Design of Secure Mobile Application on Cellular Phones

Cellular data services have become popular in Japan. These services are based on the first generation security model for cellular phones. The model has server authentication, data encryption, application integrity check and user authentication. This paper discusses the security functions and evaluates the security features of an application on cellular phones. The evaluation shows that real usage is important to identify security related functions needed for wide range of users. We raise those issues in this paper. We also discuss the enhanced security model targeted for next generation cellular phones and describe topics for future research.