The SumoDacs-project: Secure mobile data access with a tamperproof hardware token

Most experts would support the statement that mobile computers with the capability of wireless data communication (e.g., smartphones, netbooks) provide a great potential for the improvement of business processes. Using these technologies mobile employees can access enterprise information systems when they are working outside their company's premises. However, the employment of mobile technologies comes along with specific security issues: mobile computers often get lost or stolen and wireless data communication is much more vulnerable than conventional communication. To tackle these security issues the project SumoDacs was initiated. SumoDacs is based on the employment of a so called Hardware Security Token, which is a special smart card that is resistant even against direct physicals attacks. The enterprise systems to be accessed reside in a secured network segment and are connected with special wrappers to a dedicated security server. A further special feature is a dynamic access control which considers contextual information for making access control decisions.