0
IADIS e-Society 2004 LisbonPortugal                 Building multi-services               in personal mobile devices      ...
Overview             • Personal devices             • Self-contained services                – Examples             • Mult...
Personal devices• Examples:     – Smart card     – Mobile phone     – PDA• Enable information access anywhere     – With l...
Service delivery model• Device-based service     – The user has a device that can be used in a terminal     – Data network...
Service examples•   Transport tickets•   Automated banking•   Mobile communication•   Health card•   Public identification...
Service components   Service                                                                          Supervising         ...
Service examples•   Transport tickets•   Automated banking•   Mobile communication•   Health card•   Public identification...
Selected subset of services• Main requirements:     – Valuable     – Large scale and widespread     – Fast interactions• T...
Self-contained service• The service typically:     – Belongs to a single business area     – Has specific devices, termina...
New value approach• Improve services     – Customers             • Same device for multiple services             • More co...
Multi-services• Compose different self-contained services   – Ex. device level or terminal level• Aiming for more open and...
Our goal• Develop models and tools to produce  technical assurances that allow  organizations to establish the partial tru...
Related work• Multi-application interoperability     – Standard application frameworks for cards or       other devices• S...
Pilot implementation• Identify benefits and limitations of approach• Use of payment network to load new tickets in  secure...
Pilot approach2004-07-19   Building multi-services on partially trusted domains   15
Why partial trust?• There are already examples of combined services:     – Co-branded credit cards• However, they’re manag...
Questions & Answers                                       “Going from an issuer card to a user                            ...
Upcoming SlideShare
Loading in...5
×

Building multi-services in personal mobile devices based on partially trusted domains

320

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
320
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Building multi-services in personal mobile devices based on partially trusted domains"

  1. 1. IADIS e-Society 2004 LisbonPortugal Building multi-services in personal mobile devices based on partially trusted domains Miguel Pardal (mflpar@yahoo.co.uk) Alberto Cunha (alberto.cunha@inesc.pt) July 19th 2004
  2. 2. Overview • Personal devices • Self-contained services – Examples • Multi-services – Opportunities • Work in progress – Pilot implementation2004-07-19 Building multi-services on partially trusted domains 2
  3. 3. Personal devices• Examples: – Smart card – Mobile phone – PDA• Enable information access anywhere – With little effort – At reasonable cost• Can make service delivery more effective2004-07-19 Building multi-services on partially trusted domains 3
  4. 4. Service delivery model• Device-based service – The user has a device that can be used in a terminal – Data networks support information flows with business servers2004-07-19 Building multi-services on partially trusted domains 4
  5. 5. Service examples• Transport tickets• Automated banking• Mobile communication• Health card• Public identification• Etc.2004-07-19 Building multi-services on partially trusted domains 5 …
  6. 6. Service components Service Supervising User Device Terminal Infrastructure organization Magnetic stripe ATM Secure private Bank(s) Automated card network banking Bank servers Mobile SIM Card Mobile Cellular Network Networkcommunication phone Back-end servers operator Smart-card Point-of- Transport network Transport sale authorityTransportation Entry point 2004-07-19 Building multi-services on partially trusted domains 6
  7. 7. Service examples• Transport tickets• Automated banking• Mobile communication• Health card• Public identification• Etc.2004-07-19 Building multi-services on partially trusted domains 7
  8. 8. Selected subset of services• Main requirements: – Valuable – Large scale and widespread – Fast interactions• To satisfy these requirements economically: – Distributed architecture – Almost-never-connected to remote servers• Security must be enforced on local interactions – Consistency checked later2004-07-19 Building multi-services on partially trusted domains 8
  9. 9. Self-contained service• The service typically: – Belongs to a single business area – Has specific devices, terminals and infrastructure – Has a supervising organization to ensure trust• Strengths – Standard design and technology• Weaknesses – ‘One device per service’ – Difficult to extend beyond their original use2004-07-19 Building multi-services on partially trusted domains 9
  10. 10. New value approach• Improve services – Customers • Same device for multiple services • More convenience and other potential benefits – Ex. discounts – Service providers • Reach customers through new channels – Supervising organizations • Increase infrastructure return-on-investment2004-07-19 Building multi-services on partially trusted domains 10
  11. 11. Multi-services• Compose different self-contained services – Ex. device level or terminal level• Aiming for more open and dynamic services – Assume only partial trust – Support restricted information and functionality sharing 2004-07-19 Building multi-services on partially trusted domains 11
  12. 12. Our goal• Develop models and tools to produce technical assurances that allow organizations to establish the partial trust relationship between them to deliver the service2004-07-19 Building multi-services on partially trusted domains 12
  13. 13. Related work• Multi-application interoperability – Standard application frameworks for cards or other devices• Security assurance mechanisms• Auditing• Device certification – Hardware – Software2004-07-19 Building multi-services on partially trusted domains 13
  14. 14. Pilot implementation• Identify benefits and limitations of approach• Use of payment network to load new tickets in secure transport card – Transport operator does not give up control of its security keys for ticket loading to the payment service provider2004-07-19 Building multi-services on partially trusted domains 14
  15. 15. Pilot approach2004-07-19 Building multi-services on partially trusted domains 15
  16. 16. Why partial trust?• There are already examples of combined services: – Co-branded credit cards• However, they’re managed by a single dominant organization, fully trusted by all business partners – In this sense, they’re not much different from self- contained services!• True multi-services entail only partial trust – Existing approaches assume a total trust domain – We want to make trust explicit in models and tools2004-07-19 Building multi-services on partially trusted domains 16
  17. 17. Questions & Answers “Going from an issuer card to a user card…” In (Zóreda and Otón, 1994) “(The device is) their electronic Identity, their reliable key to e-services”. In OSCIE vol. 3-5, eEurope Smart Cards, 2003 Thank you! Miguel Pardal mflpar@yahoo.co.uk 2004-07-19 Building multi-services on partially trusted domains 17
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×