Confidentiality

The term confidentiality can be used as a preventive action taken to restrict the entry

of the unauthorized users into the mobile device as well as the network system. To meet the

requirements of the privacy of ID, location, and data, there must exist a functionality that can

ensure the confidentiality of the privacy of the user.

The information contained in the SIM need to be encrypted due to the connection

between the BTS and MS. Ki, is the key which is contained in the A5 version used in the

encryption of the data and the information stored in the mobile device. An algorithm is also

being used to compute the 64- bit session by making use of the key Kc (Dieter, 1999).

Anonymity

3G and GSM provide anonymity by providing temporary basis identifiers to the

subscribers. When the user turns on their mobile device at that time, a unique number which

is connected to the network is ten used to identify the MS to the network after which a

temporary identity number is being generated to carry forward the future sessions. As per the

ETSI specification standard the network must always encrypt the TMSI before it transmit it o

the MS.

4.2Mobile Device Security Principle

This section of mobile device security will mainly deal with the security aspects

which are required to protect the loss of the data or information in case any physical or

internal damage is being made on the mobile device. The main objective of the mobile device

security system is to provide security to the mobile and the user from any form of

unauthorized access, the disclosure of personal information, disruption, recording or

destruction of the system.

Along with securing the mobile device, the added responsibility that comes with it is

to maintain the confidentiality of the data so that it is not misused by any unscrupulous
person or offender. The three major components of the mobile device security are comprised

of confidentiality, integrity, and availability which is together known as CIA (Furnell, 2009).

The main challenge of the security system is to deal with a huge set of database and

information of the user.

The confidentiality aspect of the mobile security is responsible for keeping the data

information of the user confidential from the unauthorized sources. For example, the mobile

security devices work on providing protection to the credit card information of the user stored

in the mobile phone during any transaction conducted through the mobile payment system so

that it cannot be intercepted by any third party.

An efficient mobile security device ensures that it encrypts the sensitive data of the

user while doing the monetary transaction in the mobile without disturbing the entire

transaction process. If the security system on the mobile device fails to do, then a breach of

confidentiality takes place which might lead to identity theft of the user along with a huge

financial loss that will be undertaken by the user. The confidentiality aspect is a major factor

in the security system of the mobile device but not the only factor.

Integrity is considered to be another strong and vital factor in the mobile security

system. The responsibility of the integrity factor is to safeguard the information within the

mobile system without detecting the entire modification of the mobile system.This implies

that the security device of the mobile allows only the authorized and trustworthy system to

access the information contained in the mobile.

There are also various ways through which the breach can take place within the

mobile device, and in most of the cases, it takes place through the message or certain set of

information which is changed in transit in the system. This can lead to severe damage to the

user. For example, if a user decides to make the purchase and monetary transaction in an

unauthorized system then there is a high chance that the information can be changed or the
access to the private information and financial details of the user gets comprised by the third

party. A secure device ensures the confidentiality of the information and the integrity of the

message. Only ensuring whether the information or the data stored tampers or not does end

the work of the mobile security system.

To ensure that the mobile system of the user is operating accurately and efficiently the

availability of the information as and when required must be ensured by the security system.

The principle of availability is depended on the system device that mainly stores the

information securely after the transaction is being done and ensuring that all the systems are

working accurately in providing protection to the data and information stored in the mobile

device. Thus if the information of a mobile device is kept confidential, integral and available,

it is said to be secure.

As there is risk associated with it so as the control process is also associated with the

mobile security threats. Challenges faced, and the solution of the security aspect will be dealt

in the next sections of this paper.