How to Secure Bluetooth-based Pico Networks
Paper in proceedings, 2007

We have examined Bluetooth-based Pico-network (Piconet) applications in wireless computing and cellular devices and found an extensive number of "unexpected abuses", where the security expectations of the device owner can be violated. We have studied the underlying causes of such problems and found that many products lack the controls to administer these devices securely. We also observed cases where explicit security claims from the Bluetooth protocol are not satisfied. We classify a number of abuses and security violations as Bluetooth protocol design flaws, application-layer implementation errors or simply pitfalls in the security management. Using this classification we define a core set of requirements that would improve security significantly.


security controls

pico networks

implementation flaws

design flaws


Dennis Nilsson

Chalmers, Computer Science and Engineering (Chalmers), Computer Engineering (Chalmers)

Phillip A. Porras

Erland Jonsson

Chalmers, Computer Science and Engineering (Chalmers), Computer Engineering (Chalmers)

Proceedings of the 26th International Conference on Computer Safety, Reliability, and Security (SAFECOMP), September 18-21, 2007, Nuremberg, Germany.


Subject Categories

Computer Engineering



More information