Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    Building Trust From the User On Up

    By
    Larry Loeb
    -
    September 28, 2005
    Share
    Facebook
    Twitter
    Linkedin

      The Trusted Computing Group announced its plans on Tuesday to “enable trust and security in mobile phones and their applications.”

      The organization has created a set of use cases for mobile phone security and intends to have a publicly available specification based on these cases ready for dissemination in the first half of 2006. TCGs mobile phone workgroup includes Authentec, Ericsson, France Telecom, IBM, Infineon, Intel, Lenovo, Motorola, Nokia, Philips, Samsung, Sony, STMicroelectronics, Texas Instruments, VeriSign, Vodaphone and Wave Systems.

      They want to make mobile devices part of this trusted network, which makes perfect sense. Commerce does not happen just on desktops, after all. But the method they are using to devise the specifications for mobile devices is somewhat unusual for this kind of group: Theyre going from the bottom (user) upwards to the network. Theyre using the use case methodology.

      Use Cases

      This is a goal-oriented methodology popularized by Alistair Cockburn in his 2000 book, Writing Effective Use Cases.

      Actors are external entities (people or other systems) that interact with the system to achieve a desired goal. An Actor uses the system to achieve a desired goal. By recording all the ways the system is used (“cases of use” or Use Cases) we may accumulate all the goals or requirements of the system.

      A Use Case is a collection of possible sequences of interactions between the system under discussion and its Actors, relating to a particular goal. The collection of Use Cases should define all system behavior relevant to the actors to assure them that their goals will be carried out properly. It follows that any system behavior that is irrelevant to the actors should not be included in the use cases.

      Examining all the Actors goals that the system satisfies yields the functional requirements. Goals summarize system function in (hopefully) understandable verifiable terms of use that users, executives and developers can appreciate and so leave little open to interpretation.

      TCGs use cases

      The document released defines the usage of mobile phones in TCG-trusted environments, which means within the Trusted Network Connection framework. TCG says the use cases are intended to guide development of the future specification and to “solicit industry input to ensure TCG is meeting industry needs for security.” I guess thats industry-speak for “trial balloon”.

      The use cases defined include:

      • Platform integrity to ensure the hardware and software are in a state intended by the manufacturer.
      • Device authentication to protect and store identities of users and bind the device to the appropriate user.
      • Digital rights management implementation to protect content on the phone.
      • SIMlock/device personalization to ensure a device is locked to its network and prevents device theft.
      • Secure software download to enable the safe download of updates, patches and other software.
      • Secure channel between the device and UTMS Integrated Circuit Card (UICC) to help avoid malicious software that can interfere with applications or otherwise compromise it.
      • Mobile ticketing to enable the secure download of tickets and manage them.
      • Mobile payment to enable the secure execution of payments.
      • Software use to ensure that software is safe and if not, can be removed, replaced or not executed.
      • User data protection and privacy to allow users to prevent their information from being accessed or viewed by unauthorized entities and to give users access to services or data that might not require personal information.

      The full text of the use cases is available at www.trustedcomputinggroup.org.

      Larry Loeb was consulting editor for BYTE magazine and senior editor of WebWeek. He serves as a subject matter expert for the Department of Defenses Information Assurance Technology Analysis Center, and is on the American Dental Associations WG-1 and MD 156 electronic medical records working groups. Larrys latest book is “Hackproofing XML,” published by Syngress (Rockland, Mass.). If youve got a tip for Larry, contact him at nospamloeb-pbc@yahoo.com.

      Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Larry Loeb
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×