|Witness contributes application-level security for Mobile Business to 3rd Generation Wireless Networks. The project's focus is security platforms and security services in mobile devices and smart cards; suitable interfaces to applications will allow integrating application-level security to wireless applications like mobile business. The project's focus is enterprise applications, which will lay the technological foundation for maintaining Europe's leadership in Mobile Commerce.
Witness aims at enabling secure mobile applications of third-party application providers in 3G wireless networks by providing technology for application level security. The project focus is technology that allows application providers to set up their own security solutions for mobile applications. This will be achieved by providing security platforms and security services in mobile devices and smart cards, such that application-level security becomes possible. Witness will achieve the highest possible level of mobile security, a prerequisite for mobile enterprise applications, which have particularly high security requirements.
WiTness aims at interfacing mobile applications with existing security infrastructures and security components: suitable infrastructures and security modules such as smart cards are available in GSM/UMTS. We will provide the flexibility needed for using them: the main technical challenges are integration on one hand, and providing flexible, application-level security services on the other. The project starts with a requirements analysis for determining the security needs for mobile business applications.
This will lead to the definition of mobile business architecture. The technical core work of the project focuses on three components:
1. Technology for re-using the GSM/UMTS security infrastructure in the form of applications in (U)SIMs: these will allow to provide security services to mobile applications over suitable protocols;
2. Provision of platforms and interfaces in mobile devices that interface security services with applications;
3. Interfaces and Gateways based on open standards that allow secure mobile access to application servers. The secure use of mobile applications based on Witness technology will be validated in a pilot application. The achieved results will be disseminated to consortia and standards bodies to ensure wide acceptance and usage of the technological basis established by Witness.
1. Security requirements of mobile applications are identified;
2. A Mobile Business Security Architecture is defined;
3. Prototype implementations on smart cards, mobile devices, and application servers are ready;
4. Secure access to corporate applications over public mobile networks is possible;
5. Project results are validated in the pilot application;
6. Project results have been disseminated into consortia and standards bodies.