The performance of public key-enabled kerberos authentication in mobile computing applications
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Moving Java into Mobile Phones
Computer
A lightweight reconfigurable security mechanism for 3G/4G mobile devices
IEEE Wireless Communications
Securing the wireless internet
IEEE Communications Magazine
Alternative Schemes for Dynamic Secure VPN Deployment in UMTS
Wireless Personal Communications: An International Journal
| Hi-index | 0.24 |
This paper presents SPECSA, a new, optimized, policy-driven security architecture for wireless enterprise applications. SPECSA is scalable, extensible, flexible, and customizable. It supports end-to-end client authentication, data integrity and confidentiality between wireless clients and enterprise servers. The security services provided by SPECSA are customized and controlled by an easily configurable security policy that specifies several security-related attributes, classifies network data based on sensitivity and content, and provides an abstraction for the communication and messaging between the client and the server. In addition, SPECSA provides a standard Application Programming Interface (API) that conceals to a great extent the complexity of security operations and programming from the application developer who may not be experienced with enterprise security programming. SPECSA was designed in a platform-neutral manner and can be implemented on a wide range of wireless clients ranging from low-end platforms such as the Java 2 Mobile Edition/Connected Limited Device Configuration (J2ME/CLDC) on limited-memory mobile devices to Personal Java and the Net Compact Framework on PDAs. On the server side, SPECSA can be implemented on any of the available enterprise server platforms. A sample implementation of SPECSA was developed for J2ME on the client-side and for Java 2 Enterprise Edition (J2EE) on the server-side.