Handling User Profiles for the Secure and Convenient Configuration and Management of Mobile Terminals and Services G. Bartolomeo (1) , F. Berger (2) , H.J. Eikerling (2) , F. Martire (1) , S. Salsano (3) (1) Radiolabs, Rome, Italy, (2) Siemens Business Services C-LAB, Paderborn, Germany, (3) DIE, Univ. of Rome “Tor Vergata” Abstract Profiled information is becoming of fundamental importance to configure and manage Mobile Terminal and Services for the personalized use according to the needs and preferences of a mobile user. This paper describes an architectural approach for the customization of terminals and services accessed via these terminals, focusing on the secure handling and applying of user profiles taking into consideration the distribution of the profile data. 1. Introduction Mobile users nowadays are surrounded by a plethora of different types of networks, services, and terminals. Though this is obviously favorable for the user, the complexity needs to be managed in a rather obtrusive and secure way. Architectural approaches for doing this are being studied by the FP6 projects Ubisec [3] and Simplicity [4]. Within Ubisec the security and configuration aspects of nomadic service discovery and access are examined for an environment being composed of separate elementary networks (EN) interlinked with each other through a global network (GN). The GN might be partly absent, thus centralized services like for instance trusted third parties for providing basic security services like for instance issuing and validating certificates might at least temporarily not be accessible. In contrast to this, Simplicity deals with the configuration management of mobile terminals and services based on a distributed brokerage framework in which (virtually) one agent is associated with the network / service being accessed by the user and another one is associated with the terminal and interacts with a special device (Simplicity Device) which enables the customization process. Since the entire configuration process in both approaches is driven by the user, the user profile is an important part in this picture. However, user profile and other user related data linked to the identity of a specific user must be secured and privacy issues should be taken into account. In this work we describe an architectural approach which supports the configuration process on the application level especially taking into account the mobility of the users and the complementary use of different types and instances of terminals. This approach will be referred to a as Customization Framework (CF) and represents the combination and generalization of concepts and solutions developed in the context of the Ubisec and Simplicity projects. The CF concept is targeted to include several aspects like authentication, service discovery, management of services, user mobility, presence, location awareness and so on. A key element of the Customization Framework is the management of profiled user information, and this aspect will be specifically dealt with in this paper. The paper is structured as follows: subsequently we will give a system overview containing target use cases and explaining the system principles, the proposed architecture and the definition of profiles. Afterwards, we will focus on the security and privacy aspects of profile handling. 2. System Overview 2.1 Targeted Application Scenarios The envisaged Customization Framework is intended for the largest possible set of mobile and context-aware applications (similar to those described in [6]). Just to mention a specific set, we can have: mobile worker scenarios, where the CF assists the user in configuring its devices and applications for accessing different networks while being on the move, nomadic leisure scenarios, where a nomadic user requests to access media files (either consisting of personal records stored on his domestic digital recording device or being provided through a third party content provider) from his mobile terminal and so on. Depending on the user’s context, his preferences (e.g., QoS), the capabilities of his access devices (in terms of supported wireless transport protocol, display capabilities etc.) and the communication mechanisms available on the site, the