Abstract
With the rapid growth of internet technologies, there have been many recent innovations in printing methods and mobile printing service has become important part of our daily life. In this paper, we design and implement a secure mobile printing service using NFC tag to protect our personal information from the technical vulnerability and physical accident such as a robbery. To protect the personal information, the user has to scan the NFC information at the NFC reader using recognition robot to confirm the authentication. In addition, we propose a secure NFC-based authentication protocol that provides printer authorization method and document access control in accordance with user's authority. Lastly, to prove validity and efficiency of the proposed system, the experimental test was confirmed and provided the results.
1. Introduction
With the rapid development of mobile services and the prevalence of mobile robots, we communicate directly with our belongings such as smartphones, laptops, smart pads, and tablets [1–3]. Also, we do a lot of business processes such as e-mail, word processing, and printing services using smart devices. Following this trend, mobile printing services that can check and print documents directly using mobile devices have become important parts of our daily life. Also, smartphones and tablets are becoming more popular in performing most of the tasks that a desktop computer is capable of doing [4]. In the existing method, mobile users who are away from their desks often have difficulty finding and using a printer, because they do not always have the entire network printer directory loaded on their mobile devices and they may not know where the nearest, functioning printer is [5]. Thus, a printing process must be performed in a variety of network environments. But in smart work environment, it is necessary to think about the security problem due to numerous types of terminal and diverse uses [6]. And this method may leak printout materials containing personal information or confidential information out to the third party and leads to a serious security problem. In case of transferring or printing information via smart device, security techniques such as integrity of transmitted data, mutual authentication between devices, and access control setting for the documents are required in order to protect the printout from the third party's interference or disturbance.
In this paper, we propose a secure NFC- (Near Field Communication-) based mobile printing service to enhance safety and security of the differentiated privileged documents. It provides printer authorization method and document access control in accordance with the user's authority. To protect personal information, we use the NFC technology for authentication instead of biometrics method such as finger vein recognition. Finger vein recognition [7, 8] refers to a recent biometric technique which exploits the vein patterns in the human finger to identify individuals and it has been proved to be an effective biometric for personal identification in recent years. This method is getting popular because it is not necessary to carry a plastic card such as ID card and there is very little chance of being a victim of theft. But its drawback is that it requires specialized equipment and technical skills.
The rest of this paper is organized as follows. Several related works are compared in the next section. In Section 3, design and implementation of suggested method are described, along with its phased process, execution results, and overall scenario. In Section 4, the experiments were confirmed to verify efficiency and validity of our paper. Conclusions are provided in the final section.
2. Related Work
Smart work using mobile devices has been increased. Due to the changes in business processes, documents can be confirmed on the internet through the mobile device and printed out immediately using the mobile printing technology.
Mobile printing is a service that was designed and developed to print documents without cables using mobile devices. This service can be used to print documents as well as bank statements after checking the documents in mobile devices. Mobile printing service allows the users to send printouts to printers from mobile devices such as laptops, tablets, and cell phones. Mobile printing supports a range of common document formats, including word, PDF, and various image formats [9]. Mobile printing services can be divided into wireless method using IrDA (Infrared Data Association), Bluetooth, or WiFi and the wire method using a USB cable. Most services are using wireless methods such as Bluetooth and WiFi and are directed to the printer which is located on the same AP. There are several commercial mobile printing services such as Printer Share [10], AirPrint of Apple [11], Smart Printing of Samsung [12], Cloud Print of Google [13], and ePrint of HP [14]. One of the well-known printing services, AirPrint [11], supports driverless printing capability integrated with its operation system using iOS devices [11, 15] and Printer Share [10] automatically detects printers connected to their device including local network printers [10].
Table 1 shows a comparison between the proposed method and the existing methods.
Comparison with existing methods.
XHTML (Extensible Hypertext Markup Language) printing [16] uses USB for printer authentication. However this method is weak at user authentication for security. PUCC(Peer-to-Peer Universal Computing Consortium) mobile printing [17] provides heterogeneous printer connection. SIP (Session Initiation Protocol) mobile printing [18] provides SSL (Secure Socket Layer) security method and recommendation service based on the user's location and printing status. But these two methods [17, 18] do not provide privileged document printing function. The proposed system supports the NFC-based user authentication method and privileged document access control in accordance with the user's authority. It also can set the printer response waiting time. But it does not provide scheduling service for the printing status. With regard to security, NFC is a very short range communication technology and obviously offers higher security. For this reason, we provide NFC-based authentication method to enhance safety and security.
3. Proposed Method
The proposed mobile printing service is based on accessing the documents using their personal mobile device like smartphones, laptop, and tablet in the company. The previous service supports a range of diverse document formats and can print anytime and anywhere as long as a wireless printer exists. However, it has the risk of leaking confidential documents of the company to the third parties. Therefore, this paper proposes a secure mobile printing service to solve the problem of a third party's interference and disturbance using security techniques such as integrity of transmitted data, mutual authentication between devices, and access control setting for the document.
3.1. System Process
The notations of the proposed protocol suggested in our proposed system are shown in Notations. Figure 1 shows the system process of suggested mobile printing service and the detailed steps are as follows.
System process of mobile printing service.
Step 1 (retrieval of a list of documents).
When the user requests a list of documents to a system server, the system server responds and sends a list of documents that can be accessible following the privileged access control. And then the user selects which document to print. Figure 2 shows the protocol for retrieving of a list of documents.
Protocol for retrieving of a list of documents.
Step 2 (searching the printer and downloading the spool files).
The mobile device lets the user know the nearest printer based on user's location utilizing SNMP (Simple Network Management Protocol) and the user selects the correct location and printer from the lists. The mobile device responds to the spool files to print the documents that are requested by the user. Figure 3 shows the protocol for searching the printer and downloading the spool files.
Protocol for searching the printer and downloading the spool files.
Step 3 (printer authentication and printing documents).
To print the spool files, the user has to scan the NFC information at the NFC reader to confirm the authentication. The mobile device confirms the printer authentication comparing with NFC tag information and the printer information. Once your mobile printing request has been successfully processed, it sends the spool files to the printer and then prints the documents. Figure 4 shows the protocol for authentication and document printing.
Protocol for authentication and document printing.
3.2. Execution Results
This section shows the execution results of our system.
Figure 5 shows a list of documents and the preview screen of each document. When a user selects the title of a document, it provides a document preview.
Screenshot for retrieving of a list of documents.
Figure 6 shows searching the nearest printer. The printing service might be able to select the nearest printer at any given point and it prints the documents anytime and anywhere. The mobile device lets the user know the nearest printer and the user selects the correct location and printer from the lists. The mobile device responds to the spool files to print the documents that are requested by the user.
Screenshot for searching the nearest printer.
3.3. Overall Scenario
This section shows the overall scenario of the proposed system. John working in company G made immediate appointment with a customer and he has to print out a contract as early as possible. John gets the list of documents on document server by way of the smartphone application provided by this study. After selecting the contract he wants to print, he reviews the list of printers nearby him by “nearby printer search” function of the application. John chooses an NFC printer in the list at the closest location to him. John has the NFC tag of his smartphone tagged by the NFC reading device of a service robot for the printing of the document. The service robot verifies the agreement between NFC tag information of smartphone and printer information. If they agree with each other, the robot sends the authentication result to the printer and the printer prints the contract. The whole scenario ends when John checks the printed contract. Figure 7 shows the overall scenario of the proposed system.
Overall scenario of the proposed system.
4. Experiments
This experimental evaluation was taken after collecting trustful statistical information by previous operation for two weeks. The object of this experiment is to show a way that is convenient like existing method but more efficient in the aspect of qualitative evaluation by comparing response time in each document. It was mostly done during the working hours of the company. In order to evaluate the maximum throughput per page of document, the response times of documents of 8 pages and 1030 pages were compared by classifying them into three time bands.
Figure 8 shows response time according to each document in each time. The QoS value on maximum throughput can be thought of as being 100% satisfied because the spool files of all document files of 8 pages and 1030 pages were received within 3 seconds and 8 seconds. As for the response time by time band, both documents had the fastest response time between 9 a.m. and 12 p.m. Because the time band between 12 p.m. and 3 p.m. is lunch time and afternoon working hours, the response time was the slowest among the three time bands for the small documents of 8 pages and documents of 1030 pages. The time band between 3 p.m. and 6 p.m. includes the closing hour of daily work. The response time of this time band was faster than the time band of 12 p.m. to 3 p.m. for small documents, while the response time for documents of 1030 pages was the second in being slow. According to this test result, it is possible to know that there are differences in system server situation and response time dependent on different time band of company working hours.
Response time according to each document in each time.
5. Conclusion
As mobile internet services and technique-based small businesses have increased [19], many offline services have moved to online services [20]. In other words, as the era of the popularity of mobile internet is progressing, mobile devices are replacing office work and office workers start and finish their work using mobile devices [21]. So, both mobile device and printing service are becoming important part of our daily life. The printing service might be able to select the nearest printer at any given point [22] and it prints the documents anytime and anywhere. But if the user is located far from the printer, the third party can obtain the documents first before the user reaches the printer. For this, it is urgently required to prepare integrated security solutions and to develop a dynamic access control technology [6]. Thus, many companies are providing mobile printing services, but security policy is leaking outside through printing secret documents and stolen printouts. Due to this, personal information can be leaked out to the third party and that leads to a serious security problem.
In this paper, we propose an NFC-based mobile printing service to enhance safety and security. We suggest a secure mobile printing service based on NFC-based authentication in order to protect against the third party's interference or disturbance. The proposed method provides document access control in accordance with user's authority. Besides, the existing authentication mechanism has the weakness that the efficiency is low in the aspect of usability and it is inconvenient to use. But the proposed method complemented such weaknesses and made it easy to be used in the smart phone environment in consideration of visibility, usability, and security.
Footnotes
Notations
Conflict of Interests
The authors declare that there is no conflict of interests regarding the publication of this paper.
Acknowledgments
This research was supported by Technology Innovation Program of the Knowledge economy (no. 10041659) funded by the Ministry of Trade, Industry and Energy (MOTIE, Korea). This research was supported by the MSIP (Ministry of Science, ICT & Future Planning), Korea, under the “Employment Contract based Master's Degree Program for Information Security” supervised by the KISA (Korea Internet Security Agency) (H2101-13-1001).