From mobile phones to responsible devices

Mobile phones have evolved from simple voice terminals into highly-capable, general-purpose computing platforms. While people are becoming increasingly more dependent on such devices to perform sensitive operations, protect secret data, and be available for emergency use, it is clear that phone operating systems are not ready to become mission-critical systems. Through a pair of vulnerabilities and a simulated attack on a cellular network, we demonstrate that there are a myriad of unmanaged mechanisms on mobile phones, and that control of these mechanisms is vital to achieving reliable use. Through such vectors, mobile phones introduce a variety of new threats to their own applications and the telecommunications infrastructure itself. In this paper, we examine the requirements for providing effective mediation and access control for mobile phones. We then discuss the convergence of cellular networks with the Internet and its impact on effective resource management and quality of service. Based on these results, we argue for user devices that enable predictable behavior in a network-where their trusted computing bases can protect key applications and create predictable network impact. Copyright (C) 2010 John Wiley & Sons, Ltd.