There are several steps that can be taken in
designing for security in mobile computing networks and applications:
Physical Security, Policies and
Procedures
There is no point in implementing expensive hi-tech security systems while the
physical security of end user devices, base stations, and information servers is
ignored. A notebook left in the back seat of an unlocked car is an obvious and
only too common security violation that should be discouraged in the strongest
possible terms.
This potential problem will soon be exacerbated
with the advent of inexpensive PCS/PCN micro-cells located in small and
unattended sites throughout communities.
Application and System Assisted Security
The use of user passwords and similar mechanisms is very common method of
ensuring security. We shall not dwell on these techniques here. Instead, we
shall concentrate on mobile computing security issues.
Dial Back as a Security Technique
Remote access type mobile computing applications can incorporate dial back
technique where users and their location are known. Many hardware-based security
servers provide this feature.
Firewalls � Security Servers at the Host
Many specialized security companies are providing security servers that can be
installed at the corporate host server. Several Remote Access Servers also
provide this functionality as an integral part of the communications server.
Cylink is well-known for providing RAS security products in wireline remote
access environment. You may get more information from their web site.
Racal�s Guardata Watchword II token offers
convenient alternatives to passwords based on common names, birthdays, etc. When
using WatchWord II, critical information is never entered in clear. The
operating principle is based on the challenge/response mechanism described in
the ANSI X9.26 secure sign-on standard. The user enables the token by entering a
PIN. The WatchWord Generate process takes a digital challenge from the host
computer system entered into the token � which then generates a seven-digit
response: a one-time password. The response is calculated from the challenge
using the DES cryptographic process. There is a security controller or server at
the host between the modem pool and the information server. It is anticipated
that the next generation of security products will integrate security into the
modem or communications server products.
Now, wireless security servers are being provided
by companies such as Certicom, Diversinet, Entrust (subsidiary of Nortel),
Sonera's SmartTrust (for m-commerce), etc.. Please see references to these
vendors further down in the page).
| 
