Building Trust From the User On Up

Opinion: The Trusted Computing Group is addressing mobile phone security by employing "use case" methodology to craft a specification.

The Trusted Computing Group announced its plans on Tuesday to "enable trust and security in mobile phones and their applications."

The organization has created a set of use cases for mobile phone security and intends to have a publicly available specification based on these cases ready for dissemination in the first half of 2006. TCGs mobile phone workgroup includes Authentec, Ericsson, France Telecom, IBM, Infineon, Intel, Lenovo, Motorola, Nokia, Philips, Samsung, Sony, STMicroelectronics, Texas Instruments, VeriSign, Vodaphone and Wave Systems.

They want to make mobile devices part of this trusted network, which makes perfect sense. Commerce does not happen just on desktops, after all. But the method they are using to devise the specifications for mobile devices is somewhat unusual for this kind of group: Theyre going from the bottom (user) upwards to the network. Theyre using the use case methodology.

Use Cases

This is a goal-oriented methodology popularized by Alistair Cockburn in his 2000 book, Writing Effective Use Cases.

Actors are external entities (people or other systems) that interact with the system to achieve a desired goal. An Actor uses the system to achieve a desired goal. By recording all the ways the system is used ("cases of use" or Use Cases) we may accumulate all the goals or requirements of the system.

A Use Case is a collection of possible sequences of interactions between the system under discussion and its Actors, relating to a particular goal. The collection of Use Cases should define all system behavior relevant to the actors to assure them that their goals will be carried out properly. It follows that any system behavior that is irrelevant to the actors should not be included in the use cases.

Examining all the Actors goals that the system satisfies yields the functional requirements. Goals summarize system function in (hopefully) understandable verifiable terms of use that users, executives and developers can appreciate and so leave little open to interpretation.

TCGs use cases

The document released defines the usage of mobile phones in TCG-trusted environments, which means within the Trusted Network Connection framework. TCG says the use cases are intended to guide development of the future specification and to "solicit industry input to ensure TCG is meeting industry needs for security." I guess thats industry-speak for "trial balloon".

The use cases defined include:

  • Platform integrity to ensure the hardware and software are in a state intended by the manufacturer.
  • Device authentication to protect and store identities of users and bind the device to the appropriate user.
  • Digital rights management implementation to protect content on the phone.
  • SIMlock/device personalization to ensure a device is locked to its network and prevents device theft.
  • Secure software download to enable the safe download of updates, patches and other software.
  • Secure channel between the device and UTMS Integrated Circuit Card (UICC) to help avoid malicious software that can interfere with applications or otherwise compromise it.
  • Mobile ticketing to enable the secure download of tickets and manage them.
  • Mobile payment to enable the secure execution of payments.
  • Software use to ensure that software is safe and if not, can be removed, replaced or not executed.
  • User data protection and privacy to allow users to prevent their information from being accessed or viewed by unauthorized entities and to give users access to services or data that might not require personal information.

The full text of the use cases is available at

Larry Loeb was consulting editor for BYTE magazine and senior editor of WebWeek. He serves as a subject matter expert for the Department of Defenses Information Assurance Technology Analysis Center, and is on the American Dental Associations WG-1 and MD 156 electronic medical records working groups. Larrys latest book is "Hackproofing XML," published by Syngress (Rockland, Mass.). If youve got a tip for Larry, contact him at


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.