• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Building multi-services in personal mobile devices based on partially trusted domains
 

Building multi-services in personal mobile devices based on partially trusted domains

on

  • 391 views

 

Statistics

Views

Total Views
391
Views on SlideShare
391
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Building multi-services in personal mobile devices based on partially trusted domains Building multi-services in personal mobile devices based on partially trusted domains Presentation Transcript

    • IADIS e-Society 2004 LisbonPortugal Building multi-services in personal mobile devices based on partially trusted domains Miguel Pardal (mflpar@yahoo.co.uk) Alberto Cunha (alberto.cunha@inesc.pt) July 19th 2004
    • Overview • Personal devices • Self-contained services – Examples • Multi-services – Opportunities • Work in progress – Pilot implementation2004-07-19 Building multi-services on partially trusted domains 2
    • Personal devices• Examples: – Smart card – Mobile phone – PDA• Enable information access anywhere – With little effort – At reasonable cost• Can make service delivery more effective2004-07-19 Building multi-services on partially trusted domains 3
    • Service delivery model• Device-based service – The user has a device that can be used in a terminal – Data networks support information flows with business servers2004-07-19 Building multi-services on partially trusted domains 4
    • Service examples• Transport tickets• Automated banking• Mobile communication• Health card• Public identification• Etc.2004-07-19 Building multi-services on partially trusted domains 5 …
    • Service components Service Supervising User Device Terminal Infrastructure organization Magnetic stripe ATM Secure private Bank(s) Automated card network banking Bank servers Mobile SIM Card Mobile Cellular Network Networkcommunication phone Back-end servers operator Smart-card Point-of- Transport network Transport sale authorityTransportation Entry point 2004-07-19 Building multi-services on partially trusted domains 6
    • Service examples• Transport tickets• Automated banking• Mobile communication• Health card• Public identification• Etc.2004-07-19 Building multi-services on partially trusted domains 7
    • Selected subset of services• Main requirements: – Valuable – Large scale and widespread – Fast interactions• To satisfy these requirements economically: – Distributed architecture – Almost-never-connected to remote servers• Security must be enforced on local interactions – Consistency checked later2004-07-19 Building multi-services on partially trusted domains 8
    • Self-contained service• The service typically: – Belongs to a single business area – Has specific devices, terminals and infrastructure – Has a supervising organization to ensure trust• Strengths – Standard design and technology• Weaknesses – ‘One device per service’ – Difficult to extend beyond their original use2004-07-19 Building multi-services on partially trusted domains 9
    • New value approach• Improve services – Customers • Same device for multiple services • More convenience and other potential benefits – Ex. discounts – Service providers • Reach customers through new channels – Supervising organizations • Increase infrastructure return-on-investment2004-07-19 Building multi-services on partially trusted domains 10
    • Multi-services• Compose different self-contained services – Ex. device level or terminal level• Aiming for more open and dynamic services – Assume only partial trust – Support restricted information and functionality sharing 2004-07-19 Building multi-services on partially trusted domains 11
    • Our goal• Develop models and tools to produce technical assurances that allow organizations to establish the partial trust relationship between them to deliver the service2004-07-19 Building multi-services on partially trusted domains 12
    • Related work• Multi-application interoperability – Standard application frameworks for cards or other devices• Security assurance mechanisms• Auditing• Device certification – Hardware – Software2004-07-19 Building multi-services on partially trusted domains 13
    • Pilot implementation• Identify benefits and limitations of approach• Use of payment network to load new tickets in secure transport card – Transport operator does not give up control of its security keys for ticket loading to the payment service provider2004-07-19 Building multi-services on partially trusted domains 14
    • Pilot approach2004-07-19 Building multi-services on partially trusted domains 15
    • Why partial trust?• There are already examples of combined services: – Co-branded credit cards• However, they’re managed by a single dominant organization, fully trusted by all business partners – In this sense, they’re not much different from self- contained services!• True multi-services entail only partial trust – Existing approaches assume a total trust domain – We want to make trust explicit in models and tools2004-07-19 Building multi-services on partially trusted domains 16
    • Questions & Answers “Going from an issuer card to a user card…” In (Zóreda and Otón, 1994) “(The device is) their electronic Identity, their reliable key to e-services”. In OSCIE vol. 3-5, eEurope Smart Cards, 2003 Thank you! Miguel Pardal mflpar@yahoo.co.uk 2004-07-19 Building multi-services on partially trusted domains 17