One of the major concerns when implementing mobile and wireless solutions is data security. Securing enterprise data in a wired environment is difficult enough; adding wireless data transmission and mobile storage makes the task even more challenging. A number of security technologies are available today that make it possible to create mobile solutions with end-to-end security. These technologies should be incorporated into your application from the initial design through the final implementation.
Giving all aspects of security equal attention is crucial. For example, it's counter-productive to spend hours choosing the right security algorithm only to find out that a user is using his or her surname as the password to the system. Parties with malicious intent will always attack the weakest part of the system, so, clearly, having a single weak link is very dangerous. To implement a truly secure environment, you will require both the right technology and a corporate security policy. This will help ensure that all aspects of your system remain secure.
This chapter provides information on general security concepts as well as the security issues around building WAP and smart client applications. The goal is to provide developers with enough information to make educated decisions when implementing security into their mobile solutions.