Personal trusted devices for web services: Revisiting multilevel security

Autoren Edgar Weippl
Wolfgang Essmayr
Titel Personal trusted devices for web services: Revisiting multilevel security
Typ Artikel
Journal Mobile Networks and Applications, The Journal of Special Issues on Mobility of Systems, Users, Data and Computing
Nummer 2
Band M8
ISSN 1383-469X
Monat April
Jahr 2003
Seiten 151-157
SCCH ID# 176
Abstract

In this paper we revisit the concept of mandatory access control and investigate its potential with personal digital assistants (PDA). Only if applications are clearly separated and Trojans cannot leak personal information can these PDAs become personal trusted devices. Limited processing power and memory can be overcome by using Web services instead of full-fledged applications a trend also in non-mobile computing. Web services, however, introduce additional security risks, some of them specific for mobile users. We propose an identification scheme that can be effectively used to protect privacy and show how this system builds upon a light-weight version of mandatory access control.