operations and hash functions, especially the ones operated on a mobile device MB01, PBD01, SV97. This can reduce computational and communication load at the mobile users. However, different kinds of cryptographic operations provide different levels of security. Public-key operations provide non-repudiation property whereas symmetric-key operations do not 18. Hence, deploying a symmetric- key based payment protocol in the payment system results in the lack of the non-repudiation property As a result, enabling mobile payment seems to be a tradeoff between its transaction performance and security.
The rapid expansion of both the wireless network technologies and the capacity of mobile computing devices has created a new work environment. With the support of wireless networks and mobile computing devices, people can carry out their work while being on the move. The environment for accessing and processing information is rapidly ranging from stationary to mobile and location independent. This new work environment, called the mobile work environment, provides people a flexible and efficient work environment.
At present, many types of mobile computing devices such as laptops and personal digital assistants (PDA) are available. The computing capacities of these mobile devices become more and more powerful in terms of processing speed, storage capacity and operating time. As a result, these mobile computing devices are becoming the essential work equipments. At the same time, many wireless network technologies are also developed and deployed, for example Bluetooth, wireless USB, wireless LAN or Universal Mobile Telecommunications System (UMTS).
The main objective of this thesis is to study and design a new transaction processing system in mobile and heterogeneous environments. We must deal with a variety and heterogeneity of electronic devices, equipments (e.g., laptops, PDAs, mobile phones) and database models. In addition, the mobility of mobile devices and the lack of connectivity of these mobile devices must also be taken into account.
The hypothesis of this research work is:
To be able to support a transaction processing system to efficiently deal with different surrounding conditions that are contextualized by the characteristics of the mobile environments.
The main research question of this thesis is:
How can we furnish a transaction processing system so that it can cope with the constraints of mobile resources and the variations of operating conditions in mobile environments?
This thesis will able to answer the research question.
Research plans of this thesis
First, we approached the problem by studying new challenges that are the results of the changes of the transaction processing environments from centralized, via distributed to mobile environments. Then, we shall survey and analyze existing transaction models and transaction processing systems that have been developed to attack these challenges. We addressed in detail the limitations of these reviewed transaction models.
The first part of the thesis, which includes Chapters 1 (this chapter), Z, 3 and4, will contribute the results of this research phase.
Second, we will propose new concepts of mobile affiliation workgroups that focus on supporting data sharing among transactions at mobile hosts in a volatile mobile environment. Using this model as a starting point, we began developing a data sharing mechanism for mobile transactions and then formalized our mobile transaction processing system. The results of this research phase will contribute Chapters 5 and 6 this thesis.
Finally, we will design our proposed mobile transaction architecture that plays a role as a proof of concept of our theoretical research. There will be two important system components of our proposed model for mobile transaction architecture – that are: (1) :le mobile locking system to deal with the disconnections of mobile hosts, and (2) the mobile data sharing mechanism to support sharing of data among mobile transactions. This practical prototype will contribute Chapter 7 in this thesis.
Objectives of the Thesis
The objectives of this thesis are presented in three levels of reasoning and securing mobile payment: formal model, framework, and protocol.
• Formal model: we aim to develop a formal payment model for a practical and secure mobile payment system. The model defines characteristics and interactions among engaging parties, how the money is transferred, and important properties for a practical and secure mobile payment system.
• Framework: we aim to develop a payment framework which is suitable for wireless environments. The framework not only enhances transaction performance of a payment protocol operating on it, but also provides secure transactions. In addition, the proposed framework satisfies the proposed formal model.
• Protocol: at protocol level, our objectives are shown as follows:
– Develop a secure cryptographic technique which not only increases
Transaction performance while applying it to a mobile payment protocol, but the protocol also satisfies transaction security properties stated in the proposed formal model.
– Design non proxy-based payment protocols for both account-based and token-based payment transactions. The proposed protocols satisfy the proposed mobile payment model by applying the proposed cryptographic technique to them. The proposed protocols offer both secure and practical mobile payment in that:
? They are secure in that they satisfy transaction security properties including accountability property.
? They are practical in that they have higher transaction performance than that of existing non proxy-based payment protocols when operating on low computational capability mobile devices.
? Not only the proposed protocols have higher transaction per- formance and security than existing non proxy-based mobile payment protocols, but applying them to the proposed frame- work also offers higher performance and security than existing mobile payment systems.
– Validate the practicability of the proposed mobile payment protocols by implementing a mobile payment system based on the proposed protocols.
– Develop a formal logic for analyzing accountability property of mo- bile payment protocols that is able to analyze both symmetric and asymmetric cryptographic messages. The logic can be used to analyze accountability of e-commerce protocols.
– Analyze the proposed framework and protocols primarily by using the proposed formal logic to show that a payment system based on the proposed framework or protocols satisfies the proposed model.