UNIX network programming
Role-Based Access Control Models
Computer
Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Mobile Radio Networks: Networking and Protocols
Mobile Radio Networks: Networking and Protocols
WLAN Systems and Wireless IP for Next Generation Communications
WLAN Systems and Wireless IP for Next Generation Communications
Jxta in a Nutshell
Security and Trust Issues in Ubiquitous Environments -- The Business-to-Employee Dimension
SAINT-W '04 Proceedings of the 2004 Symposium on Applications and the Internet-Workshops (SAINT 2004 Workshops)
A PK-SIM card based end-to-end security framework for SMS
Computer Standards & Interfaces
Agent-services and mobile agents for an integrated HCIS
International Journal of Computer Integrated Manufacturing
POSSET: policy-driven secure session transfer
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Hi-index | 0.00 |
Emerging mobile technologies such as PDAs, laptops and smart phones together with wireless networking technologies such as WLAN and UMTS promise to empower mobile employees to become better integrated into their companies' business processes. However, the actual uptake of these technologies is still to come; one hindrance is security of mobile devices and applications. In this contribution we present an in-depth analysis of the current situation enterprises are faced with in the mobile arena, both from a security and a management perspective. We argue that the currently predominant model of perimeter security will not scale for future mobile business applications that will require appropriate application-level security mechanisms to be in place. We present a framework offering solutions for the development of secure mobile business applications that takes into account the need for strong security credentials, e.g. based on smart cards. This framework consists of software and abstractions that allow for the separation of the core business logic from the security logic in applications. Security management instruments in the form of enforceable enterprise policies are defined which target the security and trust-related deployment and configuration of mobile devices and business applications. The presented architecture is open, in the sense that the actual mobile business application can span over heterogeneous client devices, forming a so-called federation.