Abstract | The recent proliferation of e-services on the Internet (e.g. e-commerce, e-health) and the increasing attacks on them by malicious individuals have highlighted the need for e-service security. E-services on the mobile Internet (mi-services) are no exception. However, for mi-services, the level and type of security may depend on the user's security preferences for the service, the power of the mobile platform, and the location of the mobile platform (we label these UPL). For example, if the user is traveling through a particularly dangerous area known for previous attacks, the security protection should be adjusted to use mechanisms that are resilient to these attacks. We propose the use of a security policy that allows for various security options commensurate with UPL, in conjunction with a context-aware security policy agent that notifies the service provider to activate new security appropriate to a change in UPL. |
---|