19.1 What Is Advanced Mobile Security?The three most important aspects of mobile security are data confidentiality, access control and device security. 19.1.1 Content-Based SecurityHTTP Authentication headers, HTTPS, SSL (Secure Socket Layer), and TLS (Transaction Layer Security) are connection-based security protocols. The basic idea is to secure communication channels and hence secure everything that passes through those channels. However, this approach has several problems:Direct connection between the client and server must be established: If our application has multiple intermediaries to provide value-added services, multiple HTTPS connections must be piped together. That not only opens potential security holes at connecting nodes, but also creates a public key certificate management nightmare. Figure 19.1 illustrates a mobile transaction involving multiple intermediaries. Figure 19.1. A mobile transaction involving multiple intermediaries.![]() Other connection channel-based security technologies, such as Virtual Private Network (VPN), have similar problems. For future mobile commerce applications, we must secure content rather than channels. 19.1.2 Distributed Access ControlMobile applications often interact with multiple backend servers, pull information from them as needed, and assemble personalized displays for users. Each information service provider might have its own user authentication and authorization system. It is a major inconvenience for mobile users to sign on to each backend server manually.One way to combat this problem is through the use of single sign-on services. Single sign-on servers manage user profiles and provide time-stamped access tokens, such as Kerberos tickets, to authenticated users. The user presents the token when requesting services. Service providers use the single sign-on servers to validate tokens. Figure 19.2 illustrates that process. Being a one-to-one protocol, HTTPS is unfit in single sign-on schemes. Figure 19.2. Sign-on process involving an authentication server.![]() Chapter 3 utilizes a very simple single sign-on scheme based on SOAP Web Services. The tokens used in iFeedBack are neither encrypted nor signed.Single sign-on domains can form alliances and federations. Allied domains recognize tokens from each other. Important single sign-on alliances include Microsoft .Net Passport and Sun Microsystems' Liberty Alliance Project. Figure 19.3 illustrates the structure of federated single sign-on domains. To integrate into single sign-on service domains, smart mobile clients must be able to handle security tokens. Those tokens are often cryptographic hashes with attached digital signatures. Figure 19.3. Federation of single sign-on domains.![]() 19.1.3 Device SecurityMobile devices are easy to steal or lose. We must prevent nonauthorized personnel from accessing a device's sensitive data. For example, your company's financial data or private keys should not be recovered from a stolen mobile device. On-device information security is one of the most important challenges we face today.HTTPS does not support on-device information security. Mobile clients are responsible for protecting their own data. Strong password-based encryption protects on-device information. |