Abstract
M—commerce is a new area arising from the marriage of electronic commerce with emerging mobile and pervasive computing technology. The newness of this area—and the rapidness with which it is emerging—makes it difficult to analyze the technological problems that m–commerce introduces—and, in particular, the security and privacy issues. This situation is not good, since history has shown that security is very difficult to retro—fit into deployed technology, and pervasive m– commerce promises (threatens?) to permeate and transform even more aspects of life than e–commerce and the Internet has. In this paper, we try to begin to rectify this situation: we offer a preliminary taxonomy that unifies many proposed m–commerce usage scenarios into a single framework, and then use this framework to analyze security issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, R., Kuhn, M. Tamper Resistance—A Cautionary Note. 2nd USENIX Workshop on Electronic Commerce, 1996.
Anderson, R., Kuhn, M. Low-Cost Attacks on Tamper Resistant Devices. Preprint, 1997.
Camp, L.J. Reliability, Security, and Privacy in Electronic Commerce. Ph.D. thesis. Engineering and Public Policy, Carnegie Mellon University.
Camp, L.J., Sirbu, M., and Tygar, J.D. Token and Notational Money in Electronic Commerce. First USENIX Workshop on Electronic Commerce. July 1995.
Chari, S., Kaiserswerth, M., Rao, J.R. Network Security Issues in Pervasive Computing Devices. IBM Research Report RC 21592.
Chaum, D. Security without Identi-cation: Transaction Systems to Make Big Brother Obsolete. Communications of the ACM, 28:1033–1044. October 1985.
Dierks, T., Allen, C. The Transport Layer Security Protocol. IETF Request For Comments 2246. Available online at ftp://ftp.isi.edu/in-notes/rfc2246.txt.
Hochberg, J., Smith, S., et. al. Kiosk Security Handbook. Los Alamos Unclassified Release LA-UR-95-1657, 1995. Los Alamos National Laboratory.
Kent, S., Atkinson, R. Security Architecture for the Internet Protocol. IETF Request for Comments 2401. Available online at ftp://ftp.isi.edu/in-notes/rfc2401.txt.
Kleinrock, L. Nomadic Computing & Smart Spaces. Keynote speak at Infocom 2000, Tel Aviv, Israel, March 2000. http://www.cse.ucsc.edu/ rom/infocom2000/.
The Mondex Electronic Cash Scheme. Documentation available online at http://www.mondex.com.
National Institute of Standards and Technology. Security Requirements for Cryptographic Modules, Federal Information Processing Standards Publication 140-1. 1994.
The NTT DoCoMo i-mode applications. Documentation available online at http://www.nttdocomo.com/imode.
The Official Bluetooth SIG Website. Online at http://www.bluetooth.com.
Salonidis, T., Bhagwat, P., Tassiulas, L., LaMaire, R. Distributed Topology Construction of Bluetooth Personal Area Networks Preprint.
Satyanarayanan, M. Caching Trust Rather than Content. Carnegie Mellon University. Preprint, 2000.
Satyanarayanan, M. Fundamental Challenges in Mobile Computing. Fifteenth ACM Symposium on Principles of Distributed Computing May 1996, Philadelphia, PA Revised version appeared as:“Mobile Computing: Where’s the Tofu?” Proceedings of the ACM Sigmobile April 1997, Vol. 1, No. 1.
Smith, S. Expressing and Enforcing Robust Behavior for Electronic Objects. The Federal Networking Council/MIT Internet Privacy and Security Workshop. May 1996. (Also: Los Alamos Unclassified Release LA-UR-96-1238.)
Smith, S., Weingart, S. Building a High-Performance, Programmable Secure Coprocessor. Computer Networks (Special Issue on Computer Network Security). 31: 831–860. April 1999.
Weingart, S. Physical Security Attacks and Defences. Cryptographic Hardware and Embedded Systems, August 2000.
Weiser, M. The World is not a Desktop. Interactions, Jan. 1994, pp. 7–8
The Wireless Applications Protocol Suite. Specifications available online at http://www.wapforum.org.
Yee, B.S.. Using Secure Coprocessors. Ph.D. thesis. Computer Science Technical Report CMU-CS-94-149, Carnegie Mellon University. May 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Chari, S., Kermani, P., Smith, S., Tassiulas, L. (2001). Security Issues in M—Commerce: A Usage—Based Taxonomy. In: Liu, J., Ye, Y. (eds) E-Commerce Agents. Lecture Notes in Computer Science, vol 2033. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45370-9_16
Download citation
DOI: https://doi.org/10.1007/3-540-45370-9_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41934-1
Online ISBN: 978-3-540-45370-3
eBook Packages: Springer Book Archive