-
Website S-Mobile.
-
Sponsor STW/Sentinels.
-
DurationJanuary 2007 until January 2011
-
Participants Universities: Vrije Universiteit Amsterdam, TU/e,
Industry: Philips, TNO Telecom
-
Contact Bruno Crispo (crispo@cs.vu.nl)
Project Synopsis
The objective of S-Mobile is to create a framework and technological solutions for trusted deployment and
execution of mobile applications in heterogeneous environments. While today the development of third party
applications for mobile platforms (i.e. mobile phones, cars, etc.) is tightly controlled by single entities
(i.e. telecom operators, mainly due to security risks), there is a need to open the software market of nomadic
devices (from smart phones to PDA, from RFID systems to cars) to third party applications with a higher degree
of assurance. S-Mobile will make this possible by extending the existing security model beyond the sandbox model
and by integrating mechanisms for trust management and credentials negotiation. A licence-based security mechanism
will lie at the core of the framework. A licence will be associated to each application stating in detail what are
the capabilities needed to be executed. A licence is a fine-grained claim done by a mobile application regarding
the interaction with relevant security and privacy features of a mobile platform. This licence should be published
by applications, understood by devices and all stakeholders (users, mobile operators, developers, platform developers, etc.).
The licence should be enforced at time of delivery and loading, and during execution of the application by the mobile
platform. The resulting new paradigm will not replace, but enhance existing security mechanism, and will provide a
flexible, simple and scalable security and privacy protection mechanism for future mobile systems. It will allow a
network operator and a user to decide what an application is allowed to do, prevent bad code from running, and allow
good code to be easily designed and deployed.
|
