Trusted Computing in Mobile Action

Due to the convergence of various mobile access technologies like UMTS, WLAN, and WiMax the need for a new supporting infrastructure arises. This infrastructure should be able to support more efficient ways to authenticate users and devices, potentially enabling novel services based on the security provided by the infrastructure. In this paper we exhibit some usage scenarios from the mobile domain integrating trusted computing, which show that trusted computing offers new paradigms for implementing trust and by this enables new technical applications and business scenarios. The scenarios show how the traditional boundaries between technical and authentication domains become permeable while a high security level is maintained.Comment: In: Peer-reviewed Proceedings of the Information Security South Africa (ISSA) 2006 From Insight to Foresight Conference, 5 to 7 July 2006, Sandton, South Afric

Trustworthy content push

Delivery of content to mobile devices gains increasing importance in industrial environments to support employees in the field. An important application are e-mail push services like the fashionable Blackberry. These systems are facing security challenges regarding data transport to, and storage of the data on the end user equipment. The emerging Trusted Computing technology offers new answers to these open questions.Comment: 4 pages, 4 eps figure

On the deployment of Mobile Trusted Modules

In its recently published TCG Mobile Reference Architecture, the TCG Mobile Phone Work Group specifies a new concept to enable trust into future mobile devices. For this purpose, the TCG devises a trusted mobile platform as a set of trusted engines on behalf of different stakeholders supported by a physical trust-anchor. In this paper, we present our perception on this emerging specification. We propose an approach for the practical design and implementation of this concept and how to deploy it to a trustworthy operating platform. In particular we propose a method for the take-ownership of a device by the user and the migration (i.e., portability) of user credentials between devices.Comment: To appear in: Proceedings of the Wireless Communications and Networking Conference, IEEE WCNC 2008, Las Vegas, USA, 31 March - 2 April 200

The usability of knowledge based authentication methods on mobile devices

Mobile devices are providing ever increasing functionality to users, and the risks associated with applications storing personal details are high. Graphical authentication methods have been shown to provide better security in terms of password space than traditional approaches, as well as being more memorable. The usability of any system is important since an unusable system will often be avoided. This thesis aims to investigate graphical authentication methods based on recall, cued recall and recognition memory in terms of their usability and security

Trusted computing in mobile action

Due to the convergence of various mobile access technologies like UMTS, WLAN, and WiMax the need for a new supporting infrastructure arises. This infrastructure should be able to support more efficient ways to authenticate users and devices, potentially enabling novel services based on the security provided by the infrastructure. In this paper we exhibit some usage scenarios from the mobile domain integrating trusted computing, which show that trusted computing offers new paradigms for implementing trust and by this enables new technical applications and business scenarios. The scenarios show how the traditional boundaries between technical and authentication domains become permeable while a high security level is maintained