A Dynamic user Dependent Security Policy Framework for Mobile Commerce Applications
Main Article Content
Abstract
Mobile-commerce is the ability to perform commercial transactions using mobile phones or other wireless devices on the move. It is a
major application domain for mobile devices where applications require a high level of security. Generally, either server operating system or
application authority for the specific user about its behavior to access the applications after authentication enforces security policies. In this proposed
framework, users submit their policy through its mobile device to the policy server (PS) after preliminary authentication assigned by the application
authority. The trust of user device is analyzed using authentication protocol in addition to the feasibility of user submitted policy to the application.
The levels of security are also changed depending on the user type accessing the applications. User types are identified using the ip addresses that are
stored in the database on the server side. User can change its policy any time from its location as well as increases its levels of security after mutual
concern from the application authority. In this paper, user policy submission protocol is developed for the m-commerce applications.
Â
Keywords: M-Commerce, Security, Authentication, Policy Server, Protocol, Repudiation
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.