Jm Jan Smits

Intellectual property rights and standardization. The case of GSM

This paper investigates the role ofintellectual property rights (IPRs) in the process ofstandardization in the telecommunications industry. We take the global system for mobile communications (GSM) case as a highly relevant example, being part ofa high-tech industry in which standards play a large role. In the process ofdesigning the GSM standard, a lot ofattention has been given to IPRs, mainly to avoid a situation in which a single IPR holder could hamper or even totally block the development ofthe standard. Nevertheless, the ultimate GSM standard contains a large amount ofso-called ‘essential IPRs’, i.e., IPRs without which the implementation ofGSM products is impossible. The paper provides a general discussion ofthe development ofGSM and presents a database on the essential IPRs in the GSM standard. This database has been compiled on the basis ofinternational patent statistics, and the data that manufacturers have supplied to European Telecommunications Standards Institute, the European standardization body responsible for defining the GSM standard. We use this database to assess the dynamic IPR position offirms in the original GSM standard and its subsequent development.

Advances in Network and Distributed Systems Security

In this paper, we define a language for specifying security protocols concisely and unambiguously. We use this language to formally specify the protocol for payment transactions in Secure Electronic Transaction (SET), which has been developed by Visa and MasterCard. In our language, a protocol is specified as a collection of processes. Each process expresses the role of a participant. In the role-based specification, the components that a participant sees in a message can be stated explicitly. This is important in specifying protocols like that for the SET payment transactions because in such protocols some message components are encrypted and invisible to some participants. We simplify the SET payment transaction protocol into the exchanges of six messages. Because our future goal is to formally analyze the security properties that Meadows and Syverson discussed, we make the simplified protocol contain the parameters used in their security properties. And we also refrain from excessive simplification. For example, we use dual signature in the payment request message as it is specified in the SET specification books, while most of the other works do not use it. Our specification can serve as a starting point for a formal analysis of the protocol.

Erratum to: Advances in Network and Distributed Systems Security

Erratum to: B. De Decker et al. (Eds.) Advances in Network and Distributed Systems Security DOI: 10.1007/978-0-306-46958-9