The Bluetooth wireless technology provides short range, wireless connectivity between common devices. The security requirements of Bluetooth depend on the application used upon it and on the sensitivity of the data transferred. The Bluetooth technology contains a set of profiles that defines a selection of messages and procedures. Blue tooth security can be defined by four elements which are, availability, access, integrity, and confidentiality. The protocols and functionality required to implements the previous four elements of security is defines by the security architecture. .
Based on well known security shortcoming two general recommendations were carried out. The first one is avoiding the use of unit keys and the use of combination keys. Where in unit keys all trusted devices will have one key for security and that would allow such devices to listen to each others; also attacks from trusted devices would be possible. Secondly, avoiding pairing in public areas and use the long passkey number. Whereas, if paired in public occasion, the attacker should be presented during the pairing in order for him to record all communication during the key exchange and the first authentication between two units where then he can calculate the possible key value and the corresponding initialization key.
A security architecture defines the protocols and functionality required to.
implement the four elements of security within a specific application category.
The rules that determine the access rights to different resources on the.
devices are called the access policy. The access policy together with the.
description of the usage of basic security mechanisms like authentication and.
encryption make up the security policy. The security policy is part of the.
security architecture for a Bluetooth application profile , five common Bluetooth application profiles are:.
o Service discovery application profile.
o Headset Profile.