Abstract:
In this chapter we present an overview of a general policy-based security architecture for securing the confidentiality, authenticity, and integrity of enterprise mobile commerce (m-commerce) data. A policybased architecture protects data based on content and sensitivity and highly surpasses the performance of bulk encryption protocols such as secure sockets layer (SSL) and transport layer security (TLS) by utilizing a customizable, policy-driven approach. This approach makes use of the structure of enterprise data objects (Web pages, relational database entities, directory hierarchies, log files, etc...) to provide flexible, multi-level, and fine-grained encryption and hashing methodologies. This makes policy-based security protocols a very efficient choice for operation in wireless m-commerce environments characterized by low-bandwidth networks and supporting limited-resource devices with low memory, battery, and processing power. © 2008, IGI Global.