|
9. Future Developments and
Refinements
The Bluetooth security architecture has the
following limitations:
- Support for legacy applications: The
legacy application will not be able to communicate with the Security
Manager directly. Instead a Bluetooth "adapter" application
is required to process security related calls to the Security Manager.
- User Authentication: Only a device may be
authenticated under the current security architecture. In order to
authenticate a user, application level security has to be used.
- Bi-directional traffic: Once a connection
is established, data flow is bi-directional. It is not possible to
enforce uni-directional data flow.
- High level security solution: If a
Bluetooth device needs some information from some server over the
Internet, then there is no end-to-end security possible. The Bluetooth
device connects to the local LAN Access Point which is wired to the
Internet and depends on a "higher-level" security solution
possibly implemented by the Application.
- Preset service authorization: There is no
mechanism to define preset authorizations for services.
Future research and development might involve
some or all of the points mentioned above. A possible refinement is also to set the trust
level of a device specifically for services or group of services instead
of having either unrestricted or restricted access to all the services at
a time.
|
|