Abstract.
M{commerce is a new area arising from the marriage of elec-
tronic commerce with emerging mobile and pervasive computing tech-
nology. The newness of this area|and the rapidness with which it is
emerging|makes it dicult to analyze the technological problems that
m{commerce introduces|and, in particular, the security and privacy is-
sues. This situation is not good, since history has shown that security
is very dicult to retro{t into deployed technology, and pervasive m{
commerce promises (threatens?) to permeate and transform even more
aspects of life than e{commerce and the Internet has. In this paper, we
try to begin to rectify this situation: we oer a preliminary taxonomy
that unies many proposed m{commerce usage scenarios into a single
framework, and then use this framework to analyze security issues.
1 Introduction
In the last few years, advances in and widespread deployment of information
technology have triggered rapid progress in e{commerce. This includes automa-
tion of traditional commercial transactions (electronic retailing, etc.) as well
as the creation of new transaction paradigms that were infeasible without the means of widely deployed information technology. New paradigms include electronic auctioning of purchase orders, as well as novel, money{less transaction models such as Napster [14]. E{commerce has heightened the focus on security both of systems and also for messaging and transactions [7,11].
In much the same way, recent advances in handheld personal digital assis-
tants (PDAs), wireless communication technology [17,19,26], and pervasive infrastructure [8,12,10,25,21] promise to extend this rich, comfortable environment to mobile users, and potentially to erase the distinction between the \o{line" and \on{line" worlds. As with e{commerce, we expect to see both the migration of current transaction models, as well as the emergence of new models made
possible by this technology. Possible scenarios include

Download full report
http://citeseerx.ist.psu.edu/viewdoc/dow...1&type=pdf