Security, Privacy, and Trust in Mobile Systems

Abstract

Access to general purpose information and communication technology (ICT) is not equally distributed on our planet: developed countries represent about 70% of all Internet users, while its percentage of Internet hosts has raised from 90% in 2000 to about 99% in 2002. Things change dramatically if we look at mobile and wireless technology: developing countries already represent about 40% of mobile connections in 2000, with a foreseen growth rate that is faster in developing countries than in developed ones in the period 2000-2005 (mainly due to India and the People’s Republic of China). This trend is driven by the new perspectives offered by mobile electronic technology applications that provide an alternative to poor telecommunication infrastructures still common in many developing countries. The technological evolution in wireless data communications is introducing a rich landscape of new services relying on three main technologies: • proximity (or personal) area networks (PANs), composed of personal and wearable devices capable of automatically setting up transient communication environments (also known as ad hoc networks); • wireless local area network technologies (WLANs); and • a third generation of mobile telecommunications (3G), gradually replacing General Packet Radio Service (GPRS) and the related set of technologies collectively called “2.5 Generation” (2.5G). PAN is a new technology bringing the “always connected” principle to the personal space. On the other hand, 3G systems and WLANs have coexisted for a while; what is new is their interconnection, aimed at decoupling terminals and applications from the access method. 3G mobile networks already provide video-capable bandwidth, global roaming for voice and data, and access to Internet-rich online content. Thanks to their increasing integration, PANs, WLANs, and 3G networks will extend the user’s connectivity in a complementary and hierarchical manner; in the fullness of time, they will provide all the functionalities of an Integrated Services Multimedia Network (ISMN), enabling a whole set of new business models and applications. The fusion of these technologies will eventually result in an ultimate ubiquitous wireless system that will be operated from anywhere, including homes, business locations, vehicles, and even commercial aircrafts. However, although wireless communications provide great flexibility and mobility, they often come at the expense of security. Indeed, wireless communications rely on open and public transmission media that expose new vulnerabilities in addition to the security threats found in wired networks. A number of specific open issues and even inherent dangers, some of which had been already identified and described in the early stages of wireless technology adoption, are yet to be solved (Howard, 2000). For instance, with wireless communications, important and vital information is often placed on a mobile device that is vulnerable to theft and loss. In addition, information is transmitted over the unprotected airwaves, and finally, 3G networks are getting smaller and more numerous, causing opportunities for hackers and other abusers to increase.