UNTIL recently the world of computing and communications was simple and easy. Enterprise IT infrastructures were protected according to the so-called perimeter security model: its principle is to implement security at the network level using firewalls (see e.g. [2]), intrusion detection systems (e.g. Bro [8] and snort [9]), etc. Enterprises are turned into fortresses by building network walls to separate trustworthy and less trustworthy parts of the network; security is managed and enforced at the corresponding network borders. To a certain extent, this model may even cater with the changing working style; e.g., a mobile workforce using mobile devices for accessing corporate servers and databases to perform their daily business tasks. However, the security perimeter model does not work in a world of pervasive computing where interactions across enterprise domain boarders is the rule and not the exception. With pervasive computing we may envision scenarios where mobile devices host each and every application and the respective data but as well where applications and data are shared among mobile devices that belong to various administrative domains. To an extreme, a user may even download his applications and data onto a device in his surrounding, execute the application thereon and get the results back to his own device; without leaving any of his personal data on the device being used (this property is called oblivion [11]).
展开▼