A mobile device management framework for secure service delivery

Abstract

In a mobile ubiquitous environment, service interactions between a user device and a service provider should be secure, regardless of the type of device used to access or consume a service. We present a Secure Device Management Framework (SDMF), designed to securely deliver services to user devices, whilst also hiding (some of) the complexity of security management from users. Key to this framework is the Device Management Entity (DME), that manages a user device's security credentials, and interacts with service providers on its behalf. This framework also provides users with assurance that a compromised device cannot consume the delivered service, and, at the same time, prevents users from illegally sharing their credentials with other users. We achieve these objectives using Trusted Computing functionality and certain other security mechanisms.