mobile electronic memos giovanni bartolomeo, university of rome tor vergata mike pluke, castel...
Post on 21-Dec-2015
216 views
TRANSCRIPT
Mobile Electronic MemosMobile Electronic Memos
Giovanni Bartolomeo, University of Rome Tor Vergata
Mike Pluke, Castel Consulting LTD
ETSI HF #53 18th Oct 2010, Lillesand, Norway
Page Page 22
AgendaAgenda
User information exchange as of today
What are Mobile Electronic Memos (MEMs)
What they are for?
Security, Privacy & Trust in MEMs
What is requested to be standardized?
Why it could be standardized by ETSI TC HF?
Page Page 33
User Information Exchange (Today)User Information Exchange (Today)
Increasing number of devices handling electronic formats
Many information bearers– GPRS, EDGE, UMTS, HSDPA, HSUPA– 802.3, WiFi, Bluetooth, IrDA– RFID, NFC, Visual codes– UICC, memory cards, USB sticks– USB cables, CD, DVD, …– notepad
Zillions of information daily exchanged by end users– Different kinds of devices do not “talk” each others, or they
“talk” one-to-one through different protocols– Interoperability often achieved by manual input: a time
consuming, error prone and tedious task– Barriers and limitations exists for differently able people
Page Page 44
User Information Exchange (Today)User Information Exchange (Today)
Page Page 55
User Information Exchange (Today)User Information Exchange (Today)
Page Page 66
User Information Exchange (Today)User Information Exchange (Today)
Page Page 77
User Information Exchange (Today)User Information Exchange (Today)
Page Page 88
Tomorrow: Mobile Electronic MemosTomorrow: Mobile Electronic Memos
MEMs are open and versatile aggregators of information, and, at the same time, a simple, cheap and fast information transfer medium– between different kinds of devices– through different types of information bearers
As machine understandable data structure associated with specific classes of information, they are more than a simple presentation format (i.e. MMS)– When received on an end user device, depending upon the device type, they
allow different kinds of interaction, based on the information they transport
They can be produced by service providers as well as by end users
In addition, they allow a number of Security Privacy & Trust (SP&T) features
Page Page 99
Tomorrow: Mobile Electronic MemosTomorrow: Mobile Electronic Memos
MEMs are more than a presentation format…Automatically captured from the environment (e.g. through a visual code, bar code, RFID tag, etc.)Used to transfer information (GPS coordinates and addresses, URIs, multimedia, calendar information, personal information,…)Given as input to services and applications (e.g. a navigator, an automatic check-in machine, a web browser, a scheduler, an infotainment device…)Stored in local memory or remote databases for future useShared with other users, commented, tagged and ranked in social communitiesSent asynchronously to a friend or a group of friends, similarly to multimedia messages
Page Page 1010
Mobile Electronic MemosMobile Electronic Memos
Page Page 1111
Mobile Electronic MemosMobile Electronic Memos
Page Page 1212
Mobile Electronic MemosMobile Electronic Memos
Page Page 1313
Mobile Electronic MemosMobile Electronic Memos
ScheduleFeb 19 2009
h 3,30pmV.Politecnico,1Rome, Italy
Gps: 41.8555 12.6242
Play audio-only version
Show text
Call +39 06 72597774
http://portal.etsi.org/STFs…Cast event
Buy e-ticket
Capture
Show slides
Page Page 1414
Mobile Electronic Memos:Mobile Electronic Memos: SP&T SP&T FeaturesFeatures
MEMs or part thereof may be digitally signed - and optionally encrypted - by the creator (or the sender), allowing the recipient to verify the integrity of the data and the identity of their creator (or sender)
MEMs can be signed/encrypted by service providers as well as by end users, in a secure way– e.g. directly from mobile phones using a secret key contained in their USIM
[see prototype by Sagem Orga & Telecom Italia based on OMA SCWS]
MEMs may implement – spam/phishing prevention– non-repudiation capability– confidentiality– proof of purchases and subscriptions
Page Page 1515
ConclusionsConclusions
MEMs are open and versatile aggregators of information, and, at the same time, a simple, cheap and fast information transfer medium
Compatible with existing standard technologies, they foster convergence of several different services and applications in an easy and straightforward way
They provide users with a rich and compelling experience, avoid manual inputs and facilitate differently able people
In addition, their security features (signature, hashing and encryption) may be usefully adopted to – prevent from spam and phishing– implement non-repudiation capability– keep confidential information– proof a purchase or a subscription …
Mobile Electronic MemosMobile Electronic MemosRequest for StandardizationRequest for Standardization
Giovanni Bartolomeo, University of Rome Tor Vergata
Mike Pluke, Castel Consulting LTD
ETSI HF #53 18th Oct 2010, Lillesand, Norway
Page Page 1717
What is requested to be What is requested to be standardizedstandardized
In scope– Define a set of Information: core information and meta-information (including security
related)– Define a canonical schema, including mechanisms to extend MEM to new classes of
information– Identify possible stakeholders, roles (creator, sender, recipient, commenter, etc.) and tasks– Identify bindings to existing standards (devices, networks, data formats and distribution
mechanisms)– Provide primary Security, Privacy & Trust features: integrity check, digital signature,
confidentiality, expiration, non-repudiation capability, etc. – Provide accessibility guidelines for MEMs
ALL of these aspects pertain to the MEM concept and abstract from– Specific hardware, software, network architecture– Specific protocols and channels for message exchange or content distribution– Specific mechanisms for data creation, capture and storage
… standardized in other TCs / SDOs
Our goal is to avoid overlapping with other SDOs, but build on top of existing standards to facilitate convergence and backward compatibility
Page Page 1818
Why ETSI TC HF?Why ETSI TC HF?
The MEM concept has evolved from three EU co-funded projects– SIMPLICITY, IST 2004-507 558– Simple Mobile Services, IST 2006-034 620– CONVERGENCE, FP7-257 123
Concept and core parts of MEM could be standardized in ETSI TF HF– Vision, scenarios, definition of stakeholders, core information, usage and
accessibility guidelines, main SP&T aspects pertain Human Factors
– TC HF has widely investigated standards for user identification (agnostic to specific devices)
• EG 284 004, EG 202 249, EG 202 067, EG 203 072, TS 184 002
Non repudiation capability, spam/phishing prevention, information confidentiality, proof of purchase and subscription are heavily based on user identification mechanisms, due to “cross-device” nature of MEMs
– TC HF has already an experience in standardization of information for user profiles • EG 202 325, ES 202 746, TS 102 747
– TC HF has also experience on E-Health, In-car ICT, accessibility for impaired and differently able people
• EG 202 848, EG 202 191, EG 202 048, ES 202 642, TR 102 762
Mobile Electronic MemosMobile Electronic MemosThank You!Thank You!
Giovanni Bartolomeo, University of Rome Tor [email protected]
Mike Pluke, Castel Consulting [email protected]
ETSI HF #53 18th Oct 2010, Lillesand, Norway