Protection Profile for Security Enhancement of Embedded Operating System for Mobile Terminals

Mobile telecommunication industry in Korea has 39 millions of users by the end of 2006 and over 4,000 million is expected by 2007. Voice services using a cell phone have become saturated. Industry prospects data show that use of data communication using mobile terminals such as a cell phone or PDA is continuously increasing. Now a mobile terminal provides a large variety of functions such as multimedia data (e.g. MP3, videos) and games as well as voice service; it is used to connect to the Internet using mobile telecommunication (3.5G) and wireless broadband Internet (Wibro) to search information and download lots of applications and games. Since the Internet has many malicious codes and security vulnerabilities, mobile terminals are exposed to those risks. F-secure reports that the number of mobile viruses that have been known by Sep. 2007 is 376 and rapidly increasing. This paper intends to develop security functional requirements of a security system to enhance the security of mobile terminals. To this purpose, the TOE will be defined, its environment will be analyzed, and security objectives appropriate for the environment will be defined. A rationale is provided to show how the requirements satisfy the security objectives.