Information security threats and solutions in the mobile world: The service developer's perspective

Pasi Ahonen, Juhani Eronen, Jarkko Holappa, Jorma Kajava, Tiina Kaksonen, Kati Karjalainen, Kaarina Karppinen, Mikko Rapeli, Juha Röning, Anni Sademies, Reijo Savola, Ilkka Uusitalo, Timo Wiander

    Research output: Book/ReportReport

    Abstract

    This study examines the major information security threats relating to mobile services and solutions to these threats from the service developer's perspective. Research methods employed include interviews with enterprises, literature searches, expert opinions and extensive rounds of commentary. The fact that information security threats also concern mobile services and should be given serious consideration is the most important finding of the study. However, this does not mean information security issues would pose an obstacle to the development or introduction of mobile services. All information security issues need to be addressed at the very outset of the service development process. Methods and technological solutions that may also be utilized in mobile services have already been developed. Sets of instructions safeguarding e.g. the security of actions and processes are less readily available. The major information security threats facing developers of mobile services include the complexity of technological solutions, the illegal copying of content and programs, threats posed by the Internet, the different levels of various players in the service development process, and threats involving the identification of service users and servers and the confidentiality of information. Mobile services also involve other threats; however, since their significance to the service developer greatly depends on the nature of the service under development, it is difficult to assess the risks arising therefrom on a general level. The study describes alternative solutions to information security threats observed. Nevertheless, information security issues need to be examined individually for each service to be developed, as there are no universal solutions for information security. The service development process is addressed separately in the study and the significance of information security is expanded upon at each stage of the process from idea generation to service termination.
    Original languageEnglish
    Place of PublicationEspoo
    PublisherVTT Technical Research Centre of Finland
    Number of pages108
    ISBN (Electronic)951-38-6738-2
    ISBN (Print)951-38-6737-4
    Publication statusPublished - 2005
    MoE publication typeNot Eligible

    Publication series

    SeriesVTT Tiedotteita - Meddelanden - Research Notes
    Number2308
    ISSN1235-0605

    Fingerprint

    Developer
    Threat
    Information security
    Mobile services
    Development process
    Security issues
    Service development
    Underdevelopment
    Termination
    Confidentiality
    World Wide Web
    Copying
    Research methods
    Idea generation
    Expert opinion

    Keywords

    • information security
    • threats
    • wireless telecommunication
    • mobile services
    • mobile networks
    • mobile devices
    • authentication
    • Identification
    • privacy

    Cite this

    Ahonen, P., Eronen, J., Holappa, J., Kajava, J., Kaksonen, T., Karjalainen, K., ... Wiander, T. (2005). Information security threats and solutions in the mobile world: The service developer's perspective. Espoo: VTT Technical Research Centre of Finland. VTT Tiedotteita - Meddelanden - Research Notes, No. 2308
    Ahonen, Pasi ; Eronen, Juhani ; Holappa, Jarkko ; Kajava, Jorma ; Kaksonen, Tiina ; Karjalainen, Kati ; Karppinen, Kaarina ; Rapeli, Mikko ; Röning, Juha ; Sademies, Anni ; Savola, Reijo ; Uusitalo, Ilkka ; Wiander, Timo. / Information security threats and solutions in the mobile world : The service developer's perspective. Espoo : VTT Technical Research Centre of Finland, 2005. 108 p. (VTT Tiedotteita - Meddelanden - Research Notes; No. 2308).
    @book{14b1b1ad81a547689d0052d8d9318e8b,
    title = "Information security threats and solutions in the mobile world: The service developer's perspective",
    abstract = "This study examines the major information security threats relating to mobile services and solutions to these threats from the service developer's perspective. Research methods employed include interviews with enterprises, literature searches, expert opinions and extensive rounds of commentary. The fact that information security threats also concern mobile services and should be given serious consideration is the most important finding of the study. However, this does not mean information security issues would pose an obstacle to the development or introduction of mobile services. All information security issues need to be addressed at the very outset of the service development process. Methods and technological solutions that may also be utilized in mobile services have already been developed. Sets of instructions safeguarding e.g. the security of actions and processes are less readily available. The major information security threats facing developers of mobile services include the complexity of technological solutions, the illegal copying of content and programs, threats posed by the Internet, the different levels of various players in the service development process, and threats involving the identification of service users and servers and the confidentiality of information. Mobile services also involve other threats; however, since their significance to the service developer greatly depends on the nature of the service under development, it is difficult to assess the risks arising therefrom on a general level. The study describes alternative solutions to information security threats observed. Nevertheless, information security issues need to be examined individually for each service to be developed, as there are no universal solutions for information security. The service development process is addressed separately in the study and the significance of information security is expanded upon at each stage of the process from idea generation to service termination.",
    keywords = "information security, threats, wireless telecommunication, mobile services, mobile networks, mobile devices, authentication, Identification, privacy",
    author = "Pasi Ahonen and Juhani Eronen and Jarkko Holappa and Jorma Kajava and Tiina Kaksonen and Kati Karjalainen and Kaarina Karppinen and Mikko Rapeli and Juha R{\"o}ning and Anni Sademies and Reijo Savola and Ilkka Uusitalo and Timo Wiander",
    note = "Project code: E5SU00589",
    year = "2005",
    language = "English",
    isbn = "951-38-6737-4",
    series = "VTT Tiedotteita - Meddelanden - Research Notes",
    publisher = "VTT Technical Research Centre of Finland",
    number = "2308",
    address = "Finland",

    }

    Ahonen, P, Eronen, J, Holappa, J, Kajava, J, Kaksonen, T, Karjalainen, K, Karppinen, K, Rapeli, M, Röning, J, Sademies, A, Savola, R, Uusitalo, I & Wiander, T 2005, Information security threats and solutions in the mobile world: The service developer's perspective. VTT Tiedotteita - Meddelanden - Research Notes, no. 2308, VTT Technical Research Centre of Finland, Espoo.

    Information security threats and solutions in the mobile world : The service developer's perspective. / Ahonen, Pasi; Eronen, Juhani; Holappa, Jarkko; Kajava, Jorma; Kaksonen, Tiina; Karjalainen, Kati; Karppinen, Kaarina; Rapeli, Mikko; Röning, Juha; Sademies, Anni; Savola, Reijo; Uusitalo, Ilkka; Wiander, Timo.

    Espoo : VTT Technical Research Centre of Finland, 2005. 108 p. (VTT Tiedotteita - Meddelanden - Research Notes; No. 2308).

    Research output: Book/ReportReport

    TY - BOOK

    T1 - Information security threats and solutions in the mobile world

    T2 - The service developer's perspective

    AU - Ahonen, Pasi

    AU - Eronen, Juhani

    AU - Holappa, Jarkko

    AU - Kajava, Jorma

    AU - Kaksonen, Tiina

    AU - Karjalainen, Kati

    AU - Karppinen, Kaarina

    AU - Rapeli, Mikko

    AU - Röning, Juha

    AU - Sademies, Anni

    AU - Savola, Reijo

    AU - Uusitalo, Ilkka

    AU - Wiander, Timo

    N1 - Project code: E5SU00589

    PY - 2005

    Y1 - 2005

    N2 - This study examines the major information security threats relating to mobile services and solutions to these threats from the service developer's perspective. Research methods employed include interviews with enterprises, literature searches, expert opinions and extensive rounds of commentary. The fact that information security threats also concern mobile services and should be given serious consideration is the most important finding of the study. However, this does not mean information security issues would pose an obstacle to the development or introduction of mobile services. All information security issues need to be addressed at the very outset of the service development process. Methods and technological solutions that may also be utilized in mobile services have already been developed. Sets of instructions safeguarding e.g. the security of actions and processes are less readily available. The major information security threats facing developers of mobile services include the complexity of technological solutions, the illegal copying of content and programs, threats posed by the Internet, the different levels of various players in the service development process, and threats involving the identification of service users and servers and the confidentiality of information. Mobile services also involve other threats; however, since their significance to the service developer greatly depends on the nature of the service under development, it is difficult to assess the risks arising therefrom on a general level. The study describes alternative solutions to information security threats observed. Nevertheless, information security issues need to be examined individually for each service to be developed, as there are no universal solutions for information security. The service development process is addressed separately in the study and the significance of information security is expanded upon at each stage of the process from idea generation to service termination.

    AB - This study examines the major information security threats relating to mobile services and solutions to these threats from the service developer's perspective. Research methods employed include interviews with enterprises, literature searches, expert opinions and extensive rounds of commentary. The fact that information security threats also concern mobile services and should be given serious consideration is the most important finding of the study. However, this does not mean information security issues would pose an obstacle to the development or introduction of mobile services. All information security issues need to be addressed at the very outset of the service development process. Methods and technological solutions that may also be utilized in mobile services have already been developed. Sets of instructions safeguarding e.g. the security of actions and processes are less readily available. The major information security threats facing developers of mobile services include the complexity of technological solutions, the illegal copying of content and programs, threats posed by the Internet, the different levels of various players in the service development process, and threats involving the identification of service users and servers and the confidentiality of information. Mobile services also involve other threats; however, since their significance to the service developer greatly depends on the nature of the service under development, it is difficult to assess the risks arising therefrom on a general level. The study describes alternative solutions to information security threats observed. Nevertheless, information security issues need to be examined individually for each service to be developed, as there are no universal solutions for information security. The service development process is addressed separately in the study and the significance of information security is expanded upon at each stage of the process from idea generation to service termination.

    KW - information security

    KW - threats

    KW - wireless telecommunication

    KW - mobile services

    KW - mobile networks

    KW - mobile devices

    KW - authentication

    KW - Identification

    KW - privacy

    M3 - Report

    SN - 951-38-6737-4

    T3 - VTT Tiedotteita - Meddelanden - Research Notes

    BT - Information security threats and solutions in the mobile world

    PB - VTT Technical Research Centre of Finland

    CY - Espoo

    ER -

    Ahonen P, Eronen J, Holappa J, Kajava J, Kaksonen T, Karjalainen K et al. Information security threats and solutions in the mobile world: The service developer's perspective. Espoo: VTT Technical Research Centre of Finland, 2005. 108 p. (VTT Tiedotteita - Meddelanden - Research Notes; No. 2308).