Introduction

Performing electronic or e-commerce activities online is ubiquitous; we all engage in it on a daily basis whether or not we are aware of it. Consumer electronics devices in general and mobile phones in particular are also becoming an integral part of our lives. Devices are becoming more powerful, extensively interconnected, much easier to use, and therefore capable of performing more and more tasks better, faster, and more reliably. Devices are becoming gatekeepers for our interaction with the digital world; they are entrusted to be the de facto means to live our digital life. Now if we combine the two trends mentioned, you will see the next digital wave that is taking place: interacting with our social networks, performing electronic commerce activities such as banking, ordering goods online, and so on, all using our consumer electronics devices. All these activities have one important element in common: They touch and use our identity. In other words, our digital security now depends on the security of our devices and the systems that they interact with. When there is identity, there must be reliable mechanisms in place to manage it safely and securely.

From the system designers' vantage point, the task of securing such a complex system is overwhelming, to say the least. There are different elements of this ecosystem that need to operate in synchrony, although many of them have not been originally designed to work together. From the end user's perspective, however, ...