Database Security Meets Mobile Requirements

Mobile work including mobile devices and wireless links comprehends a row of problems concerning security issues like availability, conndentiality, and accountability. Mobile processed information in database systems are distributed, heterogeneous, and repli-cated. They are endangered by various threats based on user's mobility and restricted mobile resources of portable devices and wireless links. Since mobile circumstances can be very dynamic, standard protection mechanisms do not work very well in such an environment. This paper presents various possibilities of an adaptation in order to dynamically adjust security belonging to changing contexts and to consider characteristics of the data. The purpose is achieving both, suitable protection and saving mobile resources. 1 Mobile Database Security Mobile work using mobile devices and wireless links comprehends a row of problems concerning security issues like availability, conndentiality, integrity and accountability. These requirements occur for network components as well as database systems. Mobile work including mobile database access makes ubiquitous computing, anywhere and anytime possible. The mobility requires suitable hardware and software. Mobile devices like handhelds connected via wireless networks support mobile users, especially in connection with position searching tools. New risks and challenges for security and privacy occur in this environment. The goal is the protection of mobile users and their data. Security measures must take into account the distribution of data and their heterogeneous handling regarding to security models. Scarce mobile resources make insecure communication necessary to replicate used data and increase the risk of restricting or dismissing security measures. 1.1 Mobile Conditions Mobile work is context-sensitive work with contexts describing environmental characteristics and the relationships between them. In Lubinski, 1998], the special problems of database systems in such a mobile environment are described more detailed. In this section , we summarize the main mobile circumstances causing various threats. Applications and required data are location dependent, but their access must be location transparent. Determined tasks are applicable on special whereabouts. The mobile infrastructure