data. Other users with different codes can transmit their signals simultaneously without interfering with each other.
The diagram represents a single user, User 1, transmitting its signal over a specific channel. The user's data signal is multiplied by its
assigned code, which spreads the signal across the entire frequency band. This spread signal can be received by multiple users
simultaneously, each using a different code to demodulate their respective signals.
CDMA enables multiple users to coexist within the same frequency band by utilizing the unique codes assigned to each user. The spreading
codes act as virtual channels, allowing the signals to be separated at the receiver based on the corresponding codes. This technique provides
increased capacity and improved resistance to interference in a cellular communication system.

34. c. Describe following 3 main components in Cellular Communication System
a) Mobile Station (MS) - UE, SIM
Mobile Station (MS): The Mobile Station (MS) refers to the user equipment in a cellular communication system. It consists of two
main components:
 User Equipment (UE): It represents the physical device used by the end-user, such as a mobile phone or a data card in a laptop.
The UE communicates with the network through the base station subsystem.
 Subscriber Identity Module (SIM): The SIM card is a small smart card that securely stores the subscriber's identity and
authentication information. It is inserted into the mobile device and enables the user to access the network services.
b) Base Station Subsystem (BSS) - BTS, RBS, BSC
The Base Station Subsystem (BSS) provides the radio interface between the mobile station and the network. It consists of the following
components:
 Base Transceiver Station (BTS): The BTS is responsible for transmitting and receiving radio signals to and from the mobile
station. It includes the radio transceivers and antennas required for wireless communication.
 Radio Base Station (RBS): The RBS is the equipment responsible for processing the radio signals received by the BTS. It
performs functions like signal amplification, coding, decoding, modulation, and demodulation.
 Base Station Controller (BSC): The BSC manages and controls multiple BTSs. It handles tasks such as call setup, handover
management, and resource allocation. The BSC also interfaces with the Network and Switching Subsystem (NSS).
c) Network and Switching Subsystem (NSS) - MSC, VLR, HLR,
The Network and Switching Subsystem (NSS) is the core network component that handles call routing and mobility management. It
consists of the following components:

35.  Mobile Switching Center (MSC): The MSC is responsible for call switching and routing between mobile subscribers, as well
as connections to other networks. It manages the communication links and provides services like call forwarding and call
waiting.
 Visitor Location Register (VLR): The VLR stores temporary information about the mobile subscribers visiting a particular area
or location. It contains subscriber-related data required for call routing and authentication.
 Home Location Register (HLR): The HLR is a central database that stores permanent subscriber information. It includes
subscriber profiles, location information, and service subscription details. The HLR is responsible for authentication, call setup,
and subscriber management.
These three main components work together to enable seamless communication in a cellular network, allowing mobile users to connect
with each other and access various network services.
Question 2
a. Using a diagram describe the activity life cycle. Your description should cover the following methods.
i. OnCreate( )
ii. OnPouse( )
iii. OnResume( )
iv. OnStop( )
v. OnStart( )
vi. OnResart( )
Activity Lifecycle Diagram: The activity lifecycle in Android refers to the various states an activity goes through during its
execution. Here's a diagram illustrating the activity lifecycle and the methods associated with each state:

36. onCreate() --> onStart() --> onResume()
| |
| |
onPause() onStop()
| |
| |
onResume() onRestart()
| |
| |
onPause() onStop()
| |
| |
onDestroy()
 onCreate(): This method is called when the activity is first created. It is used for initialization, such as setting up the user
interface and binding data.
 onStart(): The onStart() method is called when the activity becomes visible to the user. It prepares the activity for user interaction
and may register broadcast receivers or initiate animations.
 onResume(): onResume() is called when the activity is in the foreground and ready to interact with the user. It is the ideal place
to start animations, play audio, or acquire resources.
 onPause(): onPause() is called when the activity loses focus but remains visible in the background. It is used to release resources,
save data, or stop animations.

37.  onStop(): The onStop() method is called when the activity is no longer visible to the user. It can be used to release resources
that are no longer needed.
 onRestart(): onRestart() is called when the activity is being restarted after being stopped. It is followed by onStart() and
onResume().
b. Compare Native, Web and Hybrid mobile applications?
Native Mobile Applications:
 Developed using platform-specific programming languages (e.g., Java for Android, Swift for iOS).
 Access to device features and APIs is extensive.
 Offers high performance and responsiveness.
 Provides a native look and feel, consistent with the platform's UI guidelines.
 Requires separate development efforts for different platforms.
Web Mobile Applications:
 Developed using web technologies such as HTML, CSS, and JavaScript.
 Accessible through a web browser on mobile devices.
 Platform-independent, as they run on multiple operating systems.
 Limited access to device features and APIs compared to native apps.
 Requires an internet connection to function.
Hybrid Mobile Applications:
 Developed using web technologies (HTML, CSS, JavaScript) and wrapped in a native shell.
 Combines elements of native and web apps.
 Access to device features and APIs through plugins or frameworks.
 Single codebase that can be deployed on multiple platforms.
 Offers better access to device features compared to web apps but may have performance limitations.

38. c. Briefly explain main challenges raised by mobile and ubiquitous computer systems.
 Resource Limitations: Mobile devices have limited processing power, memory, and battery life. Designing efficient and
resource-aware applications is crucial.
 Connectivity and Network Issues: Mobile devices operate in diverse network conditions, including areas with poor or
fluctuating connectivity. Ensuring seamless data transmission and handling network disruptions is challenging.
 Security and Privacy: Mobile devices store sensitive user data and are vulnerable to various security threats. Protecting data,
securing communications, and ensuring user privacy are significant challenges.
 Device Fragmentation: Mobile devices come in various screen sizes, resolutions, and operating systems. Developing
applications that work well across different devices and platforms is complex.
d. Describe relationship distributed computing, mobile computing and mobile Ubiquitous Computing.
 Distributed Computing: Distributed computing involves the use of multiple interconnected computers or devices to solve a
common problem or perform a task. It focuses on distributing computational tasks across a network of devices to enhance
performance, scalability, and fault tolerance.
 Mobile Computing: Mobile computing refers to the ability to use computing devices (e.g., smartphones, tablets) while on
the move. It emphasizes mobility and provides users with access to data and services irrespective of their location.
 Mobile Ubiquitous Computing: Mobile ubiquitous computing combines the concepts of mobile computing and ubiquitous
computing. It involves the seamless integration of mobile devices into everyday environments, where they interact with the
physical world and provide context-aware services.
 The relationship between these three concepts is that mobile computing devices can participate in distributed computing
systems, leveraging their capabilities and connectivity to contribute to distributed tasks. Ubiquitous computing extends this
further by integrating mobile devices into the physical environment, creating an ecosystem where distributed computing
occurs across a network of interconnected and context-aware devices.
e. "The integration of devices with physical world involves sensing and context awareness." Critic on the above statement.

39. The statement is accurate as it highlights two key aspects of integrating devices with the physical world:
1. Sensing: Devices integrated with the physical world employ sensors to gather data from the environment. Sensors can include
GPS, accelerometers, gyroscopes, ambient light sensors, temperature sensors, etc. This sensory data enables devices to
understand and interact with the physical world.
2. Context Awareness: By leveraging the data collected through sensors, devices can gain context awareness. They can analyze
and interpret the sensory information in real-time to understand the user's situation, location, preferences, and environmental
conditions. This context awareness allows devices to provide personalized and relevant services to the user.
Overall, the integration of devices with the physical world relies on sensing capabilities and context awareness to create a more
interactive and intelligent environment.
Question 3
You have been assigned as the tech lead of the application development team. The ABC hotel requires developing a hotel booking and
reservation mobile app. As a development organization your MD/CEO asked to prepare technical documentation emphasizing the
requirement of ABC Hotel Reservation mobile app.
Write a report explaining the mobile applications considering business impact, usability aspect, use of technology, security, user
interface design and cost estimation for the proposed mobile app covering following subtopics.
• Mobile and Ubiquitous Computing technologies which can be used at Educational Institute or University
• Cost Factor
• Usability and Adoption
• Challenges to overcome.
• Security
• Methods and Frameworks for Implementation.

40. Technical Documentation: ABC Hotel Reservation Mobile App
 Introduction The ABC Hotel Reservation mobile app is aimed at providing a seamless and user-friendly experience for customers to book
and manage hotel reservations. This technical documentation highlights the key aspects of the mobile application, including its business
impact, usability, technology, security, user interface design, and cost estimation.
 Mobile and Ubiquitous Computing Technologies To ensure a smooth and efficient hotel booking experience, the ABC Hotel Reservation
mobile app can leverage several mobile and ubiquitous computing technologies. These technologies include:
a. Mobile Platforms: The app can be developed for popular mobile platforms such as iOS and Android, enabling a wide user base to
access and utilize the application.
b. Geolocation Services: Integrating geolocation services allows users to search for nearby hotels based on their current location. It
enables personalized recommendations and enhances the overall user experience.
c. Push Notifications: By utilizing push notifications, the app can provide real-time updates to users about their reservations, upcoming
offers, and other relevant information.
d. Payment Gateways: Integrating secure and reliable payment gateways allows users to make seamless payments within the app,
enhancing convenience and user satisfaction.
 Cost Factor The cost estimation for developing the ABC Hotel Reservation mobile app depends on several factors, including:
a. Development Resources: The cost will be influenced by the number and expertise of developers, designers, and testers involved in
the project.
b. Technology Stack: The choice of technology stack, including programming languages, frameworks, and third-party services, may
impact the overall development cost.
c. Features and Complexity: The complexity and number of features required in the app will affect the development effort and
subsequently the cost.
d. Maintenance and Updates: Ongoing maintenance and future updates should also be considered when estimating the overall cost.
 Usability and Adoption Usability is a critical factor in the success of the ABC Hotel Reservation mobile app. To ensure high usability and
adoption rates, the following considerations should be considered:
a. User-Centric Design: The user interface and user experience should be intuitive, visually appealing, and easy to navigate.
Conducting user research and usability testing can help identify potential pain points and refine the app accordingly.
b. Simplified Booking Process: The booking process should be streamlined, minimizing the number of steps required and reducing
user friction.
c. Personalization: The app should offer personalized recommendations based on user preferences, previous bookings, and location.

41. d. Ratings and Reviews: Including a ratings and reviews system for hotels helps users make informed decisions and boosts trust in the
app.
 Challenges to Overcome During the development of the ABC Hotel Reservation mobile app, certain challenges may arise. Some potential
challenges include:
a. Integration with Hotel Systems: Integrating the app with existing hotel management systems and databases may require careful
planning and coordination.
b. Data Security and Privacy: Ensuring the security and privacy of user data, including personal and payment information, is
paramount. Implementing robust security measures and complying with relevant regulations is crucial.
c. Performance Optimization: The app should be optimized for performance to provide a smooth experience, even with slow or
intermittent network connections.
d. Cross-Platform Compatibility: Developing the app for multiple platforms while maintaining consistency and quality across different
devices can be a challenge.
 Security Security is of utmost importance in the ABC Hotel Reservation mobile app. The following security measures should be
implemented:
a. Secure Authentication: Implementing strong authentication mechanisms, such as two-factor authentication, to prevent unauthorized access.
b. Data Encryption: Encrypting sensitive data, including user information and payment details, to protect it from unauthorized access.
c. Secure Communication: Utilizing secure communication protocols, such as HTTPS, to ensure data transmission between the app and backend
servers is encrypted.
d. Regular Security Audits: Conducting regular security audits to identify and address potential vulnerabilities in the app and infrastructure.
 Methods and Frameworks for Implementation To efficiently develop the ABC Hotel Reservation mobile app, the following methods and
frameworks can be utilized:
a. Agile Development Methodology: Adopting an agile development approach allows for iterative development, continuous feedback,
and faster time-to-market.
b. Native or Cross-Platform Development: Choosing between native development (using platform-specific languages like Swift or
Java) or cross-platform frameworks (such as React Native or Flutter) depends on factors like performance requirements,
development resources, and target audience.
c. API Integration: Integrating with hotel booking platforms and services via APIs enables seamless access to hotel inventory,
availability, and pricing information.

42. d. Automated Testing: Implementing automated testing frameworks and tools ensures the stability and quality of the app across
different devices and scenarios.
In conclusion, the ABC Hotel Reservation mobile app offers a convenient and user-friendly platform for customers to book and manage hotel
reservations. By leveraging mobile and ubiquitous computing technologies, focusing on usability and adoption, addressing security concerns, and
utilizing appropriate implementation methods and frameworks, the app can provide a seamless hotel booking experience while meeting the needs
and expectations of both the business and its customers.
(Word count: 800)
Question 4
a) Define what a location-based System (LBS) is.
A Location-Based System (LBS) is a technology that utilizes location information to provide services, information, or functionality based on the
user's current or specified location. It uses a combination of hardware (such as GPS receivers or Wi-Fi sensors) and software to determine the
user's location and deliver relevant services or information.
b) Describe components of Location Based Systems (LBS).
 User Interface: The user interface allows users to interact with the LBS and access location-based services. It may include maps, search
functionalities, and user input options.
 Location Determination: This component includes the technologies used to determine the user's location, such as GPS, Wi-Fi, cellular
network, or RFID. It collects and processes location data to provide accurate positioning information.
 Database: The database stores and manages location-related data, such as maps, points of interest, user profiles, and historical location
information. It allows quick retrieval and processing of location-based information.
 Geographical Information System (GIS): GIS integrates geographical data with location-based services. It enables the analysis and
visualization of location-related data to support decision-making processes.
 Networking: Networking components facilitate communication between the LBS and the user's device. It may involve internet connectivity,
wireless communication protocols, and APIs to exchange data and provide location-based services.

43. c) Briefly, describe the types of Location Based Systems.
 Navigation Systems: Navigation LBS provide directions and route guidance to help users navigate from one location to another. These
systems typically include mapping, turn-by-turn directions, and real-time traffic information.
 Location-Based Social Networking: These LBS enable users to connect and interact with others based on their location. They facilitate
social networking, location sharing, and discovery of nearby friends or people with similar interests.
 Location-Based Advertising: These systems deliver targeted advertisements to users based on their current or past locations.
Advertisements are customized and relevant to the user's location, increasing the effectiveness of marketing campaigns.
c) As a mobile application developer describe Location based Systems based on customer and business perspective.
Location-Based Systems from a Customer and Business Perspective (Mobile App Developer):
From a customer perspective:
 Provide intuitive and user-friendly interfaces for location-based services.
 Ensure accurate and real-time location detection to deliver relevant information.
 Offer personalized recommendations and suggestions based on the user's location and preferences.
 Enable seamless integration with popular navigation apps for easy route planning.
 Focus on privacy and security measures to protect user location data.
From a business perspective:
 Implement analytics and data tracking to understand user behavior and preferences.
 Enable targeted advertising based on user location and demographics.
 Collaborate with local businesses to provide location-specific offers and promotions.
 Integrate social networking features to enhance user engagement and viral marketing.
 Offer options for user-generated content, such as reviews and ratings.
d) Design a Travel app user interface for SLIIT visitors. Your design should include location-based services for navigation.

44. Design of Travel App User Interface for SLIIT Visitors: As an AI text-based model, I am unable to provide visual designs directly. However, here
are some key components and features that can be incorporated into a travel app user interface for SLIIT visitors:
1. Home Screen:
 Welcome message and SLIIT logo.
 Search bar for entering destination or keyword.
 Quick access buttons for popular locations or services.
2. Map View:
 Interactive map displaying SLIIT campus and surrounding areas.
 Markers for important locations within the campus (e.g., buildings, facilities).
 User location indicator.
 Navigation controls for zooming and panning.
3. Navigation:
 Turn-by-turn navigation instructions to guide visitors to their desired locations within the campus.
 Route options, including walking or driving directions.
 Estimated time of arrival.
4. Points of Interest:
 List of important locations within the campus, categorized by type (e.g., classrooms, libraries, cafeterias).
 Detailed information about each location, including opening hours, contact details, and user reviews/ratings.
5. Nearby Services:
 Recommendations for nearby services outside the campus, such as restaurants, accommodations, and transportation options.
 Integration with external services (e.g., ride-sharing apps, food delivery services).

45. 6. Search and Filters:
 Search functionality to find specific locations or services within the campus.
 Filters to narrow down search results based on criteria like category, ratings, or distance.
7. User Profile:
 User login/signup option to save preferences and access personalized features.
 Saved favorites or bookmarks for quick access to frequently visited places.
Remember that the actual visual design should align with the SLIIT brand guidelines and user experience best practices.
Question 5
a. With the aid of a diagram describe mobile security stack.
The mobile security stack consists of multiple layers that work together to ensure the security of mobile applications. Here is a diagram
illustrating the mobile security stack:
--------------------------
| Application Layer |
--------------------------
| Operating System |
--------------------------
| Device Hardware |

46. --------------------------
At the topmost layer, we have the Application Layer, which includes the mobile applications installed on the device. This layer
encompasses various security measures implemented within the applications themselves, such as secure authentication, data encryption,
secure communication protocols, and secure storage of sensitive information.
The middle layer represents the Operating System (OS) of the mobile device. The OS provides security features like permissions
management, sandboxing, and process isolation to protect the applications and user data from unauthorized access or tampering.
The bottommost layer represents the Device Hardware, including the physical components of the mobile device. The hardware layer
provides hardware-based security features like secure boot, Trusted Execution Environment (TEE), and hardware-based encryption to
ensure the integrity and confidentiality of the device and its data.
b. Describe the following threat models which require to be considered when developing mobile applications.
I. Spoofing
Spoofing refers to the act of impersonating a legitimate entity or user. In mobile applications, spoofing can occur when an
attacker impersonates a trusted server or masquerades as another user. This threat can lead to unauthorized access, data breaches,
and fraudulent activities.
II. Tampering
Tampering involves unauthorized modification or alteration of the mobile application's code or data. Attackers can manipulate
the app's code or data to bypass security controls, inject malicious code, or modify sensitive information. Tampering can
compromise the integrity and reliability of the application.
III. Repudiation

47. Repudiation refers to the denial of an action or transaction. In mobile applications, repudiation threats arise when an attacker
can perform an action (e.g., making a purchase or submitting a form) but later denies having done so. Implementing proper
logging and audit trails can help mitigate repudiation risks.
IV. Denial of Service
Denial of Service attacks aims to disrupt the availability or performance of a mobile application. Attackers can flood the app
with excessive requests or exploit vulnerabilities to consume system resources, leading to app crashes, unresponsiveness, or
degradation of service.
V. Elevation of privilege
Elevation of privilege occurs when an attacker gains unauthorized access to higher privilege levels or administrative privileges
within a mobile application. This allows them to bypass security controls, escalate their privileges, and perform malicious
activities beyond their intended permissions.
VI. Information Disclosure
Information disclosure threats involve the unauthorized access, exposure, or leakage of sensitive data stored or transmitted by
the mobile application. Attackers can intercept network communications, exploit insecure storage, or access data through
vulnerabilities, resulting in the exposure of personally identifiable information (PII), financial data, or confidential business
information.
c. "Mobile security incidents are very expensive." Describe the given statement with examples.
Mobile security incidents can have significant financial implications for individuals and organizations. Here are some examples:
i) Financial Loss: Mobile security incidents, such as banking app breaches or payment fraud, can result in financial losses for
individuals who may have their funds stolen or their financial accounts compromised. Additionally, businesses can suffer
financial losses due to reputational damage, legal consequences, or regulatory penalties resulting from mobile security incidents.

48. ii) Data Breaches: Mobile security incidents that lead to data breaches can be costly for organizations. They may face expenses
related to incident response, forensic investigations, notifying affected individuals, offering credit monitoring services, and
potential legal settlements.
iii) Downtime and Productivity Loss: Denial of Service (DoS) attacks or mobile malware outbreaks can cause app or system
downtime, resulting in loss of business revenue and productivity. Organizations may need to invest in remediation efforts, such
as deploying additional security measures or allocating resources to recover from the incident.
iv) Reputation Damage: Mobile security incidents can significantly damage an organization's reputation, leading to loss of
customer trust and loyalty. Rebuilding reputation and customer confidence can be a costly and time-consuming process.
d. Write a brief document explaining the mobile application you elected to implement. Use the given guideline to write your
report.
• Business Need
• Usability aspects
• Use of technology
• Security
Business Need: The mobile application aims to provide a platform for users to order food from restaurants and have it delivered to
their location. It addresses the growing demand for convenient and on-demand food delivery services, enhancing customer
satisfaction and revenue opportunities for restaurants.
Usability Aspects: The mobile application focuses on providing a user-friendly and intuitive interface. It includes features such as
easy navigation, personalized recommendations, order tracking, and multiple payment options to ensure a seamless and satisfying
user experience.
Use of Technology: The mobile application utilizes mobile platforms like iOS and Android, ensuring broad accessibility for users.
It integrates geolocation services to enable location-based restaurant discovery and real-time order tracking. The app also integrates
with payment gateways for secure and convenient transactions.

49. Security: The mobile application incorporates various security measures such as secure authentication, data encryption, and secure
communication protocols to protect user data and payment information. It undergoes regular security audits to identify and address
potential vulnerabilities.
In conclusion, the mobile application addresses the business need for convenient food delivery while prioritizing usability,
leveraging appropriate technology, and implementing robust security measures to protect user data and ensure a positive user
experience.
Past Papers – 2018
Question 2
Write a report explaining how an education institute or University used Mobile and Ubiquitous Computing to provide better service to
students. The following guideline can be used to write your report.
• Mobile and Ubiquitous Computing technologies which can be used at Educational Institute or University
• Cost Factor
• Usability and Adoption
• Challenges to overcome.
• Security
• Methods and Frameworks for Implementation.

50. Title: Enhancing Student Services through Mobile and Ubiquitous Computing: A Case Study
Introduction: Mobile and ubiquitous computing technologies have revolutionized various sectors, including education. Educational institutes and
universities are increasingly adopting these technologies to provide better services to their students. This report explores the various ways mobile
and ubiquitous computing can be utilized in educational institutions, the cost factors associated with their implementation, usability and adoption
considerations, challenges to overcome, security measures, and methods and frameworks for implementation.
• Mobile and Ubiquitous Computing Technologies: a) Mobile Applications: Educational institutes can develop mobile applications to
provide students with access to course materials, announcements, schedules, grades, and other relevant information. b) Wearable Devices:
These devices, such as smartwatches, can facilitate seamless access to notifications, reminders, and time management tools. c) Internet of
Things (IoT): IoT devices can be employed for tracking attendance, monitoring equipment, and creating smart classrooms that enhance the
learning experience. d) Location-Based Services (LBS): LBS can assist students in navigating the campus, finding resources, and
discovering nearby academic services.
• Cost Factors: a) Infrastructure: Educational institutes must invest in robust network infrastructure to support mobile and ubiquitous
computing services. b) Device Provisioning: Providing devices or facilitating bring-your-own-device (BYOD) policies requires careful
consideration of costs, maintenance, and compatibility. c) Application Development: Developing mobile applications and integrating with
existing systems can involve development and maintenance costs.
• Usability and Adoption: a) User Experience (UX): Mobile applications and interfaces should be intuitive, user-friendly, and accessible
across different platforms and devices. b) Training and Support: Comprehensive training programs and support mechanisms should be
established to familiarize students, faculty, and staff with the technology. c) Incentives and Benefits: Highlighting the advantages and
benefits of using mobile and ubiquitous computing technologies can encourage student adoption.
• Challenges to Overcome: a) Technical Compatibility: Ensuring seamless integration between various devices, operating systems, and
software applications can pose challenges. b) Privacy Concerns: Balancing the collection and usage of student data with privacy regulations
and policies is critical. c) Digital Divide: Addressing the disparity in access to devices and reliable internet connectivity among students to
ensure equal opportunities. d) Resistance to Change: Overcoming resistance from students, faculty, and staff who may be reluctant to adopt
new technologies.
• Security: a) Data Encryption: Implementing robust encryption techniques to protect sensitive data transmitted over mobile networks. b)
Authentication and Authorization: Utilizing secure login mechanisms and access controls to ensure only authorized users can access
sensitive information. c) Regular Security Audits: Conducting regular security audits to identify and address vulnerabilities in the mobile
and ubiquitous computing infrastructure.
• Methods and Frameworks for Implementation: a) Agile Development: Employing agile development methodologies to iteratively design,
develop, and deploy mobile applications and services. b) BYOD Policies: Establishing policies and guidelines for students and staff who

51. wish to use their personal devices on campus. c) Cloud Infrastructure: Leveraging cloud-based infrastructure to support scalable and
accessible mobile and ubiquitous computing services. d) Collaboration with Technology Partners: Partnering with technology companies
and vendors to leverage their expertise and resources for seamless implementation.
Conclusion: Mobile and ubiquitous computing technologies have the potential to significantly enhance the student experience in educational
institutes and universities. By leveraging mobile applications, wearable devices, IoT, and LBS, institutions can provide students with access to
information, improve communication, and create a more engaging learning environment. While challenges related to cost, usability, security, and
adoption exist, implementing appropriate methods and frameworks can overcome these obstacles. Educational institutes must carefully plan, invest,
and collaborate with technology partners to harness the full potential of mobile and ubiquitous computing in delivering better services to students.
Question 3
a. Briefly explain main challenges raised by mobile and ubiquitous computer systems.
The main challenges raised by mobile and ubiquitous computer systems include:
• Limited resources: Mobile devices have limited processing power, memory, and battery life compared to traditional desktop computers.
This constraint poses challenges in terms of performance optimization, resource management, and designing efficient algorithms.
• Heterogeneity: Mobile and ubiquitous systems consist of a wide range of devices with different hardware capabilities, operating systems,
and communication protocols. Ensuring interoperability and seamless integration across diverse platforms is a significant challenge.
• Connectivity and network issues: Mobile devices heavily rely on wireless networks for connectivity, and they often operate in environments
with varying network conditions. These devices need to handle issues like network disconnections, low bandwidth, and intermittent
connectivity.
• Security and privacy: Mobile and ubiquitous systems face security threats such as unauthorized access, data breaches, and malware attacks.
The distributed nature of these systems makes it challenging to enforce security policies and protect sensitive information.

52. b. Using diagram describe Smartphone Hardware Architecture and its common components.
Smartphone Hardware Architecture and its common components:
Below is a simplified diagram representing the hardware architecture of a smartphone:
+-----------------------------------+
| Application |
+-----------------------------------+
| Operating System |
+-----------------------------------+
| Device Drivers/Kernel |
+-----------------------------------+
| Hardware Abstraction |
+-----------------------------------+
| Hardware Components |
+-----------------------------------+
 Application: This layer includes the applications installed on the smartphone, such as social media, games, productivity tools, etc.
 Operating System: The operating system (e.g., Android, iOS) provides the core functionalities and manages resources like memory,
processes, and security.
 Device Drivers/Kernel: This layer interacts directly with the hardware, including drivers for components like camera, touchscreen, sensors,
etc. The kernel handles low-level operations and manages hardware resources.

53.  Hardware Abstraction: This layer provides an abstraction between the hardware components and the rest of the system, enabling
standardized access to the underlying hardware.
 Hardware Components: These are the physical components that make up a smartphone, including the CPU, memory, display, camera,
sensors (such as accelerometer, gyroscope, GPS), connectivity modules (Wi-Fi, Bluetooth, cellular), and battery.
c. Describe relationship distributed computing, mobile computing and mobile Ubiquitous Computing.
Relationship between distributed computing, mobile computing, and mobile Ubiquitous Computing:
 Distributed Computing: It refers to a computing model in which multiple computers or devices work together to solve a common problem
or perform a task. It involves the distribution of computational tasks across a network and can be applied to various domains, including
mobile and ubiquitous computing.
 Mobile Computing: Mobile computing focuses on the ability to use computers or devices while on the move. It encompasses technologies
and applications that enable users to access information, communicate, and perform tasks using mobile devices such as smartphones,
tablets, and wearables.
 Mobile Ubiquitous Computing: Mobile ubiquitous computing combines the concepts of mobile computing and ubiquitous computing. It
refers to the seamless integration of mobile devices into the surrounding environment, allowing users to access services and resources
anytime and anywhere. It leverages the mobility of devices and the pervasiveness of networks to create an environment where computing
is pervasive and transparent to the user.
In summary, mobile ubiquitous computing extends the capabilities of mobile computing by integrating it with the principles of ubiquitous
computing, which aims to create a computing environment where technology is seamlessly integrated into everyday life.
d. What are the goals of service composition in ubiquitous computing.
The goals of service composition in ubiquitous computing include:

54. • Seamless integration: Service composition aims to seamlessly integrate diverse services and resources available in a ubiquitous computing
environment. It allows users to access and combine services from multiple sources to fulfill their requirements without being aware of the
underlying complexity.
• Dynamic adaptation: Service composition enables dynamic adaptation by providing the ability to compose and recompose services based
on changing requirements, user preferences, or environmental conditions. It allows for flexible customization and adaptation of services to
meet specific needs.
• Resource optimization: Service composition optimizes the utilization of available resources by coordinating and orchestrating services in
an efficient manner. It aims to minimize resource consumption, reduce redundancy, and maximize overall system performance.
• Context-awareness: Service composition takes into account the context of the user and the environment to provide personalized and
contextually relevant services. It considers factors such as location, time, user preferences, and available resources to deliver tailored and
adaptive services.
e. "The integration of devices with physical world involves awareness" critic above statement.
"The integration of devices with the physical world involves awareness."
This statement can be criticized on the grounds that the integration of devices with the physical world goes beyond mere awareness. While
awareness is an important aspect, it is not the sole requirement for integration. Integration also requires other factors such as interaction,
communication, and action.
Integration involves devices being able to interact with the physical world, gather information from sensors, and take actions based on that
information. It goes beyond mere awareness and includes the ability to understand the context, make decisions, and provide meaningful responses
or actions.
For example, in a smart home system, devices need to be aware of the environment and the presence of occupants, but they also need to interact
with the physical world by adjusting the temperature, controlling lighting, or opening doors. Awareness alone is not sufficient; devices must have
the capability to communicate, process data, and execute actions to achieve effective integration with the physical world.

55. Question 4
Write an essay to compare web app, native app and hybrid app development technologies based on the following criteria:
• License and Costs
• Supported Platforms
• Access to platform-specific features
• Long-term feasibility
• Look and feel.
• Application Speed
• Distribution
• Development environment
• GUI Design
• Ease of development
Comparing Web App, Native App, and Hybrid App Development Technologies
In today's digital age, mobile applications have become an integral part of our lives, enabling us to access information and services on the go.
When developing mobile apps, developers have three main options: web app, native app, and hybrid app development. Each approach has its own
strengths and weaknesses. This essay aims to compare these technologies based on several criteria: license and costs, supported platforms, access
to platform-specific features, long-term feasibility, look and feel, application speed, distribution, development environment, GUI design, and ease
of development.
1. License and Costs:
 Web App: Web apps are typically developed using web technologies (HTML, CSS, JavaScript) and do not require licensing fees. The costs
are associated with web hosting and development.
 Native App: Native app development requires licenses for each platform (e.g., iOS, Android), and the costs can be higher due to separate
development efforts for each platform.

56.  Hybrid App: Hybrid app frameworks, such as React Native and Flutter, are usually open source and free to use, resulting in cost savings
compared to native apps.
2. Supported Platforms:
 Web App: Web apps are accessible across various platforms, including desktop browsers and mobile devices, regardless of the operating
system.
 Native App: Native apps are platform-specific, requiring separate development for each platform (e.g., iOS and Android).
 Hybrid App: Hybrid apps can be deployed on multiple platforms, leveraging a single codebase, which reduces development efforts
compared to native apps.
3. Access to Platform-Specific Features:
 Web App: Web apps have limited access to platform-specific features, as they run within a web browser sandbox and rely on web
technologies.
 Native App: Native apps have full access to platform-specific features, APIs, and hardware capabilities, providing a richer user experience.
 Hybrid App: Hybrid apps can access some platform-specific features through plugins or modules, but they may not offer the same depth
of functionality as native apps.
4. Long-term Feasibility:
 Web App: Web apps offer long-term feasibility as they are not tied to specific platforms and can be easily updated and maintained.
 Native App: Native apps may face long-term feasibility challenges due to platform updates, changes in technology, and the need for ongoing
maintenance and updates for each platform.
 Hybrid App: Hybrid apps offer better long-term feasibility compared to native apps since they share a single codebase, making it easier to
update and maintain.
5. Look and Feel:
 Web App: Web apps can be designed to have a consistent look and feel across different platforms but may lack the native look and feel of
each platform.
 Native App: Native apps provide a native look and feel, adhering to the design guidelines and user experience patterns of each platform.

57.  Hybrid App: Hybrid apps can achieve a native-like look and feel, but there may be some differences in performance and responsiveness
compared to fully native apps.
6. Application Speed:
 Web App: Web apps rely on internet connectivity and may have slower performance compared to native apps.
 Native App: Native apps offer superior performance due to direct access to device resources and optimized code.
 Hybrid App: Hybrid apps can have performance limitations due to the use of web views for rendering certain elements.
7. Distribution:
 Web App: Web apps are easily distributed via the web, accessible through URLs, without the need for app store approval.
 Native App: Native apps are distributed through app stores (e.g., Apple App Store, Google Play Store), providing a centralized platform
for discovery and installation.
 Hybrid App: Hybrid apps can be distributed through app stores like native apps or deployed as web apps, offering flexibility in distribution
options.
8. Development Environment:
 Web App: Web apps can be developed using standard web development tools and frameworks, making the development environment more
accessible.
 Native App: Native app development requires platform-specific tools and software development kits (SDKs) for each platform, adding
complexity to the development environment.
 Hybrid App: Hybrid app development utilizes frameworks and tools that simplify development, such as React Native and Flutter, offering
a more streamlined development environment.
9. GUI Design:
 Web App: Web apps can provide responsive design and adapt to different screen sizes, but they may lack some native UI components and
interactions.
 Native App: Native apps allow for platform-specific GUI design, utilizing native UI components and interactions, resulting in a more native
user experience.

58.  Hybrid App: Hybrid apps aim to provide a balance between native and web app design, allowing developers to create custom UI
components while leveraging platform-specific design elements.
10. Ease of Development:
 Web App: Web app development is generally considered easier due to the widespread knowledge of web technologies and the availability
of extensive online resources.
 Native App: Native app development requires specialized knowledge of platform-specific languages (e.g., Swift, Java/Kotlin) and APIs,
which can increase development complexity.
 Hybrid App: Hybrid app development combines web technologies with native app development principles, requiring knowledge of both
domains but offering code reusability advantages.
In conclusion, web app, native app, and hybrid app development technologies each have their own advantages and considerations. Web apps offer
cross-platform compatibility and cost savings, but may have limited access to platform-specific features. Native apps provide superior performance,
native look and feel, and access to platform features but require separate development efforts and higher costs. Hybrid apps strike a balance
between cross-platform compatibility and native functionality, with a single codebase, but may have some limitations in performance and access
to platform-specific features. Choosing the most suitable approach depends on the specific requirements, budget, target audience, and long-term
feasibility of the application.
Question 5
a. List 5 myths about Mobile Security and their Realities.
Myths about Mobile Security and Their Realities:
• Myth: Mobile devices are not vulnerable to cyber threats. Reality: Mobile devices are just as susceptible to cyber threats as computers.
They can be targeted by malware, phishing attacks, and other security risks.
• Myth: Mobile apps from official app stores are always safe. Reality: While app stores have security measures in place, malicious apps can
still slip through the vetting process. Users should exercise caution and download apps from trusted sources.

59. • Myth: Antivirus software is not necessary for mobile devices. Reality: Mobile devices can benefit from antivirus software to detect and
protect against malware and other malicious activities.
• Myth: Mobile devices cannot be hacked or remotely controlled. Reality: Mobile devices can be hacked or compromised through various
methods, such as exploiting vulnerabilities, insecure networks, or social engineering techniques.
• Myth: Mobile devices do not need regular software updates. Reality: Regular software updates are crucial for mobile devices as they often
include security patches to address vulnerabilities and protect against emerging threats.
b. Describe common mistakes people make with their mobile device.
Common Mistakes People Make with Their Mobile Devices:
• Weak or no passcode: Many people fail to set strong passcodes or use biometric authentication, leaving their devices vulnerable to
unauthorized access.
• Unsecured Wi-Fi connections: Connecting to public or unsecured Wi-Fi networks without using a virtual private network (VPN) exposes
devices to potential data interception and hacking.
• Neglecting software updates: Ignoring or postponing software updates can leave devices exposed to known vulnerabilities that could be
exploited by attackers.
• Downloading apps from untrusted sources: Installing apps from unofficial sources or clicking on suspicious links can lead to the installation
of malware or other malicious software.
• Lack of data backup: Failing to regularly back up important data puts users at risk of losing their information in case of device theft,
damage, or malware attacks.
c. Write a brief document explaining enterprise mobility security issues.
Enterprise mobility refers to the use of mobile devices and technology in the workplace. While it offers numerous benefits, there are security issues
that organizations need to address:

60. 1. Data breaches: Mobile devices can store and access sensitive corporate data, making them a potential target for unauthorized access or data
breaches.
2. Lost or stolen devices: If mobile devices containing business data are lost or stolen, it can lead to unauthorized access and potential data
leaks.
3. Malicious apps: Employees may unknowingly download malicious apps that can compromise corporate data and networks.
4. Insecure networks: Connecting to unsecured Wi-Fi networks or using public hotspots can expose corporate data to interception and
unauthorized access.
5. Insider threats: Employees with malicious intent or inadvertently engaging in risky behaviors can pose security risks to enterprise mobility.
Organizations should implement security measures such as device encryption, strong authentication methods, mobile device management (MDM)
solutions, secure app distribution, and regular security training for employees to mitigate these security issues.
d. Write a brief document explaining the mobile application you selected to implement. Use the given guideline to write your report.
• Business Need
• Usability aspects
• Use of technology
• Security
Mobile Application: Expense Tracker Pro
Business Need: Expense Tracker Pro is a mobile application designed to help individuals and businesses track their expenses efficiently. It
addresses the need for a convenient and user-friendly solution to manage and monitor financial transactions on the go.
Usability Aspects: Expense Tracker Pro offers a simple and intuitive user interface, allowing users to easily input and categorize their expenses.
It provides features such as automated expense tracking, receipt scanning, budget management, and detailed expense reports for better financial
planning.

61. Use of Technology: The application utilizes cloud-based storage and synchronization to ensure data accessibility across multiple devices. It
leverages advanced technologies such as optical character recognition (OCR) for receipt scanning, data encryption for secure storage, and real-
time expense updates.
Security: Expense Tracker Pro prioritizes security to protect sensitive financial data. It implements strong encryption algorithms to safeguard
user information during transmission and storage. Additionally, it employs authentication measures such as passcodes or biometrics to ensure
only authorized individuals can access the application.
Conclusion: Expense Tracker Pro addresses the business need for efficient expense tracking and management. Its usability aspects focus on
providing a user-friendly interface, while its use of technology incorporates advanced features like OCR and cloud synchronization. The
application also prioritizes security, implementing encryption and authentication measures to protect user data. By offering a comprehensive
solution for expense tracking, Expense Tracker Pro aims to streamline financial management for individuals and businesses alike.
Past Papers – 2017
Question 1
GSM (Global System for Mobile Communications, originally Group Special Mobile) is a standard developed by the European
Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by
mobile phones, first deployed in Finland in December 1991.
a. Explain GSM architecture with a neat block diagram, Highlighting all the interfaces.
The GSM architecture consists of several components that work together to enable mobile communication. Here is a block diagram illustrating the GSM
architecture:

62. +-------------------+ +---------------------+ +----------------------+
| Mobile | | Base Station | | Network and |
| Station | | Subsystem | | Switching Subsystem |
| (MS) | | (BSS) | | (NSS) |
+-------------------+ +---------------------+ +----------------------+
| | |
| | |
| | |
| +---------------------+ |
| | Base Transceiver | |
| | Station (BTS) | |
| +---------------------+ |
| | |
| | |
| +---------------------+ |
| | Base Station | |
| | Controller (BSC) | |

63. | +---------------------+ |
| | |
| | |
| | |
| +---------------------+ |
+---------------> Mobile Switching <--------------------+
| Center (MSC) |
+---------------------+
1. Mobile Station (MS): The Mobile Station is the user's mobile phone or device. It consists of two main components: the Mobile Equipment
(ME) and the Subscriber Identity Module (SIM). The ME includes the hardware components of the mobile device, such as the display,
keypad, and speaker. The SIM card contains the subscriber's identity information, such as the phone number and authentication credentials.
2. Base Station Subsystem (BSS): The Base Station Subsystem is responsible for establishing and maintaining the wireless communication
link with the mobile station. It consists of two main components: the Base Transceiver Station (BTS) and the Base Station Controller
(BSC).
o Base Transceiver Station (BTS): The BTS is responsible for transmitting and receiving radio signals to and from the mobile station.
It consists of radio transceivers, antennas, and other necessary equipment for wireless communication.
o Base Station Controller (BSC): The BSC acts as an intermediary between the BTS and the Network and Switching Subsystem
(NSS). It manages the radio resources, handover between cells, and call setup procedures. The BSC is responsible for controlling
multiple BTSs.
3. Network and Switching Subsystem (NSS): The Network and Switching Subsystem handles call routing, switching, and mobility
management functions. It consists of several components:
o Mobile Switching Center (MSC): The MSC is the central component of the NSS. It performs call switching and routing functions,
including call setup, call termination, and mobility management.
o Visitor Location Register (VLR): The VLR stores temporary information about the mobile stations located within its coverage area.
It includes information about the roaming subscribers.

64. o Home Location Register (HLR): The HLR stores permanent subscriber information, including the subscriber's identity, services,
and location. It is responsible for authenticating and authorizing the subscriber.
Overall, the GSM architecture ensures seamless communication between mobile stations, base stations, and the core network components, enabling
mobile communication services.
b. Discuss following three main components of the Cellular Communication systems.
• Mobile Station (MS) - UE, SIM
• Base Station Subsystem (BSS) - BTS, RBS, BSC
• Network and Switching Subsystem (NSS) - MSC, VLR, HLR,
Components of Cellular Communication Systems:
1. Mobile Station (MS): The Mobile Station (MS) refers to the user's mobile device, such as a mobile phone or tablet. It consists of the
Mobile Equipment (ME) and the Subscriber Identity Module (SIM). The ME comprises the physical hardware of the mobile device,
while the SIM card stores subscriber-specific information and provides authentication.
2. Base Station Subsystem (BSS): The Base Station Subsystem (BSS) is responsible for establishing and maintaining the wireless
communication link with the mobile station. It includes the following components:
o Base Transceiver Station (BTS): The BTS is responsible for transmitting and receiving radio signals between the mobile station
and the network. It contains radio transceivers, antennas, and other necessary equipment for wireless communication.
o Radio Base Station (RBS): The RBS is the physical equipment responsible for radio signal transmission and reception. It includes
the BTS along with amplifiers, filters, and other radio frequency components.
o Base Station Controller (BSC): The BSC manages and controls multiple BTSs. It handles call setup, handover between cells, and
manages radio resources.
3. Network and Switching Subsystem (NSS): The Network and Switching Subsystem (NSS) is the core network that handles call routing,
switching, and mobility management. It comprises the following components:
o Mobile Switching Center (MSC): The MSC is the central component of the NSS. It handles call switching, routing, and mobility
management functions. It connects calls between mobile stations and other fixed or mobile networks.
o Visitor Location Register (VLR): The VLR stores temporary subscriber information for roaming subscribers within a specific
area. It tracks the current location of the mobile stations and provides services accordingly.

65. o Home Location Register (HLR): The HLR is a centralized database that stores permanent subscriber information. It includes
subscriber identities, services, and authentication information. The HLR is responsible for managing subscriber profiles and
authorizing services.
These three main components work together to enable cellular communication by establishing and maintaining connections between mobile
stations and the network, facilitating call routing, and managing subscriber information.
Question 2
a. Describe the essence ubiquitous Computing, what is it really about?
Ubiquitous Computing: Ubiquitous Computing, also known as pervasive computing or ambient intelligence, refers to the concept of integrating
computing and communication capabilities seamlessly into everyday objects and environments. It envisions a world where computing is
embedded in our surroundings, making technology pervasive and invisible. The essence of ubiquitous computing is to create a seamless and
interconnected network of devices, where information can be accessed and shared effortlessly.
Ubiquitous computing aims to enhance our daily lives by making technology more accessible, intuitive, and integrated. It involves the deployment
of sensors, actuators, and computational capabilities in various devices, such as smartphones, wearables, household appliances, cars, and
infrastructure like smart cities. These devices communicate and interact with each other, gathering and analyzing data to provide personalized
and context-aware services.
The key principles of ubiquitous computing include:
1. Connectivity: All devices are connected to a network, enabling seamless communication and data sharing.
2. Context Awareness: Devices can sense and understand the context of their users, such as location, preferences, and activities, to deliver
personalized and relevant services.
3. Adaptability: Devices can adapt and respond to changing conditions and user requirements.
4. Transparency: Technology becomes integrated into the environment, becoming virtually invisible and accessible without conscious effort.
5. User-Centricity: The focus is on creating technology that is intuitive, easy to use, and enhances the user experience.

66. b. Briefly describe the following most commonly used mobile operating systems.
• Android from Google Inc.
• iOS from Apple Inc.
• RIM BlackBerry
There are three types of Multiple Access Methods to understand:
• Frequency Division Multiple Access (FDMA) - flexible and simple
• Time Division Multiple Access (TDMA) - popular
• Code Division Multiple Access (CDMA) - highly secure
Android from Google Inc.: Android is an open-source mobile operating system developed by Google. It is based on the Linux kernel and
designed primarily for touchscreen devices such as smartphones and tablets. Android allows users to customize their devices, supports a wide
range of applications from the Google Play Store, and integrates with various Google services. It has a large market share and is used by many
manufacturers worldwide.
iOS from Apple Inc.: iOS is a proprietary mobile operating system developed by Apple Inc. It is designed exclusively for Apple devices like
the iPhone, iPad, and iPod Touch. iOS provides a seamless and intuitive user experience, with a focus on security and privacy. It has a curated
App Store and integrates tightly with Apple's ecosystem of services and devices.
RIM BlackBerry: RIM BlackBerry is an operating system developed by Research In Motion (now BlackBerry Limited) for BlackBerry
smartphones. It offers features such as secure email, messaging, and enterprise-level security. BlackBerry devices were known for their physical
keyboards and strong security features, making them popular among business professionals.
c. Briefly discuss following the popular multiple access methods using diagrams
• FDMA
Frequency Division Multiple Access (FDMA): FDMA is a multiple access method where the available frequency spectrum is divided into
different frequency channels. Each channel is allocated to a specific user or communication link, allowing them to transmit and receive data
independently. The diagram below illustrates the concept of FDMA:

67. -----------------------
| User 1 |
-----------------------
| User 2 |
-----------------------
| User 3 |
-----------------------
| User 4 |
-----------------------
| User 5 |
-----------------------
• TDMA
Time Division Multiple Access (TDMA): TDMA is a multiple access method where the available time is divided into time slots. Each user or
communication link is assigned a specific time slot, during which they can transmit and receive data. The diagram below illustrates the concept
of TDMA:
-----------------------------------------------------
| Slot 1 | Slot 2 | Slot 3 | Slot 4 | Slot 5 | Slot 6 |
-----------------------------------------------------

68. | User 1 | User 2 | User 3 | User 4 | User 5 | User 6 |
-----------------------------------------------------
• CDMA
Code Division Multiple Access (CDMA): CDMA is a multiple access method where each user is assigned a unique code to transmit and
receive data. These codes are spread across the available frequency spectrum, allowing multiple users to share the same bandwidth
simultaneously. The diagram below illustrates the concept of CDMA:
--------------------------
| User 1 Code |
--------------------------
| User 2 Code |
--------------------------
| User 3 Code |
--------------------------
| User 4 Code |
--------------------------
| User 5 Code |
--------------------------
Note: The diagrams provided above are simplified representations to illustrate the concept of each multiple access method. In practice, the
implementation may vary and involve more complex techniques.

69. Question 3
a. Fragment is a modular section of an activity, which has its own lifecycle, receives its own input events, and which you can add or
remove while the activity is running. Justify the selection of "fragments" in android by stating the strengths of fragments over other
UI building techniques.
Justification for Using Fragments in Android:
Fragments offer several strengths over other UI building techniques in Android:
1. Modularity and Reusability: Fragments provide a modular approach to UI development. They can be added, removed, or replaced
within an activity dynamically, allowing for flexible and reusable UI components. This modularity helps in creating flexible and
maintainable code, as fragments can be easily reused across different activities or even in different parts of the same activity.
2. Lifecycle and State Management: Fragments have their own lifecycle, similar to activities. This allows developers to manage UI
components and handle events specific to a fragment independently. Fragments can retain their state during configuration changes,
such as screen rotations, which simplifies handling configuration changes and avoids data loss.
3. UI Composition: Fragments allow for flexible UI composition, enabling the creation of complex and responsive user interfaces.
Multiple fragments can be combined within a single activity to create a multi-pane layout or support different screen sizes and
orientations. This makes it easier to create adaptable and interactive UIs that can accommodate various device form factors.
4. Interaction and Communication: Fragments can communicate with each other and with the parent activity through interfaces. This
facilitates decoupling and promotes modular design patterns, making it easier to maintain and extend the codebase. Fragments can also
pass data between each other using arguments, allowing for seamless data sharing and interaction.
5. Tablet and Multi-Pane Support: Fragments are particularly beneficial for tablet or large-screen devices where multiple panes or split-
screen layouts are used. Fragments enable developers to design responsive interfaces that adapt to different screen sizes and provide an
enhanced user experience.
Overall, the strengths of fragments lie in their modularity, lifecycle management, UI composition capabilities, and support for interaction and
communication between UI components. These advantages make fragments a powerful tool for building flexible, reusable, and responsive user
interfaces in Android.

70. b. Compare and contrast the different persistence technologies available in Android.
In Android, there are several persistence technologies available for storing and retrieving data. Here is a comparison of some common persistence
technologies:
1. Shared Preferences:
o Description: Shared Preferences allow storing simple data types (key-value pairs) in a private file.
o Strengths: Lightweight, easy to use, suitable for small and simple data, and good for storing user preferences or app settings.
o Limitations: Limited to simple data types, not suitable for complex data structures or large datasets.
2. Internal Storage:
o Description: Internal Storage allows storing private files within the app's sandboxed directory.
o Strengths: Secure, good for storing sensitive data, suitable for small to medium-sized files.
o Limitations: Files are limited to the app's private space, not accessible by other apps, and limited in storage capacity.
3. External Storage:
o Description: External Storage provides access to shared storage, such as an SD card.
o Strengths: Suitable for large files and media, allows data sharing with other apps, and offers more storage capacity.
o Limitations: Less secure than internal storage, requires appropriate permissions, and the availability of external storage can vary
across devices.
4. SQLite Database:
o Description: SQLite is a lightweight, embedded database that provides relational database features.
o Strengths: Suitable for structured data, efficient querying, and sorting operations, and supports complex data relationships.
o Limitations: Requires knowledge of SQL, not ideal for large datasets, and needs careful management of database operations.
5. Content Providers:
o Description: Content Providers allow sharing data between apps using a standard interface.
o Strengths: Secure data sharing mechanism, allows data access control, and supports data synchronization.
o Limitations: Requires additional setup and configuration, more complex to implement than other persistence options.
The selection of a persistence technology depends on factors such as the type of data, data size, security requirements, data sharing needs, and
complexity of data relationships. Developers need to evaluate these factors to choose the most appropriate persistence technology for their specific
use case.

71. c. Analyze the challenges in cross platform mobile application development by stating how you overcome the mentioned challenges.
Cross-platform mobile application development refers to the development of apps that can run on multiple platforms (such as iOS and Android)
using a single codebase. However, there are several challenges associated with this approach:
1. User Experience (UX) Consistency: Achieving consistent UX across different platforms can be challenging due to differences in platform-
specific design guidelines, navigation patterns, and UI components. Overcoming this challenge requires careful consideration of platform-
specific UI elements and adapting the app's design to match each platform's conventions.
2. Performance Optimization: Cross-platform frameworks often introduce an additional layer of abstraction, which can impact app
performance compared to native development. Optimizing app performance across different platforms requires fine-tuning code, leveraging
platform-specific optimizations, and utilizing performance profiling tools.
3. Native Functionality Access: Cross-platform frameworks may not provide direct access to all platform-specific features and APIs. When
developing cross-platform apps, developers need to identify the required native functionality and find suitable plugins or extensions to
bridge the gap between the cross-platform framework and native APIs.
4. Platform Fragmentation: Different platforms and their versions introduce fragmentation in terms of device capabilities, screen sizes, and
OS versions. This fragmentation can complicate the development process, requiring additional testing, compatibility checks, and adapting
the app to various configurations.
5. Development Tooling and Ecosystem Support: Cross-platform frameworks and tools evolve rapidly, and the level of community support
and availability of libraries can vary across platforms. It's important to choose mature and well-supported frameworks and ensure access
to necessary resources, documentation, and community support.
To overcome these challenges, developers can consider the following strategies:
 Conduct thorough research to select the most suitable cross-platform framework based on the project's requirements.
 Utilize platform-specific code or plugins to access native functionality when necessary.
 Prioritize platform-specific design and user experience guidelines to provide a consistent and native-like experience.
 Conduct extensive testing on different devices and OS versions to ensure compatibility and optimal performance.
 Stay updated with the latest updates and improvements in cross-platform development tools and frameworks.
d. Explain the usage of "Activity class" in android with respect to the app development.

72. In Android app development, the Activity class plays a crucial role. An Activity represents a single screen with a user interface, and it serves as
the entry point for interaction with the user. Here's how the Activity class is used:
1. User Interface Management: The Activity class manages the user interface components of an app. It defines the layout of the screen using
XML files or programmatically creating the layout hierarchy. It handles user interactions, such as button clicks or touch events, by
implementing event handlers and callbacks.
2. Lifecycle Management: Activities have a lifecycle consisting of various states (e.g., created, started, resumed, paused, stopped, destroyed).
The Activity class provides methods to override and handle these lifecycle events. Developers can perform specific actions during different
lifecycle stages, such as initializing UI elements, saving/restoring instance state, or releasing resources.
3. Navigation and Intents: Activities are used for navigation within an app. By starting an Activity using Intents, developers can move from
one screen (Activity) to another. Activities can pass data between each other using Intent extras or retrieve results when an Activity finishes.
4. Back Stack Management: Activities are added to a back stack, allowing users to navigate back to previous screens using the device's back
button. The Activity class manages the back stack, enabling users to move between previously visited screens in the reverse order of their
entry.
5. Contextual Awareness: Activities have access to the application's Context, allowing them to access resources, services, and other app
components. The Activity class provides methods to interact with the Context, such as retrieving system services or accessing app-specific
resources.
In summary, the Activity class in Android provides the foundation for screen management, user interaction, lifecycle handling, navigation, and
contextual awareness within an app. It serves as the building block for creating interactive and multi-screen applications.
Question 4
 Write an essay to synthesize the challenges in mobile application development compare to other application
developments/platforms based on the following criteria
 The requirement of mobility
 Mobile mindset of the users/ user expectation

73.  Mobile Application features
 Working with resources
 Ease of development
 Development environments
 Availability of technology
 Security issues and usability
Challenges in Mobile Application Development:
Mobile application development presents unique challenges compared to other application development platforms. The following criteria
highlight some of these challenges:
 Requirement of Mobility: Mobile applications are designed to operate on devices that are constantly on the move. This introduces
challenges related to network connectivity, varying screen sizes, and limited resources. Developers need to ensure that their
applications can function seamlessly across different devices and network conditions.
 Mobile Mindset of Users/User Expectation: Mobile users have a different mindset and higher expectations compared to users of
other platforms. They expect applications to be fast, intuitive, and provide a smooth user experience. Developers must prioritize
performance optimization, responsiveness, and user-centric design to meet these expectations.
 Mobile Application Features: Mobile applications often require specialized features like location-based services, camera
integration, push notifications, and touch-based interactions. Implementing these features effectively while maintaining
compatibility across different devices and operating systems can be challenging.
 Working with Resources: Mobile devices have limited resources such as battery life, processing power, and memory. Developers
must optimize their applications to consume fewer resources and minimize battery drain. Efficient resource management is crucial
to ensure smooth performance and enhance the user experience.
 Ease of Development: Developing mobile applications can be more complex and time-consuming compared to other platforms.
There are multiple operating systems (Android, iOS), each with its own development frameworks, programming languages, and
design guidelines. Developers need to invest time in learning these technologies and adapt their development approaches
accordingly.
 Development Environments: Developing mobile applications requires specific development environments and tools. These
environments can vary across platforms, and developers must be familiar with their respective integrated development environments

74. (IDEs) and software development kits (SDKs). Switching between different IDEs and maintaining code compatibility can be
challenging.
 Availability of Technology: Mobile application development relies on the availability of compatible technologies and APIs
provided by the operating system and device manufacturers. The availability and maturity of these technologies may vary, which
can impact the development process and limit the application's functionality.
 Security Issues and Usability: Mobile applications face security challenges such as data encryption, secure authentication, and
protection against malware. Developers need to implement robust security measures to safeguard user data and prevent unauthorized
access. Additionally, ensuring a seamless and user-friendly interface is crucial to drive adoption and usage of the application.
 Suppose that you have, been asked to develop a mobile solution to facilitate the learning and teaching activities of a university.
Write a brief design document explaining the mobile application you selected to implement for the university. Use the given
guideline to write your report.
 Business Need
 Usability aspects
 Use of technology
 Security
Business Need: The university requires a mobile application to facilitate learning and teaching activities. The application aims to provide a
seamless and efficient platform for students and faculty to access course materials, participate in discussions, submit assignments, and
communicate with each other. The goal is to enhance collaboration, engagement, and convenience in the learning process.
Usability Aspects: The mobile application should prioritize ease of use and intuitive navigation. It should have a clean and visually appealing
interface, allowing users to quickly access relevant information and perform necessary tasks. Features such as personalized dashboards, push
notifications for important updates, and offline access to course materials should be included to improve usability.
Use of Technology: The mobile application will be developed using native frameworks to ensure optimal performance and seamless integration
with the underlying operating systems. The application will leverage device capabilities like GPS for location-based services, camera for
scanning documents, and push notification services to deliver timely updates. Additionally, cloud-based storage and synchronization will be
utilized to provide seamless access to course materials across devices.

75. Security: Security is of utmost importance in the mobile learning and teaching application. Robust authentication mechanisms, such as two-
factor authentication, will be implemented to protect user accounts and data. Encryption will be employed to secure sensitive information, both
during transmission and storage. Regular security audits and updates will be conducted to address any vulnerabilities.
In conclusion, mobile application development poses various challenges compared to other platforms. The requirement of mobility, user
expectations, specialized features, resource management, and security considerations demand careful planning and execution. However, by
addressing these challenges effectively and utilizing the right technologies, mobile applications can provide powerful solutions that enhance
learning and teaching experiences at universities.
Question 5
a. Analyze FOUR different enterprise mobile security issues by stating the reason for the mentioned issues.
Analysis of Four Enterprise Mobile Security Issues:
 Data Leakage: Reason: Data leakage can occur due to insecure data storage, improper data transmission, or vulnerabilities in the mobile
application. It can be caused by weak encryption methods, insecure APIs, or inadequate access controls.
 Unauthorized Access: Reason: Unauthorized access can result from weak authentication mechanisms, such as easy-to-guess passwords or
lack of multi-factor authentication. It can also occur due to insecure session management, allowing attackers to hijack user sessions and
gain unauthorized access to sensitive data or functionality.
 Malware and App Vulnerabilities: Reason: Mobile devices are susceptible to malware and app vulnerabilities. Malware can be introduced
through malicious apps or compromised app stores, leading to unauthorized access, data theft, or device compromise. App vulnerabilities,
such as insecure coding practices or lack of input validation, can be exploited to gain unauthorized access or control over the device.
 Bring Your Own Device (BYOD) Risks: Reason: The trend of employees using personal devices for work purposes brings unique security
challenges. These devices may lack proper security controls or may be compromised by personal apps or activities. The risk of data leakage,
unauthorized access, or malware infection increases when personal and corporate data coexist on the same device.
b. Do you think Android has enough security Implementations? Justify your stance by highlighting the factors to support your stance.

76. Justification of Android Security Implementations:
Android has made significant improvements in security over the years, but whether it has enough security implementations depends on various
factors:
 Secure Architecture: Android has implemented a robust security architecture that includes sandboxing, permission-based access controls,
and secure inter-process communication. These measures help isolate apps and protect sensitive user data.
 Regular Security Updates: Android provides monthly security updates that address known vulnerabilities and security issues. These updates
help keep devices protected from emerging threats.
 Google Play Protect: Google Play Protect is a built-in security feature that scans apps for malware and warns users about potentially harmful
apps. It provides a layer of protection against malicious apps and helps in maintaining app security on the Android platform.
 Hardware-backed Security: Android devices often come with hardware-backed security features, such as secure enclaves and biometric
authentication. These hardware-based security implementations enhance the overall security of the device and protect sensitive data.
However, there are still certain factors that can impact Android's security:
 Fragmentation: Android's open nature leads to fragmentation, where different device manufacturers and carriers may modify the operating
system. This fragmentation can result in delays in security updates and inconsistent security implementations across devices.
 App Store Security: While Google Play has security measures in place, the presence of third-party app stores and the ability to sideload
apps introduce additional security risks. Users may unknowingly download apps from untrusted sources, increasing the potential for
malware infections.
 User Practices: User behavior plays a significant role in device security. If users do not follow best practices like regularly updating their
devices, installing apps from trusted sources, and being cautious with app permissions, it can undermine the security measures in place.
In conclusion, while Android has made notable strides in improving security through its architecture, security updates, and built-in features,
ongoing challenges such as fragmentation and user practices impact the overall security of the platform. Continual vigilance, education, and
responsible user behavior are necessary to maximize Android's security capabilities.

77. c. Comment on THREE strengths of IOS native mobile security over Android security.
Strengths of iOS Native Mobile Security over Android:
 Secure Ecosystem: Apple's tightly controlled ecosystem allows for more control over hardware and software integration, resulting in a
more consistent and secure experience. The closed nature of iOS limits the risk of malware and unauthorized apps, as apps go through
rigorous vetting before being published on the App Store.
 Regular and Timely Updates: Apple provides regular and timely security updates for iOS devices, ensuring that vulnerabilities and security
issues are promptly addressed. This helps in maintaining a secure environment for users and mitigating the risk of exploitation.
 Secure Enclave and Biometric Authentication: iOS devices are equipped with a secure enclave, a dedicated hardware chip that stores
sensitive data like encryption keys and fingerprint data. This hardware-backed security, combined with biometric authentication (Touch
ID or Face ID), adds an extra layer of protection to user data and device security.
d. An IS auditor has identified the enterprise mobile application used by XAR organization contains a vulnerability of "The enterprise
is not managing the device ". Analyze the threats associate with this vulnerability and comment on the risks associated with it.
Threats:
1. Unauthorized Access: The vulnerability of "The enterprise is not managing the device" can lead to unauthorized access to the enterprise
mobile application. Attackers may gain control over the device, compromising sensitive data or using the app for malicious activities.
2. Data Breach: If the enterprise is not managing the device, it increases the risk of data breach. Attackers can exploit vulnerabilities in the
device to gain unauthorized access to sensitive enterprise data stored within the app or transmitted by the app.
3. Malware Infection: Without proper device management, the risk of malware infection increases. Attackers may introduce malicious
software onto the device, compromising the integrity of the enterprise mobile application and potentially impacting the security of the
organization's data.
Risks:

78. 1. Loss of Confidentiality: Unauthorized access to the enterprise mobile application can result in the loss of confidentiality of sensitive data.
Attackers may gain access to proprietary information, customer data, or any other confidential data stored or processed within the
application.
2. Compromised Integrity: If attackers gain control over the device, they can manipulate or modify the enterprise mobile application. This
compromises the integrity of the app, potentially leading to unauthorized transactions, data manipulation, or other malicious activities.
3. Reputational Damage: A successful attack exploiting this vulnerability can lead to reputational damage for the XAR organization.
Customers may lose trust in the organization's ability to secure their data, leading to a loss of business and credibility in the market.
In conclusion, the vulnerability of "The enterprise is not managing the device" poses significant threats, including unauthorized access, data
breaches, and malware infection. The associated risks include the loss of confidentiality, compromised integrity, and reputational damage for the
XAR organization. It is crucial to address this vulnerability by implementing proper device management measures to mitigate these threats and
risks.
Past Papers – 2016
Question 1
Multiple access method describes below is one of the techniques used in modem communication.

79. a. Identify A, B, C, and D and explain their behavior.
A – Forward Link
B – Reverse Link
C – Mobile Station
D – Base Station
A - Forward Link: The forward link refers to the communication link from the base station (D) to the mobile station (C) in a cellular network.
It is also known as the downlink. The forward link is responsible for transmitting data, voice, and other information from the base station to
the mobile station.

80. B - Reverse Link: The reverse link is the communication link from the mobile station (C) to the base station (D) in a cellular network. It is also
known as the uplink. The reverse link is responsible for transmitting signals, such as voice calls, data requests, or other information, from the
mobile station back to the base station.
C - Mobile Station: The mobile station (C) refers to the user's device or mobile device in a cellular network. It can be a smartphone, tablet, or
any other device capable of communicating with the cellular network. The mobile station communicates with the base station to establish and
maintain connections, send and receive data, and access network services.
D - Base Station: The base station (D), also known as the cell tower or cell site, is a fixed infrastructure component in a cellular network. It
provides wireless communication coverage to a specific geographic area called a cell. The base station manages the communication with
mobile stations within its coverage area, handles call routing, and facilitates data transfer between the mobile stations and the network
infrastructure. It is responsible for transmitting and receiving signals to and from the mobile stations.
b. Explain FDMA, TDMA, and COMA with a Suitable diagram.
 Frequency Division Multiple Access (FDMA): FDMA is a technique used in telecommunications to divide the available frequency
spectrum into multiple frequency bands or channels. Each channel is assigned to a specific user or communication link to transmit and
receive signals simultaneously. The diagram below illustrates the concept of FDMA:
------------------------------------------
| Channel 1 | Channel 2 | Channel 3 |
------------------------------------------
In FDMA, each channel is allocated a unique frequency band, and multiple users can share the available bandwidth by using different
frequencies. This allows simultaneous communication between different users without interference.
 Time Division Multiple Access (TDMA): TDMA is another technique used in telecommunications to divide the available time slots within
a given frequency channel. Each user is assigned a specific time slot during which they can transmit their signals. The diagram below
illustrates the concept of TDMA:
| User 1 | User 2 | User 3 | User 4 |

81. In TDMA, each user is allocated a time slot, and the time slots are arranged in a cyclic manner. Users take turns transmitting their signals
during their assigned time slots, ensuring that there is no overlap or interference.
 Code Division Multiple Access (CDMA): CDMA is a spread spectrum technique used in telecommunications. Unlike FDMA and TDMA,
which divide the frequency spectrum based on frequency or time slots, CDMA uses unique codes to distinguish different users. Each user's
signal is spread over the entire available bandwidth using a unique code, and all users share the same frequency band simultaneously. The
diagram below illustrates the concept of CDMA:
| User 1 |
| User 2 |
| User 3 |
In CDMA, each user's signal is multiplied by a unique code, and all users' signals are transmitted simultaneously. The receiver uses the
corresponding code to extract the desired user's signal while rejecting interference from other users.
c. Explain the architecture of GSM in detail.
The architecture of GSM is divided into three main components: the Mobile Station (MS), the Base Station Subsystem (BSS), and the Network
and Switching Subsystem (NSS). Here is a detailed explanation of each component:
1. Mobile Station (MS): The Mobile Station refers to the user's mobile device, which consists of two main elements:
 Mobile Equipment (ME): It comprises the physical handset or device used by the user.
 Subscriber Identity Module (SIM): It is a removable smart card that stores the subscriber's information, such as the subscriber's identity,
authentication key, and subscriber-specific data.
2. Base Station Subsystem (BSS): The Base Station Subsystem is responsible for the radio interface between the mobile station and the
network. It consists of two main elements:
 Base Transceiver Station (BTS): The BTS manages the radio interface, transmitting and receiving signals to and from mobile stations. It
handles functions like modulation, coding, power control, and channel allocation.

82.  Base Station Controller (BSC): The BSC provides control and management functions for one or more BTSs. It handles tasks such as
handover management, call setup, and frequency hopping.
3. Network and Switching Subsystem (NSS): The Network and Switching Subsystem is responsible for call control, switching, and network
management. It consists of several key components:
 Mobile Switching Center (MSC): The MSC is the central component of the network. It handles call routing, switching, and mobility
management functions.
 Home Location Register (HLR): The HLR stores subscriber information, including the subscriber's location, authentication data, and
subscriber services.
 Visitor Location Register (VLR): The VLR stores temporary information about subscribers visiting from other networks.
 Authentication Center (AuC): The AuC provides authentication and encryption functions to ensure secure communication between the
mobile station and the network.
 Equipment Identity Register (EIR): The EIR stores information about stolen, faulty, or unauthorized mobile devices.
 Gateway Mobile Switching Center (GMSC): The GMSC provides the interface between the GSM network and other networks, allowing
calls to be routed between different networks.
These components work together to facilitate mobile communication in the GSM network. The MS communicates with the BSS via the radio
interface, and the BSS communicates with the NSS for call control, switching, and network management functions. This architecture enables
seamless connectivity and provides various services, including voice calls, SMS messaging, and data transfer, to GSM subscribers.
Question 2
Write a report explaining how an education institute or University used lOT related technologies to provide better service students. The
following guideline can be used to write your report.
 Five or more lOT technologies which can be used at Educational Institute or University
 Cost Factor
 Usability and Adoption
 Challenges to overcome.
 Security

83.  Methods and Frameworks for Implementation.
Title: Leveraging IoT Technologies for Enhanced Student Services in Education Institutes
 Introduction In recent years, the Internet of Things (IoT) has gained significant traction across various industries, and the education sector
is no exception. By harnessing IoT-related technologies, educational institutes and universities can revolutionize their service delivery to
students. This report explores five key IoT technologies that can be utilized in educational settings, considering factors such as cost,
usability, challenges, security, and implementation methods and frameworks.
 IoT Technologies for Educational Institutes or Universities
a. Smart Campus Management System: Implementing a smart campus management system allows educational institutions to enhance
operational efficiency and provide better services to students. IoT devices and sensors can be deployed to monitor and manage
facilities, such as smart lighting, energy management, parking systems, and waste management.
b. Smart Classrooms: IoT-enabled smart classrooms integrate various technologies to create an interactive and engaging learning
environment. Smart boards, connected devices, and sensors can be used to facilitate real-time collaboration, personalized learning
experiences, and efficient resource management.
c. Attendance Tracking: IoT-based attendance tracking systems eliminate the need for manual attendance-taking and reduce
administrative burden. Wearable devices, RFID tags, or biometric sensors can be used to track student attendance automatically,
ensuring accurate data collection and real-time monitoring.
d. Safety and Security Systems: Deploying IoT-enabled security systems enhances student safety on campus. Smart surveillance cameras,
access control systems, and emergency response systems provide real-time monitoring, threat detection, and rapid response
capabilities.
e. Personalized Learning: IoT devices and applications can gather data on students' learning patterns, preferences, and progress. This
data can then be used to create personalized learning pathways, adaptive content delivery, and targeted interventions to improve student
outcomes.
 Cost Factor Implementing IoT technologies in educational institutes entails initial investment costs. However, the long-term benefits, such
as improved efficiency, reduced operational costs, and enhanced student services, often outweigh the initial expenses. Additionally,
advancements in IoT technology and increased market competition have led to cost reductions, making these solutions more accessible.
 Usability and Adoption IoT technologies in education must be user-friendly and intuitive to ensure widespread adoption. Institutes should
prioritize the ease of use for students, faculty, and staff. Intuitive interfaces, seamless integration with existing systems, and adequate
training and support are crucial factors for successful adoption.

84.  Challenges to Overcome While IoT technologies offer numerous benefits, several challenges must be addressed for successful
implementation in educational institutes. Some key challenges include:
a. Interoperability: Different IoT devices and platforms may use different protocols, making interoperability a significant challenge.
Ensuring seamless integration and data exchange among various devices and systems is critical.
b. Scalability: As educational institutes grow, IoT systems must be scalable to accommodate an increasing number of devices, sensors,
and data points.
c. Data Privacy: Collecting and analyzing student data raises privacy concerns. It is crucial to establish strict data protection protocols
and comply with relevant regulations, such as GDPR or COPPA.
d. Network Infrastructure: Robust and reliable network infrastructure is essential to support the connectivity requirements of IoT devices.
Adequate bandwidth, security protocols, and network coverage must be in place.
 Security Securing IoT devices and systems is of paramount importance. Educational institutes must implement stringent security measures
to protect against unauthorized access, data breaches, and potential cyber threats. This includes strong authentication mechanisms,
encryption, regular software updates, and continuous monitoring of the IoT ecosystem.
 Methods and Frameworks for Implementation
a) Comprehensive Planning: A detailed analysis of requirements, goals, and desired outcomes is essential before implementing IoT
technologies. This includes assessing existing infrastructure, identifying potential use cases, and setting realistic targets.
b) Proof of Concept (PoC): Conducting small-scale pilots or PoCs can help evaluate the feasibility and effectiveness of IoT solutions.
This allows for fine-tuning and mitigating risks before scaling up implementation.
c) Collaborative Partnerships: Engaging with technology providers, vendors, and experts in the IoT domain can facilitate the
implementation process. Collaborative partnerships can ensure access to the latest IoT solutions and expertise.
d) Integration and Scalability: Prioritize interoperability and scalability when selecting IoT devices, platforms, and solutions. Integration
with existing systems, such as learning management systems or administrative databases, is crucial for a seamless experience.
e) Training and Support: Proper training and ongoing support are vital for users to maximize the benefits of IoT technologies.
Comprehensive training programs should be provided to faculty, staff, and students to ensure efficient utilization of IoT systems.
 Conclusion IoT technologies have the potential to transform education institutes and universities by improving student services, enhancing
operational efficiency, and personalizing the learning experience. While challenges related to cost, usability, security, and implementation
exist, careful planning, collaboration, and robust frameworks can overcome these obstacles. By embracing IoT technologies, educational
institutions can create a digitally connected environment that empowers students and fosters innovation.

85. Question 3
a. List four fundamental components of Android applications by explaining their purpose.
 Activities: Activities represent the user interface (UI) and the main building blocks of an Android application. They provide a window
where the user can interact with the app. Each screen in an Android app is typically implemented as an activity. Activities handle user
input, process data, and initiate other components.
 Services: Services are background components that perform long-running operations without a user interface. They are used for tasks such
as playing music in the background, downloading files, or performing network operations. Services can run even when the user switches
to another app or when the app is not in the foreground.
 Broadcast Receivers: Broadcast Receivers are components that respond to system-wide events or broadcast messages. They allow the
application to receive and respond to events such as incoming calls, low battery warnings, or network connectivity changes. Broadcast
receivers enable communication between different components of the system or between apps.
 Content Providers: Content Providers manage access to a structured set of data. They allow different apps to share and access data stored
in a centralized manner. Content providers are commonly used for managing data such as contacts, calendar events, or media files. They
provide a consistent interface for interacting with data, regardless of how the data is stored or accessed.
b. Assume you have an application that is already running an Activity called Activity 1, Activity 1 starts another Activity called Activity
2. Name on Activity lifecycle method that will be called on Activity 1 after this point, but before Activity2 starts.
The activity lifecycle method that will be called on Activity 1 after it starts Activity 2 is onPause(). The onPause() method is called when the
activity is no longer in the foreground and partially or fully obscured by another activity. This method is typically used to save any unsaved data
or state changes before the activity loses focus and allows the new activity (Activity 2) to take over the screen.
c. What is the purpose of the Intent Filter class? Name/describe two pieces of information that can be specified in an Intent Filter.
The Intent Filter class is used to declare which types of intents an activity, service, or broadcast receiver can respond to. It allows components to
specify their abilities to handle specific actions, data types, or categories of intents.

86. Two pieces of information that can be specified in an Intent Filter are:
1. Action: An action is a string that defines the general operation to be performed. It represents the action that the component can handle.
Examples of actions include "android.intent.action.VIEW" for viewing content or "android.intent.action.SEND" for sending data.
2. Data: Data specifies the type of data that the component can operate on. It can include specific data types such as a URL, MIME type, or
file extension. For example, an activity might specify that it can handle "text/plain" data type or a URL starting with "http://".
d. Suppose you have an application that is running an Activity called Activity 1. Suppose that Activity 1 executes and starts other
Activities, but that the user never quits or backs out of the Activity. How many times can Activity 1's onCreate() method get called?
Explain your answer.
If the user never quits or backs out of Activity 1, the onCreate() method of Activity 1 can be called multiple times, but it depends on the system's
memory management and the user's interactions with the app. The onCreate() method is called when the activity is created or recreated. If the
system needs to reclaim memory, it may destroy the activity but keep its state. When the user navigates back to the activity, the onCreate() method
will be called again to recreate the activity and restore its previous state. So, the number of times onCreate() gets called in this scenario is not fixed
and can vary depending on the system's needs.
e. Name two kinds of menus supported by the Android Platform.
Two kinds of menus supported by the Android Platform are:
1. Options Menu: The options menu is a standard menu that appears at the top of the activity's screen when the user presses the menu button
or the overflow button on the device. It provides actions and settings relevant to the current activity or context.
2. Context Menu: The context menu is a floating menu that appears when the user performs a long press on a UI element, such as a button or
a list item. It contains actions specific to the selected element and allows the user to perform contextually relevant operations.
Question 4

87. Write an essay to compare cross-platform mobile application and native app development technologies based on the following criteria.
 License and Costs
 Supported Platforms
 Access to platform-specific features
 Long-term feasibility
 Look and feel.
 Application Speed
 Distribution
 Development environment
 GUI Design
 Ease of development
Title: A Comparison of Cross-Platform Mobile App and Native App Development Technologies
Introduction: Mobile app development has become crucial for businesses to reach their target audience effectively. When considering app
development, one must choose between cross-platform and native app development technologies. This essay aims to compare these two approaches
based on several criteria to help developers make informed decisions.
 License and Costs: Cross-Platform: Many cross-platform frameworks are open-source and available for free, such as React Native and
Flutter. These frameworks significantly reduce development costs, as developers can write code once and deploy it across multiple
platforms.
Native: Native app development requires platform-specific tools and resources, which may incur additional costs. Developers may need to purchase
software development kits (SDKs) and licenses for each platform separately.
 Supported Platforms: Cross-Platform: Cross-platform frameworks allow developers to build apps for multiple platforms, including iOS
and Android, using a single codebase. This significantly expands the potential user base and eliminates the need for separate development
efforts.

88. Native: Native app development focuses on building applications specifically for a single platform, such as iOS or Android. This approach provides
more control over platform-specific features but requires separate development for each platform.
 Access to Platform-Specific Features: Cross-Platform: While cross-platform frameworks have improved in recent years, they may have
limitations in accessing certain platform-specific features. Although efforts are being made to bridge this gap, native development still
provides better access to advanced platform features.
Native: Native development provides full access to platform-specific features and APIs. Developers can leverage the unique capabilities of each
platform, resulting in highly optimized and feature-rich applications.
 Long-Term Feasibility: Cross-Platform: Cross-platform frameworks are continuously evolving and gaining popularity. Their active
communities and growing support ensure long-term feasibility. However, changes in platform requirements or updates may require
adjustments to the codebase.
Native: Native app development is supported directly by platform vendors and benefits from their ongoing updates and enhancements. This ensures
long-term feasibility and compatibility with platform advancements.
 Look and Feel: Cross-Platform: With cross-platform frameworks, achieving a consistent look and feel across multiple platforms is easier.
UI components and widgets are designed to mimic native elements, ensuring a familiar user experience.
Native: Native apps offer a seamless user experience, as they adhere to platform-specific design guidelines. The UI elements are optimized for
each platform, resulting in a native look and feel.
 Application Speed: Cross-Platform: Cross-platform apps rely on intermediate layers or frameworks, which may introduce a slight
performance overhead. However, advancements in frameworks like React Native and Flutter have narrowed the performance gap.
Native: Native apps are built specifically for their respective platforms, allowing for optimal performance. They leverage the platform's capabilities
directly, resulting in faster execution and smoother user interactions.
 Distribution: Cross-Platform: Cross-platform apps can be distributed through app stores or web-based deployment. However, certain
platform-specific features may not be fully compatible in web-based deployments.

89. Native: Native apps can be distributed through platform-specific app stores, providing a streamlined and secure distribution process. Users can
easily discover and download apps from their respective app stores.
 Development Environment: Cross-Platform: Cross-platform frameworks often provide integrated development environments (IDEs) that
simplify development across multiple platforms. Developers can write code in familiar programming languages, such as JavaScript or Dart.
Native: Native development requires platform-specific IDEs, such as Xcode for iOS or Android Studio for Android. Developers need to learn
platform-specific languages, such as Swift or Kotlin, to build native apps.
 GUI Design: Cross-Platform: Cross-platform frameworks offer UI components and libraries that facilitate consistent design across
platforms. However, customizing the UI to match each platform's specific design guidelines may require additional effort.
Native: Native development allows for complete customization of the UI to match platform-specific design guidelines precisely. Developers can
create unique and platform-optimized user interfaces.
i. Ease of Development: Cross-Platform: Cross-platform frameworks provide code reusability, enabling developers to write once and deploy
on multiple platforms. This reduces development time and effort, particularly for simpler applications.
Native: Native development offers more control and flexibility, but it requires separate development efforts for each platform. It may be more
time-consuming and complex, especially for complex applications.
Conclusion: Both cross-platform and native app development technologies have their strengths and considerations. Cross-platform development
offers cost-effectiveness, wider platform support, and quicker development cycles. On the other hand, native development provides full access to
platform-specific features, optimal performance, and platform-specific user experiences. The choice between these approaches depends on factors
such as project requirements, target audience, and long-term objectives. Developers should carefully evaluate these criteria to determine the most
suitable approach for their specific needs.
Question 5
a. Explain the value of the following statements related to mobile device security?

90. I. "Complex/multi-character passwords required."
The value of requiring complex and multi-character passwords is to enhance the security of mobile devices. Complex passwords with a
combination of letters, numbers, and special characters make it harder for unauthorized users to guess or brute-force the password. By enforcing
such password requirements, the likelihood of successful unauthorized access to the device is reduced, protecting sensitive data and preventing
unauthorized use of the device.
II. "Provisioning of mobile devices should be secure."
The value of secure provisioning of mobile devices lies in ensuring that devices are set up and configured in a secure manner. This includes
measures such as encrypting the device's storage, enforcing secure boot processes, and verifying the integrity of the device's operating system
and firmware. Secure provisioning helps prevent tampering, unauthorized modifications, and the installation of malicious software or firmware
on the device.
III. "Security policies should be targeted to right groups/employees."
Tailoring security policies to specific groups or employees is valuable because it allows organizations to apply appropriate security measures
based on individual roles, responsibilities, and access requirements. Not all employees require the same level of access or have the same
security needs. By targeting security policies to the right groups or employees, organizations can optimize security measures while minimizing
unnecessary restrictions or complexity for employees who do not require them.
IV. "Restriction of some/all mobile applications."
Restricting certain or all mobile applications can add value to mobile device security. By restricting applications, organizations can prevent
the installation and use of potentially insecure or malicious apps that could compromise device security, leak sensitive data, or introduce
vulnerabilities. Application restrictions can also help enforce compliance with organizational policies, ensuring that only approved and trusted
applications are used on the devices.
b. Write a brief design document explaining the mobile application you selected to implement. Use the given guideline to write your
report.

91.  Business Need
 Usability aspects
 Use of technology
 Security
Business Need: The mobile application aims to address the increasing demand for a convenient and efficient food delivery service. It will
provide users with the ability to browse through a variety of restaurants, select their desired meals, place orders, and have the food delivered
to their preferred location. The application will target busy professionals and individuals looking for convenient dining options.
Usability Aspects: The application will have a user-friendly interface with intuitive navigation, allowing users to easily browse menus,
customize orders, and track the delivery status. It will provide filters and search functionality to help users find specific cuisines, dietary
options, or restaurants based on their preferences. The application will also offer secure payment options, order history tracking, and
personalized recommendations to enhance the overall user experience.
Use of Technology: The application will be developed as a native mobile app for both iOS and Android platforms, utilizing platform-specific
programming languages such as Swift for iOS and Kotlin for Android. It will leverage APIs from payment gateways, map services, and
restaurant databases to provide real-time information on menus, pricing, availability, and delivery tracking. The app will implement responsive
design principles to ensure compatibility with different screen sizes and orientations.
Security: To ensure the security of user data and transactions, the application will implement industry-standard encryption protocols for data
transmission and storage. User authentication will be enforced using secure mechanisms such as password hashing, multi-factor authentication,
or biometric authentication (fingerprint or face recognition). The application will also implement strict access controls, role-based permissions,
and regular security updates to protect against potential vulnerabilities and threats.
Overall, the mobile application will prioritize usability, seamless integration with existing services, and robust security measures to provide a
reliable and secure food delivery experience for users.

92. Past Papers – 2015
Question 1
PremiumShop shopping center expects to launch a new service from its loyal customers, partnering with a local taxi company in the city.
Also, they have already introduced a Loyalty Point Scheme with a card where it accumulates points based on the value of purchases as
well as regularity of visits to the shopping center. Customers get used to redeem these points under various circumstances. The new offer
scheme provides the customers to use taxis from home to the shopping center and back home twice a month free of charge with additional
10km for attending any other matter on the go when the points exceed a threshold. A customer has to be notified about the offer when he
is qualified for over the SMS, Interactive Voice or through a mobile App of the Super Market. Also, the customer shall be able to provide
the promotional code he/she receives to the taxi driver. The received promotional code will be input to the mobile App on the taxi driver
and the Hiring Car Company directly be debited the value of the hire from the supermarket as well as up to 10km additionally.
a. Describe the architecture of the business solution with the components and functions in relation to the component-based architecture
illustratively.
The architecture of the business solution can be described using a component-based architecture approach. Here are the components and their
functions:
1. PremiumShop Shopping Center: This is the main business entity responsible for managing the loyalty program and offering the taxi service.
It interacts with customers and employees to provide the service. Its functions include:
o Loyalty Point Scheme: Tracks and accumulates points based on purchases and visits.
o Notification Service: Sends notifications to customers when they qualify for the taxi service offer.
o Promotion Code Generation: Generates unique promotional codes for eligible customers.
o Integration with Taxi Company: Coordinates with the local taxi company to provide the free taxi service.
o Integration with Hiring Car Company: Facilitates the payment process by debiting the value of the hire from the supermarket.

93. 2. Local Taxi Company: Partnered with PremiumShop, this entity provides the taxi service to customers. Its functions include:
o Taxi Service: Provides transportation to and from the shopping center.
o Promotional Code Validation: Validates the promotional code provided by the customer to avail the free service.
3. Customers: They are the end-users of the service. Their functions include:
o Loyalty Point Accumulation: Regularly visits the shopping center and makes purchases to accumulate points.
o Receiving Notifications: Receives notifications about the taxi service offer and promotional codes.
o Providing Promotional Code: Provides the received promotional code to the taxi driver.
4. Employees: The shopping center's staff interacts with customers and the system to facilitate the service. Their functions include:
o Assisting Customers: Helps customers understand and utilize the loyalty program and taxi service.
o Point Verification: Verifies the customer's eligibility for the taxi service offer.
b. Categorize and describe the interacting application interfaces between business entities, customers, and employees.
The interacting application interfaces between the business entities, customers, and employees can be categorized as follows:
1. Business Entity Interfaces:
o Integration Interface: This interface connects the PremiumShop Shopping Center with the local Taxi Company and Hiring Car
Company to facilitate the service and payment process.
o Promotional Code Validation Interface: This interface allows the Taxi Company to validate the promotional code received from
the customer.
2. Customer Interfaces:
o Loyalty Point Tracking Interface: Customers can track their loyalty points through the mobile app or website.
o Notification Interface: Customers receive notifications about the taxi service offer through SMS, Interactive Voice Response
(IVR), or the mobile app.
3. Employee Interfaces:
o Point Verification Interface: Employees verify the customer's eligibility for the taxi service offer through the system.
o Assistance Interface: Employees assist customers in understanding and utilizing the loyalty program and taxi service.

94. c. Provide high level logic for the system operation in validating the business rules.
High-level logic for validating the business rules in the system operation:
1. Customer Eligibility Check:
o Check if the customer's accumulated loyalty points exceed the threshold for the taxi service offer.
o Verify if the customer has not already utilized the free taxi service twice in the current month.
2. Notification and Promotional Code Generation:
o Send a notification to eligible customers through their preferred communication channel (SMS, IVR, or mobile app).
o Generate a unique promotional code for each eligible customer.
3. Promotional Code Validation:
o When the customer requests a taxi, provide the promotional code to the taxi driver.
o The taxi driver enters the code into the mobile app, which validates it against the database of valid codes.
o If the code is valid, the taxi driver provides the service without charging the customer, and the Hiring Car Company debits the value
of the hire from the supermarket.
d. Suggest Service Level requirements of B2B and B2C interfaces assuming you are the IT Manager of the PremiumShop shopping center.
Service Level requirements of B2B and B2C interfaces (assuming you are the IT Manager of PremiumShop):
B2B Interface:
 Reliability: The integration with the local Taxi Company and Hiring Car Company should have high reliability to ensure smooth service
delivery.
 Scalability: The interface should handle a large volume of transactions between the shopping center and the external service providers.
 Security: Data exchanged between the shopping center and the service providers should be secured to prevent unauthorized access or
tampering.
 Real-time Communication: The interface should support real-time communication to provide instant updates on promotional codes and
transaction details.

95. B2C Interface:
 Accessibility: The customer interfaces (mobile app, website, SMS, IVR) should be easily accessible and user-friendly.
 Responsiveness: The interfaces should respond quickly to customer actions and provide real-time information on loyalty points,
notifications, and promotional codes.
 Security: Customer data should be protected and secured to maintain privacy and prevent unauthorized access.
 Multi-channel Support: The interfaces should be available on multiple platforms (mobile, web, SMS, IVR) to cater to customers'
preferences.
Question 2
A. Define Ubiquitous computing and describe the concept in relation to a B2C application.
Ubiquitous computing, also known as pervasive computing or ambient intelligence, refers to the concept of integrating computing capabilities into
everyday objects and environments, making them seamlessly accessible and interconnected. The idea is to create a computing environment where
technology is omnipresent, but invisible, allowing users to interact with it effortlessly and naturally.
In relation to a B2C (Business-to-Consumer) application, ubiquitous computing can enhance the user experience by providing personalized and
context-aware services. For example, consider a smart home application. With ubiquitous computing, the home can be equipped with various
sensors, smart devices, and intelligent systems that work together to provide a seamless experience for the residents. The application can use
sensors to detect when someone enters a room, adjust the lighting and temperature according to their preferences, and automatically play their
favorite music or TV shows. This creates a personalized and convenient environment for the consumer, enhancing their overall living experience.
B. Briefly describe three (03) key advantages of mobile computing with appropriate use cases.
Three key advantages of mobile computing are:

96. 1. Mobility: Mobile computing allows users to access information and perform tasks while on the move. For example, a salesperson can
access customer information, update sales records, and place orders from anywhere using a mobile CRM application. This increases
productivity and enables real-time interactions with customers.
2. Flexibility: Mobile devices offer flexibility in terms of device choice and operating systems. Users can choose from a wide range of
smartphones and tablets based on their preferences and needs. This flexibility allows businesses to develop applications that cater to
different platforms, ensuring wider accessibility for their customers. For instance, an e-commerce app can be designed to work on both
iOS and Android devices, reaching a larger customer base.
3. Connectivity: Mobile computing enables constant connectivity to the internet, allowing users to access cloud-based services, collaborate
with others, and stay connected with their work and personal networks. For instance, a team of remote workers can collaborate on a project
using cloud-based document sharing and communication tools, regardless of their physical locations. This enhances productivity and fosters
collaboration among team members.
C. Provide three wireless technologies with its associated wireless computing applications.
Three wireless technologies and their associated wireless computing applications are:
1. Bluetooth: Bluetooth is a short-range wireless technology used for communication between devices. It is commonly used for wireless audio
streaming, such as connecting wireless headphones or speakers to smartphones or computers. Bluetooth is also used for file transfer between
devices and for connecting peripherals like keyboards and mice to computers or tablets.
2. Wi-Fi: Wi-Fi is a wireless networking technology that allows devices to connect to the internet and communicate with each other within a
local area network (LAN). Wi-Fi is widely used for wireless internet access in homes, offices, cafes, and public places. It enables users to
connect their devices, such as laptops, smartphones, and tablets, to the internet without the need for wired connections.
3. Near Field Communication (NFC): NFC is a short-range wireless communication technology that enables contactless data transfer between
devices. NFC is commonly used for mobile payments, where users can make secure transactions by simply tapping their smartphones or
payment cards on NFC-enabled payment terminals. It is also used for sharing small amounts of data, such as contact information or files,
between devices by bringing them close together.

97. D. Illustrate the topology of a web based mobile computing solution that connects users through Wi-Fi access to its backend platforms.
You have to clearly explain the functions of each network and service element in the solution.
The topology of a web-based mobile computing solution that connects users through Wi-Fi access to its backend platforms can be illustrated as
follows:
+------------+
| User's |
| Mobile |
| Device |
+------------+
|
| Wi-Fi
|
+------------+
| Wi-Fi |
| Access |
| Point |
+------------+
|

98. | Ethernet / Internet
|
+------------+
| Backend |
| Platforms |
+------------+
In this topology, the user's mobile device connects to a Wi-Fi access point through Wi-Fi technology. The Wi-Fi access point is connected
to the backend platforms, which typically reside in a data center or cloud environment, through an Ethernet connection or the internet.
The functions of each network and service element are as follows:
1. User's Mobile Device: The mobile device serves as the user's interface and communication tool. It connects to the Wi-Fi access
point to establish a wireless connection and access the internet.
2. Wi-Fi Access Point: The Wi-Fi access point acts as a bridge between the user's mobile device and the backend platforms. It provides
wireless connectivity by transmitting and receiving Wi-Fi signals, allowing the mobile device to access the internet.
3. Ethernet / Internet: This represents the network infrastructure that connects the Wi-Fi access point to the backend platforms. It can
be an Ethernet connection within a local network or an internet connection, enabling communication between the Wi-Fi access
point and the backend platforms.
4. Backend Platforms: The backend platforms refer to the servers, databases, and other infrastructure components that host the web-
based applications or services. These platforms handle user requests, process data, and provide the necessary functionalities. They
are responsible for serving content, storing and retrieving data, and executing business logic.
Overall, this topology enables users to connect their mobile devices to the internet and access the backend platforms through Wi-Fi
connectivity. The Wi-Fi access point acts as a gateway, facilitating wireless communication and enabling seamless interaction between the
user's device and the backend platforms.

99. Question 3
a. Briefly discuss the importance of a framework in solution design.
The importance of a framework in solution design lies in providing a structured and systematic approach to developing complex systems or
applications. A framework offers a set of guidelines, best practices, and reusable components that help streamline the design and development
process, improve efficiency, and ensure consistency in the final solution. Some key reasons why a framework is essential in solution design include:
1. Standardization: A framework establishes standardized patterns and methodologies for designing and implementing solutions. This
promotes consistency, reduces errors, and enhances maintainability.
2. Efficiency: By providing pre-built components and design patterns, a framework accelerates the development process, reduces redundancy,
and improves overall efficiency. Developers can focus on implementing business-specific logic rather than reinventing the wheel.
3. Scalability: A framework often incorporates scalability considerations, allowing the solution to handle increased workloads and adapt to
evolving requirements. It provides a foundation that supports growth and expansion without significant rework.
4. Maintainability: Frameworks typically follow modular and modularized design principles, making the solution easier to maintain and
update. Changes or enhancements can be made in a more controlled and systematic manner, minimizing the risk of introducing unintended
side effects.
5. Collaboration: Frameworks often have a community of developers and resources that foster collaboration and knowledge sharing.
Developers can leverage existing expertise and contribute back to the framework's ecosystem, resulting in improved solutions and
innovation.
b. Define and describe the mobile computing integration framework. You have to clarify the vertical and horizontal integration with
sensible examples.
 Mobile Computing Integration Framework: A mobile computing integration framework is a set of guidelines and tools that facilitate the
seamless integration of mobile devices and applications into existing systems and infrastructure. It enables efficient communication, data
exchange, and collaboration between mobile devices and back-end systems.
 Vertical Integration: Vertical integration in the context of mobile computing refers to the integration of mobile devices and applications
with backend enterprise systems. For example, a mobile sales application that integrates with the organization's customer relationship
management (CRM) system to provide real-time access to customer data, order status, and inventory information.

100.  Horizontal Integration: Horizontal integration in mobile computing involves integrating mobile devices and applications with other external
systems, services, or platforms. For example, a mobile payment application that integrates with various payment gateways, banks, and
financial systems to securely process transactions.
 The mobile computing integration framework provides guidelines and components for establishing these integrations, such as APIs,
middleware, authentication mechanisms, data synchronization, and security protocols. It ensures smooth interoperability, data consistency,
and seamless user experiences across different systems and platforms.
c. Discuss the contemporary impact and importance of information security in mobile computing applications.
Contemporary Impact and Importance of Information Security in Mobile Computing Applications: Information security is of paramount
importance in mobile computing applications due to the following contemporary impacts:
1. Data Privacy: Mobile devices store and transmit sensitive personal and corporate data. Information security measures, such as encryption,
access controls, and secure data storage, are crucial to protect user privacy and prevent unauthorized access or data breaches.
2. Mobile Payments: With the rise of mobile payment applications, ensuring the security of financial transactions is critical. Robust
authentication, encryption, and secure communication protocols are essential to safeguard sensitive payment information and prevent fraud.
3. BYOD (Bring Your Own Device): Many organizations allow employees to use personal devices for work purposes. Effective information
security measures, such as containerization, remote wipe capabilities, and secure network access, are necessary to protect corporate data
and prevent unauthorized access.
4. Mobile Malware and Cyberattacks: Mobile devices are susceptible to malware and various cyberattacks, including phishing, ransomware,
and data interception. Strong security measures, such as regular updates, app vetting, and mobile device management (MDM) solutions,
are essential to mitigate these risks.
5. Cloud Integration: Mobile applications often rely on cloud services for data storage and processing. Ensuring secure integration between
mobile devices and cloud services, including data encryption, secure APIs, and user authentication, is crucial to maintain the confidentiality
and integrity of data.
d. Discuss the key factors to be considered in designing the information security of a commercial mobile computing solution.

101. Key Factors in Designing Information Security of a Commercial Mobile Computing Solution:
1. Authentication and Access Control: Implement robust authentication mechanisms, such as passwords, biometrics, or multi-factor
authentication, to ensure only authorized users can access the mobile solution.
2. Secure Communication: Employ strong encryption protocols (e.g., SSL/TLS) to secure data transmission between the mobile device and
backend systems. Use secure network protocols (e.g., VPN) when accessing sensitive resources.
3. Data Encryption: Encrypt sensitive data stored on mobile devices and during transmission. Implement secure key management practices
to protect encryption keys.
4. Secure Storage: Apply secure storage mechanisms, such as encryption and secure containers, to protect sensitive data stored on mobile
devices from unauthorized access or data leakage.
5. App Vetting: Establish a process to vet and approve mobile applications before they are deployed to ensure they do not contain malicious
code or pose security risks.
6. Mobile Device Management (MDM): Implement an MDM solution to enforce security policies, remotely manage and control mobile
devices, and enable features like remote wipe and device tracking.
7. Regular Updates and Patch Management: Promptly apply security patches and updates to mobile devices, operating systems, and
applications to address vulnerabilities and ensure protection against known threats.
8. User Education and Awareness: Train users on security best practices, such as avoiding suspicious links, using strong passwords, and
understanding the risks associated with mobile computing. Foster a culture of security awareness within the organization.
e. Explain the "integration value" variation in from business to connectivity technologies.
Integration Value Variation from Business to Connectivity Technologies: Integration value refers to the benefits and advantages derived from
integrating different systems, technologies, or platforms. The integration value can vary depending on the specific business requirements and the
connectivity technologies involved. Here are some factors that influence integration value:
1. Business Efficiency: Integration can streamline business processes, eliminate manual data entry, and enable seamless data flow between
systems, leading to improved efficiency and productivity.
2. Data Accuracy and Consistency: Integration ensures that data is synchronized and consistent across different systems, reducing errors and
providing a single source of truth for decision-making.

102. 3. Enhanced Customer Experience: Integration allows for a unified customer experience by providing real-time data access, personalized
interactions, and streamlined transactions across multiple touchpoints.
4. Scalability and Flexibility: Integration enables systems to scale and adapt to changing business needs by allowing the addition or removal
of components without disrupting the overall workflow.
5. Cost Savings: Integration can reduce duplicate efforts, eliminate manual data entry, and optimize resource utilization, resulting in cost
savings and improved resource allocation.
The integration value can vary based on the connectivity technologies employed, such as API integration, ETL (Extract, Transform, Load)
processes, middleware platforms, or service-oriented architectures (SOA). The choice of technology should align with business goals, system
requirements, scalability needs, and the level of complexity involved in integrating disparate systems.
Question 4
a. Illustratively explain the Wireless Value Chain from equipment provider to subscriber.
The Wireless Value Chain from equipment provider to subscriber can be illustrated as follows:
1. Equipment Provider: The equipment provider manufactures and supplies the necessary hardware and infrastructure components for wireless
communication. This includes devices like smartphones, routers, antennas, base stations, and network equipment.
2. Component Suppliers: These are the suppliers that provide individual components and parts required for manufacturing wireless devices
and infrastructure. They may supply semiconductors, processors, memory chips, batteries, displays, and other electronic components.
3. Original Equipment Manufacturer (OEM): The OEMs assemble and integrate the components provided by the equipment and component
suppliers to create the final wireless devices. They may customize the devices for specific brands or carriers.
4. Network Operators: Network operators, also known as wireless carriers or service providers, operate the wireless networks and provide
wireless services to subscribers. They invest in building and maintaining the network infrastructure required for wireless communication.
5. MVNOs (Mobile Virtual Network Operators): MVNOs are companies that provide wireless services to subscribers without owning the
physical network infrastructure. They lease network capacity from network operators and offer their services under their own brand.
6. Retailers and Distributors: These entities sell wireless devices and services to end-users. They can be online or physical retail stores, e-
commerce platforms, or authorized dealers of network operators or OEMs.

103. 7. Subscribers: Subscribers are the end-users who purchase wireless devices and services. They use the devices to access wireless networks
for communication, internet access, and other wireless services.
b. In relation to the mobile computing framework, analyze the contribution of enablers and drivers.
Contribution of Enablers and Drivers in the Mobile Computing Framework:
Enablers: Enablers in the mobile computing framework are the technologies, standards, and infrastructure that facilitate the development and
deployment of mobile applications and services. Some key enablers include:
1. Mobile Operating Systems: Mobile operating systems like Android and iOS provide a platform for developers to create mobile applications
and enable interoperability across devices.
2. Development Tools and SDKs: Software development kits (SDKs), frameworks, and development tools provide the necessary resources
and libraries for building mobile applications.
3. Mobile Networks and Infrastructure: Wireless networks, such as 3G, 4G LTE, and 5G, along with network infrastructure like base stations
and towers, enable mobile connectivity and data transfer.
4. Cloud Services: Cloud computing platforms and services provide storage, computing power, and backend infrastructure for mobile
applications, allowing seamless data synchronization and scalability.
Drivers: Drivers in the mobile computing framework are the factors that influence the adoption and usage of mobile applications and services.
Some key drivers include:
1. User Demand and Expectations: User demand for mobile applications and services drives the development and innovation in the mobile
computing industry. Users expect convenience, mobility, and personalized experiences from their mobile devices.
2. Internet of Things (IoT): The integration of mobile computing with IoT devices and sensors expands the possibilities and applications of
mobile technology, driving advancements in areas like smart homes, healthcare, and industrial automation.
3. E-commerce and Mobile Payments: The growth of e-commerce and mobile payments drives the need for secure and convenient mobile
solutions that enable transactions, shopping, and financial management on mobile devices.
4. Bring Your Own Device (BYOD) Trend: The BYOD trend in workplaces, where employees use personal devices for work, increases the
demand for mobile applications and services that support productivity, collaboration, and remote work.

104. c. Map the key technology scope of Telecom, Network, and Management and Consulting businesses with respect to the ISO/OSI layers
with proper justifications.
Mapping Key Technology Scope of Telecom, Network, and Management and Consulting Businesses with respect to ISO/OSI Layers:
1. Telecom Business:
 Physical Layer: Telecom businesses are responsible for the physical infrastructure, such as cables, towers, and antennas, which enable the
transmission of signals over long distances.
 Data Link Layer: Telecom businesses implement protocols like Ethernet, DSL, or SONET to establish reliable connections and ensure
error-free data transfer over the physical network.
2. Network Business:
 Network Layer: Network businesses manage the routing of data packets across different networks using protocols such as IP (Internet
Protocol) and implement routing algorithms to optimize data flow.
 Transport Layer: Network businesses provide transport services, including protocols like TCP (Transmission Control Protocol) and UDP
(User Datagram Protocol), to ensure reliable and efficient data delivery between network entities.
3. Management and Consulting Business:
 Session Layer: Management and consulting businesses may provide session management services, which involve establishing,
maintaining, and terminating communication sessions between different entities.
 Presentation Layer: Management and consulting businesses may handle data formatting, encryption, and compression for efficient and
secure data exchange between different systems or networks.
 Application Layer: Management and consulting businesses develop and manage application-level services and protocols, such as email
services, web applications, or database services, which interact with end-users or other systems.
These mappings are just examples, as the scope of businesses can overlap across multiple layers of the ISO/OSI model based on their specific
offerings and services.

105. Question 5
Part 1
a. Describes the concept of Human-Computer Interaction.
Human-Computer Interaction (HCI) refers to the study and design of how humans interact with computers and other digital systems. It focuses on
creating intuitive, efficient, and user-friendly interfaces that enable effective communication and collaboration between humans and machines.
HCI encompasses various aspects such as user interface design, usability testing, interaction techniques, and user experience research. The goal of
HCI is to optimize the interaction between humans and computers, ensuring that technology is accessible, understandable, and supportive of users'
needs and goals.
b. Explain how the design of a mobile computing system can promote or demote social relationships with suitable examples.
The design of a mobile computing system can have both positive and negative effects on social relationships. Here are two examples:
1. Promoting Social Relationships: Mobile computing systems can facilitate social interactions and connections. For instance, social media
applications like Facebook and Instagram allow users to stay connected with friends and family, share updates, and engage in conversations
regardless of physical distance. These platforms provide a means for people to maintain and strengthen their social relationships, bridging
gaps caused by geographical barriers.
2. Demoting Social Relationships: On the other hand, excessive use of mobile devices can lead to decreased face-to-face interactions and
social isolation. For example, if individuals spend excessive amounts of time engrossed in their smartphones or tablets, they may neglect
in-person interactions with those around them. This can result in decreased social engagement and potentially strain personal relationships.
c. Name and describe three (03) key social factors that affect m-application design.
Three key social factors that affect m-application design are:
1. Contextual Awareness: M-applications need to consider the social and physical context in which they are used. For example, an event
planning application should consider factors like location, time, and user preferences to provide relevant and timely information to users
attending an event. By being aware of the social context, m-applications can offer personalized and contextually appropriate experiences.

106. 2. Privacy and Security: Social factors such as privacy concerns and the need for secure communication influence m-application design. Users
want to ensure that their personal information is protected and that they have control over how their data is shared. M-applications should
implement robust privacy measures, provide clear consent mechanisms, and prioritize the security of user data to build trust and encourage
adoption.
3. Social Norms and Etiquette: M-applications should align with societal norms and cultural expectations. Different cultures have varying
expectations regarding communication styles, personal space, and appropriate behavior. For example, messaging applications might need
to provide options for users to customize their notification preferences or allow users to control their availability status to respect cultural
norms regarding communication boundaries.
Part II
d. Discuss why the power management is a critical factor in mobile computing?
Power management is a critical factor in mobile computing due to the limited battery life of mobile devices and the need for efficient power usage.
The key reasons why power management is crucial are:
1. Battery Life: Mobile devices are powered by batteries, which have limited capacity. Efficient power management is necessary to extend
the battery life and ensure that users can use their devices for an extended period without frequent recharging. Optimizing power
consumption helps in providing a satisfactory user experience and prevents interruptions caused by sudden battery depletion.
2. Portability: Mobile devices are designed to be portable and used on the go. Power management becomes essential to enable mobility by
ensuring that devices are lightweight and have long-lasting battery life. Efficient power management allows users to carry their devices
without being overly reliant on external power sources.
3. Performance and Functionality: Power management directly impacts the performance and functionality of mobile devices. Efficient power
usage allows devices to allocate power resources optimally, enabling faster processing, smooth multitasking, and running resource-
intensive applications. It ensures that devices can handle demanding tasks while minimizing power consumption.
e. What are the options to reduce the power consumption of a mobile device?

107. There are several options to reduce power consumption in mobile devices:
1. Display Optimization: The display is one of the most power-consuming components in mobile devices. Reducing the screen brightness,
enabling auto-brightness adjustment, and setting shorter screen timeout periods can significantly reduce power consumption.
2. Background Processes and Connectivity: Limiting unnecessary background processes and disabling power-hungry connectivity features
like GPS, Wi-Fi, and Bluetooth when not in use can save significant power. Additionally, using Wi-Fi instead of cellular data for internet
connectivity can be more power-efficient.
3. Power Management Settings: Mobile devices often provide power management settings that allow users to customize power usage. These
settings include options like power-saving mode, which reduces device performance and restricts background processes to conserve power.
Optimizing these settings based on individual usage patterns can help in reducing power consumption.
4. App Optimization: Developers can optimize their applications to consume less power. This includes efficient coding practices, minimizing
unnecessary network requests, and optimizing resource usage. Users can also look for applications that have a reputation for being power-
efficient or offer power-saving modes.
5. Battery Health Maintenance: Taking care of the device's battery health, such as avoiding extreme temperature conditions and avoiding
complete battery discharge, can help maintain the battery's efficiency and prolong its lifespan.
By implementing these strategies, users can reduce power consumption in mobile devices, thereby extending battery life and enhancing the overall
mobile computing experience.
Question 6
Illustratively explain the typical mobile portal architecture. You have to describe components, functions and interfaces. Briefly explain
(OS) applications of mobile portal.
Illustration of a Typical Mobile Portal Architecture:
A mobile portal architecture consists of various components that work together to provide users with access to information, services, and
applications through their mobile devices. The architecture typically includes the following components:

108. 1. User Interface: The user interface is the front-end component of the mobile portal that users interact with. It includes visual elements such
as screens, menus, buttons, and navigation controls. The user interface provides an intuitive and user-friendly experience for accessing and
interacting with the portal's features and functionalities.
2. Presentation Layer: The presentation layer handles the formatting and rendering of content for display on the user interface. It is responsible
for adapting the content to fit different screen sizes and resolutions, optimizing the user experience across various mobile devices. It may
also include features like personalization and customization options to tailor the content based on user preferences.
3. Application Layer: The application layer consists of various applications and services offered by the mobile portal. These applications
provide specific functionalities such as email, calendar, news, weather, social networking, and more. The application layer interacts with
the backend systems and databases to retrieve and process data, delivering relevant information to the users.
4. Integration Layer: The integration layer acts as a bridge between the application layer and the backend systems or external services. It
handles data integration, security, and authentication processes, ensuring seamless communication and data exchange between different
components of the mobile portal architecture.
5. Backend Systems: The backend systems comprise databases, servers, and other infrastructure components that store and manage the data
and services required by the mobile portal. They handle data processing, storage, and retrieval, ensuring the availability and reliability of
information and services. The backend systems also handle user authentication, security, and data synchronization across devices.
Interfaces within the mobile portal architecture allow components to communicate and exchange data. For example:
 The user interface interacts with the presentation layer through user input and receives rendered content for display.
 The presentation layer interfaces with the application layer to retrieve and display relevant content and services.
 The application layer interfaces with the integration layer to access data from backend systems or external services.
 The integration layer interfaces with the backend systems to retrieve and process data and handle security and authentication.
Brief explanation of OS applications of mobile portal:
Mobile portal applications are designed to provide users with access to various services and information through their mobile devices. They
leverage the capabilities of the operating system (OS) to deliver a seamless and integrated experience. OS applications of mobile portals include:
1. Push Notifications: Mobile portals can utilize the OS's push notification feature to deliver real-time updates and alerts to users. This enables
users to stay informed about important events, such as new messages, updates, or changes to their subscribed services.

109. 2. Device Integration: Mobile portals can integrate with OS features such as contacts, calendar, and location services. This allows users to
seamlessly access and interact with their personal information, schedule appointments, and leverage location-based functionalities within
the portal application.
3. Offline Access: OS applications provide the capability to cache data locally, allowing users to access certain content and functionalities
even when they are offline or in areas with limited connectivity. This ensures uninterrupted access to essential information and services.
4. Security: Mobile portals can utilize the security features provided by the OS, such as device-level encryption, secure storage, and app
permissions. This helps protect user data and ensures secure communication between the mobile portal and backend systems.
Briefly explain (04) location sensing techniques.
Brief explanation of location sensing techniques (4):
1. GPS (Global Positioning System): GPS is a satellite-based navigation system that uses a network of satellites to determine the precise
location of a mobile device. It relies on trilateration, which involves measuring the distances between the device and multiple satellites to
calculate the device's coordinates. GPS provides accurate location information, making it widely used in various applications such as
navigation, mapping, and location-based services.
2. Wi-Fi Positioning: Wi-Fi positioning uses the signal strengths of nearby Wi-Fi access points to estimate the location of a mobile device.
By comparing the signal strengths and known locations of Wi-Fi access points in a database, the device's position can be approximated.
Wi-Fi positioning is commonly used in indoor environments where GPS signals may be weak or unavailable.
3. Cell Tower Triangulation: Cell tower triangulation relies on the signal strengths of nearby cellular towers to estimate the location of a
mobile device. By measuring the signal strengths and the distances between the device and multiple cell towers, the approximate location
can be determined. This technique is less accurate than GPS but is widely used for basic location-based services.
4. Bluetooth Beacons: Bluetooth beacons are small devices that transmit signals using Bluetooth Low Energy (BLE) technology. By receiving
signals from multiple beacons and measuring signal strengths, a mobile device can determine its proximity to each beacon and estimate its
location. Bluetooth beacons are commonly used in indoor environments for location-based marketing, asset tracking, and indoor navigation.
Briefly describes the Global Positioning System and its adaptation into mobile applications.

110. Brief description of the Global Positioning System (GPS) and its adaptation into mobile applications:
The Global Positioning System (GPS) is a satellite-based navigation system that enables precise positioning and tracking of mobile devices. It
uses a network of satellites orbiting the Earth to transmit signals that can be received by GPS receivers in mobile devices. GPS works on the
principle of trilateration, where the device calculates its position based on the distances to multiple satellites.
GPS has been widely adapted into mobile applications, offering a range of location-based services and functionalities. Mobile applications utilize
GPS to provide services such as:
1. Navigation and Mapping: GPS enables turn-by-turn navigation, route planning, and real-time tracking of a user's location on a digital map.
Mobile applications like Google Maps and Waze leverage GPS to provide accurate directions, estimated arrival times, and real-time traffic
updates.
2. Location-based Services: GPS allows mobile applications to offer location-based services such as finding nearby points of interest,
restaurants, gas stations, or events. These applications can provide personalized recommendations and tailored content based on the user's
current location.
3. Fitness and Outdoor Activities: GPS is commonly used in fitness tracking applications to monitor and record activities like running, cycling,
and hiking. These applications can track distance, speed, elevation, and other metrics, providing users with insights into their workouts and
outdoor adventures.
4. Geotagging and Social Media: Mobile applications often use GPS to enable geotagging, where users can associate their location with
photos, posts, or check-ins on social media platforms. This allows users to share their location and experiences with friends and followers,
creating a social aspect to their GPS-enabled activities.
Overall, the integration of GPS into mobile applications has revolutionized the way we navigate, explore, and interact with our surroundings,
opening up a wide range of location-based services and experiences.
Question 7
Specify and briefly describe (04) anticipating issues in setting up a WLAN.
Compare and contrast the important features of WLAN with the Wired LAN in the mobile computing context.

111. Explain the concept of Data Roaming illustratively sighting examples.
Discuss the advantages in interoperability among different WLA standards under IEEE802.11 umbrella.
Explain the Frequency Hopping and Direct Sequence Hopping operation of Physical Layer of WLAN technology.
Justify the advantage of OFDM over FDM Modulation in terms of spectral efficiency.
Anticipating issues in setting up a WLAN:
1. Interference: WLAN signals can be affected by interference from other wireless devices, neighboring networks, or physical obstacles.
Anticipate potential sources of interference and plan the WLAN deployment accordingly to minimize signal degradation.
2. Coverage and Range: WLAN coverage may be limited, especially in larger or multi-floor buildings. Consider the range and coverage
requirements, and ensure proper placement of access points to provide adequate coverage throughout the desired area.
3. Security: WLANs are vulnerable to security threats, such as unauthorized access, data breaches, or rogue access points. Anticipate security
risks and implement appropriate security measures, including encryption, strong authentication, and network monitoring.
4. Scalability: WLANs should be designed to accommodate the number of devices and users expected in the network. Anticipate future
growth and plan for scalability in terms of access point capacity, network management, and bandwidth requirements.
Comparison of WLAN and Wired LAN features in the mobile computing context:
Important features of WLAN in the mobile computing context:
 Mobility: WLANs provide wireless connectivity, allowing users to access the network and internet from anywhere within the coverage
area.
 Flexibility: WLANs enable easy deployment and reconfiguration, making them suitable for dynamic environments and mobile devices.
 Convenience: Users can connect to WLANs without the need for physical connections, enabling greater mobility and flexibility.
 Cost-Effectiveness: WLANs eliminate the need for extensive cabling infrastructure, reducing installation and maintenance costs.
Important features of Wired LAN in the mobile computing context:

112.  Reliability: Wired LANs offer stable and consistent connections with high data transfer rates, ensuring reliable and consistent network
performance.
 Security: Wired LANs are generally more secure than WLANs, as physical access to the network is required.
 Bandwidth: Wired LANs typically provide higher bandwidth compared to WLANs, resulting in faster data transfer rates and lower latency.
Data Roaming:
Data roaming refers to the ability of a mobile device to connect to and use cellular data services when traveling outside the coverage area of its
home network. When a user roams into a different network's coverage area, their mobile device establishes a connection to the visited network,
allowing them to access voice, SMS, and data services. Data roaming is commonly used when traveling internationally, where the user's home
network does not have coverage.
For example, when a person travels from their home country (Network A) to another country (Network B), their mobile device automatically
switches to Network B and starts using the data services provided by Network B. The user can access the internet, use mobile apps, and perform
other data-related activities, with the charges being billed by their home network or as per the roaming agreements between the networks.
Advantages of interoperability among different WLAN standards under IEEE 802.11 umbrella:
1. Compatibility: Interoperability ensures that devices adhering to different WLAN standards can communicate with each other. This allows
users to connect to different types of networks without compatibility issues, promoting seamless connectivity.
2. Flexibility: Interoperability among WLAN standards allows for the use of different devices and equipment, providing flexibility in choosing
hardware and software solutions that best suit specific requirements.
3. Expansion and Growth: Interoperability enables the integration of new WLAN technologies and standards into existing networks. This
facilitates network expansion and supports the adoption of advanced features and capabilities as they become available.
4. Market Competition: Interoperability promotes healthy market competition by allowing multiple vendors to develop and offer WLAN
products and services. This encourages innovation, pricing competitiveness, and the availability of a wide range of options for consumers.
Explanation of Frequency Hopping and Direct Sequence Hopping operation in the Physical Layer of WLAN technology:
Frequency Hopping Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS) are two techniques used in the Physical Layer of
WLAN technology for transmitting data over a wireless medium.

113. 1. Frequency Hopping: In FHSS, the transmitted signal hops between different frequencies in a predefined sequence. The sender and receiver
synchronize their hopping patterns to ensure data is transmitted and received on the same frequency at any given time. This hopping pattern
provides resistance to interference and enables multiple devices to share the same frequency band without significant collisions.
2. Direct Sequence: In DSSS, the data signal is spread over a wider frequency bandwidth using a spreading code. The spreading code is a
unique sequence of bits that "spreads" the data signal, making it more resilient to interference and improving the signal-to-noise ratio. The
receiver uses the same spreading code to extract the original data signal from the received spread spectrum signal.
Advantage of OFDM over FDM Modulation in terms of spectral efficiency:
OFDM (Orthogonal Frequency Division Multiplexing) is a modulation technique used in WLANs and other communication systems. It offers
several advantages over FDM (Frequency Division Multiplexing) modulation in terms of spectral efficiency.
1. Efficient Spectrum Utilization: OFDM divides the available frequency spectrum into multiple orthogonal subcarriers, each carrying a
separate data stream. These subcarriers are closely spaced and overlap with each other, allowing for efficient use of the available spectrum.
2. High Data Throughput: OFDM enables parallel transmission of multiple data streams on different subcarriers, allowing for high data
throughput. Each subcarrier can carry a separate data stream, increasing the overall capacity and enabling faster data transfer rates.
3. Resistance to Frequency Selective Fading: OFDM is robust against frequency selective fading, where different frequency components of
the signal experience varying levels of attenuation or interference. Since OFDM spreads the data across multiple subcarriers, any fading or
interference affecting a specific subcarrier is unlikely to impact the entire signal significantly.
4. Support for Higher Modulation Schemes: OFDM allows for the use of higher-order modulation schemes, such as QAM (Quadrature
Amplitude Modulation), which can transmit more bits per symbol. This further increases the data rate and spectral efficiency of the system.
Overall, OFDM provides improved spectral efficiency compared to FDM by utilizing the available spectrum more efficiently, supporting high
data throughput, and offering robustness against fading and interference.
Question 8
Provide the architecture of a typical GPRS Network and briefly explain the functionality of each element.
Describe 03 advantages of Blue Tooth Technology in Pervasive Computing.

114. Describe the key issue in IP addressing with mobility and workarounds to solve the issue.
Architecture of a typical GPRS (General Packet Radio Service) Network:
1. Mobile Device: The mobile device, such as a smartphone or tablet, acts as the user's interface to the GPRS network. It communicates with
the GPRS network through the air interface using radio signals.
2. Base Station Subsystem (BSS): The BSS consists of the Base Transceiver Station (BTS) and the Base Station Controller (BSC). The BTS
handles the radio interface with the mobile device and is responsible for transmitting and receiving radio signals. The BSC manages and
controls multiple BTSs, coordinating the radio resources and handovers between cells.
3. Serving GPRS Support Node (SGSN): The SGSN is responsible for the packet switching and routing of data within the GPRS network. It
tracks the location of mobile devices, manages their mobility, and performs authentication and security functions.
4. Gateway GPRS Support Node (GGSN): The GGSN acts as a gateway between the GPRS network and external networks, such as the
internet or private networks. It performs IP address allocation, routing, and network security functions, allowing GPRS users to access
external networks.
5. Home Location Register (HLR): The HLR is a database that stores subscriber-related information, such as subscriber profiles,
authentication data, and service subscriptions. It provides the necessary information for call routing and management of subscriber services.
6. Authentication Center (AuC): The AuC stores authentication and encryption keys used for secure communication between the mobile
device and the network. It verifies the identity of the subscriber during the authentication process.
7. Operation Support System (OSS): The OSS provides management and support functions for the GPRS network, including network
monitoring, configuration management, performance analysis, and billing.
Advantages of Bluetooth Technology in Pervasive Computing:
1. Wireless Connectivity: Bluetooth enables wireless communication between devices within a short range. It eliminates the need for cables
or physical connections, allowing seamless connectivity and interaction between devices in a pervasive computing environment.
2. Low Power Consumption: Bluetooth technology is designed for low power consumption, making it ideal for battery-operated devices. It
enables efficient communication and data transfer while conserving battery life, which is crucial in pervasive computing scenarios where
devices are often mobile and rely on limited power sources.
3. Device Interoperability: Bluetooth provides a standardized communication protocol, ensuring interoperability between different devices
from various manufacturers. This allows devices to connect and communicate with each other seamlessly, regardless of the underlying
hardware or operating systems.

115. Key issue in IP addressing with mobility and workarounds to solve the issue:
The key issue with IP addressing in mobility is that traditional IP addresses are location-based, meaning they are tied to a specific network subnet
or location. When a mobile device moves to a different network or location, it needs a new IP address, resulting in potential disruption of ongoing
connections and the need for address reconfiguration.
Workarounds to solve this issue include:
1. Mobile IP: Mobile IP is a protocol that allows a mobile device to maintain a consistent IP address regardless of its location. It involves the
use of a home network and a foreign network. The home network assigns a permanent IP address to the mobile device, while the foreign
network provides a temporary care-of address. Data is tunneled between the home and foreign networks to ensure seamless connectivity
and uninterrupted communication.
2. Dynamic Host Configuration Protocol (DHCP): DHCP can be used to assign IP addresses dynamically to mobile devices when they connect
to a network. When a device moves to a new network, it can request a new IP address from the DHCP server in the new network, allowing
for smooth address assignment and continuity of network connectivity.
3. Network Address Translation (NAT): NAT can be used to hide the actual IP addresses of mobile devices behind a single public IP address.
This allows devices to maintain their private IP addresses as they move across networks, while the NAT device translates and routes the
traffic between the private IP addresses and the public IP address.
These workarounds enable mobile devices to maintain their IP connectivity and preserve ongoing connections even when moving across networks
or locations, addressing the issue of IP addressing with mobility.

116. Past Papers – 2014
Question 1
Read following case study carefully and answer below relating to the case study.
Client Profile
The client is a well-known player in mobile application management enterprise segment and offers a one stop solution for various
business/enterprise to manage mobile applications on their devices. It provides mobile application management services that help business
users, IT professionals, and developers to manage and introduce their applications to the market. Our client also offers enterprise
application storefront and management console to distribute, secure, manage, and market mobile apps for Apple iOS, Google Android,
RIM tablets, and various other smart phones.
Business Situation
Our client looked for a reliable QA and testing service provider well equipped to assist in its foray into the mobile application management
enterprise market dominated by new technology and growing end user expectations. Today's business environment is highly dependent
on mobile communication. People across all business segments are using mobile applications for business communication, business
applications, marketplaces, app management, customer management, payments, etc. Rapid expansion of organizations and growth of user
perspectives nowadays call for more exclusive and robust Mobile platforms befitting to growing requirements. The unveiling of newer
applications for mobile version websites, smartphones, m-commerce, new games, and other mobile based services forced our client to start
developing new enterprise mobile application management software product to manage such apps. It looked for a QA and Testing partner
who could help set up their QA and test process and provide one stop testing solutions to all their needs.
The Situation: Technical and Nontechnical Challenges on the Client
The client had a stealth start up when it reached out to us for setting up a QA and test framework for its products. As a well-grown
enterprise over the last 2 years, the client company has many challenges proportionate to its extensive business. S ze, budget, time limit,
newer technology, and reliability of offshore testing partner put some serious challenges for our client before we took upon their project.

117. At Testing Expert End
1. We faced a number of technical challenges while testing the client application distribution system.
2. Process adaptability, initial QA process, and product development as not in sync and managing test results and test planning
were difficult.
3. It was a challenge to perform application testing, testing on handheld devices, and then automation test suit development.
4. Sideloading was another core challenge for our testing team.
5. There was another challenge which we faced and was the issue of compatibility as the single application would be running in
a different mobile operating system.
6. The issue of device platform compatibility was also taken into co sideration, as a single application would be running on
different devices, such as mobiles, iPads etc.
7. The text inputs were running very slowly and cumbersome on different mobile devices.
8. Performance test on mobile API/web services also called for great r expertise.
9. There was a challenge in providing the application crash logs which could help find bugs.
1. What are the end user expectations of a mobile application and how do you plan to manage them in this scenario. Discuss your
approach using industry best practices.
End user expectations of a mobile application are constantly evolving and are driven by the increasing demand for seamless user
experiences. In this scenario, managing end user expectations requires a comprehensive approach using industry best practices. Here are
some key steps to address this:
a. User-Centric Design: Adopt a user-centric approach during the development process, involving user feedback and usability
testing to ensure that the application meets the needs and expectations of the target audience. Conducting user research and
incorporating user feedback throughout the development lifecycle can help in identifying and addressing user expectations.
b. Performance and Responsiveness: Users expect mobile applications to be fast, responsive, and reliable. Conduct performance
testing to ensure the application performs well under various load conditions and network speeds. Implement best practices for
optimizing app performance, such as efficient code, caching, and minimizing network requests.

118. c. Usability and User Interface: Mobile applications should have intuitive and user-friendly interfaces. Conduct usability testing to
identify any usability issues and make necessary improvements. Follow mobile UX design guidelines and standards to provide a
consistent and familiar experience to users.
d. Compatibility and Device Support: Ensure that the application is compatible with a wide range of devices, screen sizes, and
operating systems. Perform thorough compatibility testing across various devices and platforms to identify any issues. Leverage
device emulators and real devices to cover a broad spectrum of configurations.
e. Security and Privacy: Mobile applications often handle sensitive user data, so ensuring security and privacy is crucial. Implement
robust security measures, such as secure data storage, encryption, and secure communication protocols. Conduct security testing
and vulnerability assessments to identify and address potential risks.
f. Continuous Improvement and Updates: Stay updated with the latest trends and user expectations in the mobile application market.
Regularly collect user feedback, monitor app performance, and make iterative improvements to meet changing user expectations.
Plan for regular updates and bug fixes to address any issues and improve the overall user experience.
2. What are the key product risks you foresee in terms of mobile application quality.
a. Compatibility Issues: Due to the wide variety of mobile devices, operating systems, and versions in the market, ensuring compatibility across
different platforms can be challenging. Compatibility issues may lead to functional or visual inconsistencies, performance degradation, or even
application crashes.
b. Performance and Stability: Mobile applications need to perform well under different network conditions and device capabilities. Poor
performance, slow loading times, frequent crashes, or resource-intensive behavior can lead to a negative user experience and impact the overall
quality of the application.
c. Security Vulnerabilities: Mobile applications can be susceptible to security threats such as unauthorized data access, data leaks, or malicious
attacks. Inadequate security measures and vulnerabilities in the application's code or dependencies can put user data and privacy at risk.

119. d. Usability and User Experience: If the application's user interface is confusing, lacks intuitiveness, or fails to meet user expectations, it can
result in frustration and abandonment. Usability issues, poor navigation, and unintuitive design can negatively impact the user experience.
e. Integration Challenges: Mobile applications often need to integrate with various backend systems, APIs, or third-party services.
Incompatibility, data synchronization issues, or communication failures between the application and external components can lead to
functionality problems or data inconsistencies.
To mitigate these risks, it is essential to implement a comprehensive testing strategy that includes functional testing, performance testing,
security testing, compatibility testing, usability testing, and integration testing. Conducting thorough testing throughout the development
lifecycle, utilizing both manual and automated testing approaches, can help identify and address these risks early on.
3. Mobile device fragmentation is one of the key challenges you will fac in this kind of testing. Discuss your plan to overcome said
fragmentation risk.
Mobile device fragmentation is indeed a significant challenge in mobile application testing. To overcome this fragmentation risk, the
following steps can be taken:
a. Device Selection: Identify the target devices based on market share, popularity, and the specific demographics of the user base. Prioritize
testing on these devices to ensure maximum coverage.
b. Device Emulators and Simulators: Utilize device emulators and simulators to create a virtual test environment that mimics various device
configurations. These tools can help cover a wide range of devices without the need for physical devices.
c. Real Device Testing: Test the application on real devices representing different platforms, operating system versions, and screen sizes.
This approach helps identify issues that may be specific to certain devices or operating system versions.
d. Test Automation: Implement test automation frameworks that support cross-platform testing. This enables running tests on multiple
devices and platforms simultaneously, reducing testing time and effort.

120. e. Cloud-Based Testing: Leverage cloud-based testing services that provide access to a vast array of real devices and operating system
versions. These services allow for scalable and on-demand testing across different device configurations.
f. Regular Updates: Stay updated with the latest market trends and changes in device fragmentation. Periodically review and update the
device matrix used for testing to ensure it reflects the current market landscape.
By employing a combination of these strategies, the impact of device fragmentation can be minimized, and comprehensive test coverage
can be achieved across a diverse range of mobile devices.
Question 2
Testing on real device allows you to run your mobile applications and checks its functionality: Real device testing assures you that your
application will work smoothly in customer handsets. Emulator is a software program that allows your mobile to imitate the features of
another computer or mobile software you want them to imitate by installing them to your computer or Mobile.
1. What are the differences between Emulator and Simulator?
Differences between Emulator and Simulator:
Emulator:
 An emulator is a software program that replicates the hardware and software environment of a specific device, such as a mobile phone or
computer.
 It provides a virtual representation of the device, allowing developers to test and run applications on their computers without the need for
the actual physical device.
 Emulators closely mimic the behavior of the target device, including its operating system, hardware capabilities, and user interface.
 They are typically slower than the actual device due to the overhead of emulating the hardware and software environment accurately.
Simulator:

121.  A simulator is a software program that simulates the behavior of a device or system but does not replicate its actual hardware or software
environment.
 It provides a simulated environment that mimics the functionalities and behaviors of the target device or system.
 Simulators focus on simulating specific aspects or components of the target device or system, such as the behavior of sensors or network
connectivity.
 They are generally faster than emulators since they do not need to emulate the entire hardware and software stack.
In summary, emulators aim to replicate the actual hardware and software environment of a specific device, while simulators focus on simulating
specific aspects or functionalities of the target device or system without fully replicating its environment.
2. When you plan to use emulators for testing and why?
Emulators are commonly used for testing in the following scenarios:
a) Early Development: Emulators are often used during the early stages of development when access to physical devices may be limited.
Developers can quickly test their applications on different platforms and screen sizes using emulators before acquiring actual devices.
b) Compatibility Testing: Emulators are useful for testing application compatibility across different operating systems, device models, and
versions. They allow developers to verify that their applications function correctly on a variety of devices without the need for physical devices
for each combination.
c) Debugging and Troubleshooting: Emulators provide additional debugging tools and features that can help identify and fix issues in the
application code. They offer a controlled environment for developers to analyze and debug the application without the complexities of a real
device.
d) Cost and Accessibility: Emulators are cost-effective and easily accessible since they are software-based. They eliminate the need for
purchasing and maintaining a large collection of physical devices, making them a convenient option for testing in resource-constrained
environments.

122. 3. When you plan to use Simulator for testing and why?
When to use simulators for testing:
Simulators are typically used in the following scenarios:
a) Specific Component Testing: Simulators are beneficial when testing specific components or functionalities of a device. For example, a network
simulator can be used to simulate different network conditions and behaviors to test the application's performance and responsiveness.
b) Performance and Load Testing: Simulators can simulate large-scale scenarios and heavy usage to test the application's performance under
different conditions. They can generate simulated user interactions and traffic to evaluate the application's response and stability.
c) Training and Demonstration: Simulators are useful for training purposes or demonstrations where a realistic representation of a device's behavior
is needed. They provide a controlled environment to showcase the functionalities and features of a device without the need for physical devices.
d) Early Prototyping: Simulators can be employed during the initial stages of development to create quick prototypes and validate the concept or
design. They allow developers to test and iterate on ideas rapidly without the need for complex hardware setups.
It's important to note that the decision to use emulators or simulators for testing depends on the specific requirements of the project, available
resources, and the desired level of accuracy and realism needed in the testing process.
Question 3
Given below are some statistics from native mobile application behavior while executing. Mainly during this scenario application opens a
network connation, download data form the backend and display them in mobile screen.

123. 1. Identify major drawbacks or an industry known defect form above scenario and explain why we need to manage them.
Major drawbacks or industry-known defects in the given scenario:
a) Network Connectivity Issues: One of the major drawbacks can be intermittent or unstable network connectivity. Mobile applications heavily
rely on network connections to download data from the backend. If the network connection is weak or frequently interrupted, it can lead to slow
data transfer, timeouts, or incomplete downloads. This can result in a poor user experience and affect the application's functionality.
Managing this drawback is crucial because users expect reliable network connectivity for smooth data retrieval and display. It is essential to
handle network errors gracefully, implement retry mechanisms, and provide appropriate error messages to the user. Additionally, optimizing the
application's network usage and reducing unnecessary data transfers can help mitigate connectivity issues.
b) Slow Data Download: If the data download from the backend is slow, it can cause delays in displaying information on the mobile screen. This
can lead to a poor user experience, especially if the application requires real-time or time-sensitive data updates. Slow data download can occur
due to factors such as high network congestion, server-side performance issues, or inefficient data retrieval mechanisms.
Managing this drawback involves optimizing the backend infrastructure, implementing efficient data retrieval techniques, and utilizing caching
mechanisms to reduce the dependency on frequent data downloads. Additionally, implementing loading indicators and providing feedback to
users during data retrieval can help manage their expectations and improve the overall user experience.

124. 2. AUT actually open the connection in 23rd second and it closing it on 68 second. What is the known defect/issue in this scenario and
how to overcome this?
Known defect/issue with connection opening and closing:
The known defect in this scenario is the delayed opening and closing of the network connection. Opening the connection in the 23rd second and
closing it on the 68th second indicates a longer duration of an open connection than necessary. This can lead to unnecessary resource consumption,
such as battery drain and network congestion.
To overcome this issue, the application should employ efficient connection management techniques. This includes ensuring that the network
connection is opened at the earliest possible stage when required and closed promptly after data transfer is complete. Using connection pooling,
reusing existing connections, and implementing proper connection lifecycle management can help optimize resource usage and improve overall
application performance.
3. Assume this application runs on GSM 3G network. Explain your understanding of RCC state behavior.
Understanding of RCC state behavior in GSM 3G network:
RCC stands for Radio Connection Control, which is a mechanism in GSM 3G (third-generation) networks that manages the establishment,
maintenance, and termination of radio connections between mobile devices and the network. RCC state behavior refers to the different states
a mobile device can be in during the communication process with the network.
In a GSM 3G network, the RCC states typically include:
a) Idle State: The mobile device is not actively communicating with the network. It may be in a standby mode or disconnected from the
network.
b) Dedicated State: The mobile device establishes a dedicated connection with the network for specific communication purposes, such as
making a call or accessing data services. In this state, the device is actively engaged in communication.

125. c) Transfer State: The mobile device is transferring data or voice packets over the established dedicated connection. This state is used for
actual data transmission between the device and the network.
d) Release State: The dedicated connection is terminated, and the mobile device returns to the idle state or prepares for establishing a new
connection if needed.
The RCC state behavior aims to optimize network resources and manage the mobile device's power consumption. By transitioning between
different states based on the communication requirements, the network can efficiently allocate resources and ensure effective communication
while minimizing unnecessary resource usage.
It's important to note that the specific RCC states and their behaviors may vary depending on the network technology, such as GSM, 3G, 4G,
or 5G, and the implementation details of the mobile network infrastructure.
Question 4
The multiple access method described below IS one of the techniques used in modem communication.

126. Identify A, B, C, and D and explain their behavior.
A – Forward Link
B – Reverse Link
C – Mobile Station
D – Base Station
A – Forward Link: The forward link refers to the transmission path from the base station to the mobile station. It carries data, voice, and other
information from the base station to the mobile station.

127. B – Reverse Link: The reverse link is the transmission path from the mobile station to the base station. It is responsible for transmitting signals,
including voice and data, from the mobile station to the base station.
C – Mobile Station: The mobile station refers to the device or equipment used by the user to access the mobile network. It can be a mobile phone,
tablet, or any other wireless device capable of communication with the base station.
D – Base Station: The base station is a fixed communication station that connects mobile devices to the core network. It provides the infrastructure
for wireless communication by transmitting and receiving signals to and from mobile stations within its coverage area.
b) Explain how Frequency Division Multiple Access (FDMA) was implemented.
Frequency Division Multiple Access (FDMA) is a technique used in mobile communication systems to divide the available frequency spectrum
into multiple non-overlapping frequency bands, each allocated to a different user or communication channel. Here's how FDMA is implemented:
1. Frequency Allocation: The available frequency spectrum is divided into multiple smaller frequency bands. Each band is allocated to a
specific user or communication channel.
2. Channel Assignment: Each user or communication channel is assigned a unique frequency band for transmission and reception. This
assignment ensures that different users operate on different frequencies, minimizing interference between them.
3. Frequency Separation: The allocated frequency bands are separated from each other by guard bands or frequency gaps to prevent
interference between adjacent channels. These guard bands act as a buffer to avoid overlap and maintain signal quality.
4. Transmission and Reception: Users or communication channels transmit and receive signals within their allocated frequency bands. The
base station and mobile stations are tuned to operate on specific frequencies, allowing them to communicate with each other without
interference from other users in the system.
c) Discuss advantages and disadvantages of Code Division Multiple Access (CDMA)
Advantages of Code Division Multiple Access (CDMA):

128. 1. Increased Capacity: CDMA allows multiple users to share the same frequency band simultaneously by using unique codes to differentiate
between different transmissions. This increases the capacity of the system compared to other multiple access techniques like FDMA or
TDMA.
2. Improved Call Quality: CDMA provides better call quality and clarity due to its ability to mitigate interference. The use of spreading codes
in CDMA allows the receiver to separate desired signals from unwanted signals, including noise and interference.
3. Enhanced Security: CDMA offers inherent security advantages due to the use of unique codes for each user. It is difficult for unauthorized
users to intercept or decode CDMA transmissions, making it more secure compared to other access techniques.
Disadvantages of Code Division Multiple Access (CDMA):
1. Complexity: CDMA systems are more complex to implement and operate compared to other multiple access techniques. The receiver
needs to perform sophisticated processing to recover the desired signal, requiring more computational resources.
2. Near-Far Problem: CDMA systems are susceptible to the near-far problem, where a mobile station close to the base station may overwhelm
signals from stations farther away. This can lead to degradation in system capacity and performance if not properly managed.
3. Limited Compatibility: CDMA is not widely adopted globally compared to other multiple access techniques like GSM or LTE. This limited
compatibility can create challenges for roaming and interconnection between different CDMA networks.
Question 5

129. 1. Above diagram discusses the behavior of most recent method of mobile communication. What is this?
2. Identify A, B, C and D.
3. How much energy is required when your AUT is in RCC connected mode and RCC IDEL mode.
Past Papers – 2013
Question 1
A University has a comprehensive Student Attendance Monitoring policy. Alongside this a central Student Attendance Monitoring (SAM)
system has been designed to assist departments in the collection, storage and analysis of attendance monitoring data relating to students.
The SAM system can be accessed on two channels.
1) Go direct via the web page (open internet)

130. 2) Login via intranet
Access to Systems:
All who have access to the Corporate Information Enquiry System (CIES) will automatically have access to SAM. Others need to be set
up as an authorized user via a registration process.
There are two main types of attendance monitoring data:
1) Attendance Data - Departments are required to monitor the attendance of all students (both Home and Overseas). Departments must
maintain their own records of student attendance monitoring activities they undertake and are strongly encouraged to use the central
SAM system for this purpose.
2) Check Point Data - Departments are required to regularly review attendance data and other evidence of participation/progress for all
students (both Home and Overseas) to judge whether they are fully "engaged" with their study or not. Using the central SAM system,
departments must confirm at two or three official check points during the year following initial registration, whether or not students are
engaging with their studies.
There are a number of methods for recording attendance monitoring data on central systems in order for departments to monitor student
attendance and inform and manage their Check Point data returns.
1) CMIS Registers - this is part of the CMIS Timetabling software, which is used by all departments, and enables class registers to be
printed and/or updated online. Attendance data loaded via CMIS Registers is automatically incorporated into the central SAM system.
2) 1 to 1 Meetings Facility - a web-based facility within the central SAM system for staff to record 1 to 1 meetings/interactions with
individual students.
3) Departmental Data Uploads - enables departments to upload student attendance data via excel or .CSV file format onto the central
SAM system.
4) Check Points Facility - a web-based facility within the central AM system for staff to record checkpoint data for cohorts of students.

131. a. Considering the above scenario, what are the main issues/problems you identify when it comes to Ubiquitous Computing?
b. Ubiquitous Computing or pervasive computing is all about passing information close to the end user. Mobile computing is an
essential component in Ubiquitous Computing. With this context, discuss your plan to resolve issues/problems you identify. You
are requiring to discuss in detail what technologies you are planning to use and how.
c. The university wants to build a mobile application and integrate it into existing SAM. Hybrid and Native are two different mobile
application development methods. What approach do you consider for said mobile a plication and why?
Question 2
Monitoring and managing device resource consumption is one of the success factors in mobile computing. Energy consumption is the most
important resource in mobile devices. Below diagram describes a method used to calculate device energy consumption.

132. a) Identify A, B, C and D and explain their behavior.
b) Identify 1,2,3,4 and 5 and explain how entire flow works.
c) Discuss what happens if your application sends network pin every 30 seconds?
Question 3
The following describes the behavior of a mobile application in the banking sector.
1. User requires to log into the banking system by keying his User ID and Password.
2. Mobile application use web service to connect to banking backend systems to validate user. This web service call transfer is
approximately 50KB to backend servers.
3. Once the backend receives the authentication request it takes 2 seconds to process and whole network request and response require
another 2 seconds.
4. Once user authenticated, He will be pointing to the main page which has the main menu and previous transaction summary, this page
is approximately 250KB and need 14secound to render.
5. Once the user has landed on the main menu, he can navigate to the transaction page and click the home button to navigate back to main
page. Once the home button clicked mobile application use above web service to get the main page response from the backend.
6. It has been observed that the average end user may travel 4 to 5 times from the main menu to transaction pages before logout from the
system.

133. This system was designed using the below high-level architecture.
a) How much energy is required from mobile battery for authentication process?
b) When carefully analyzed above scenario, there is an industry known defect and it can be overcome by following industry best practices.
Discuss the defect and your solution?
Question 4
NFC or Near Field Communication is a short-range high frequency wireless communication technology. NFC is mainly aimed for mobile
or handheld devices. Radio communication is established by touching the two phones/devices or keeping them in proximity of a few
centimeters.
It allows for simplified transactions, data exchange, and wireless connections between two devices.
NFC communication has two methods.
I. Active communication
II. Passive communication
NFC has two components.
I. NFC Reader
II. II. NFC Tag

134. a) Explain what IS Active communication and Passive communication?
b) Explain what NFC Reader and NFC Tag and their behaviors are.
c) Discuss how you use this technology for Mobile Payment solutions?