The mission of this Josef Ressel Center for User-friendly
		  Secure Mobile Environments (u’smile) was the analysis of
		  security issues in current and future mobile applications;
		  the design, development, and evaluation of concepts,
		  methods, protocols, and prototypical implementations for
		  addressing them; and communication and co-ordination with
		  industry partners and standardization organizations towards
		  establishing globally accepted standards for secure,
		  interoperable, mobile services. Broadly summarizing, JRC
		  u’smile succeeded with many specific contributions towards
		  this vision, and in producing a final prototype of the
		  Austrian mobile driving license on Android smartphones,
		  which brings together the lines of research pursued within
		  the 5 years. In the following report, we summarize these
		  research directions by work packages, focusing on
		  innovations since the two-term evaluation report. Detailed
		  research results have been presented in peer-reviewed
		  publications as well as technical reports, which form an
		  appendix to this summary report.

		  Over the last 5 years we published 18 journal articles, 61
		  papers in conference proceedings, 5 PhD theses, 2 books,
		  and 22 technical reports and specification documents
		  summarizing our findings and introducing new concepts,
		  methods, and protocols to overcome security issues in
		  mobile devices and applications, and to improve usability
		  of security mechanisms on mobile devices both for end-users
		  and developers. Further, a total number of 24 master’s and
		  14 bachelor’s theses have been completed within the scope
		  of the JRC u’smile. Moreover, we were able to present the
		  project and its results to a broad audience by organizing
		  the Android Security Symposium in 2015 and 2017. Additional
		  indicators of success are numerous invitations to talks –
		  including keynote speeches at academic conferences and
		  other events as well as TEDxLinz –, media articles,
		  invitations to participate in discussions with policy
		  makers, and an increased international recognition of
		  Austrian research contributions in the area of mobile
		  device security.

		  JRC u’smile was split into two modules:

		  Module 1 (Hardware, Platform, and Protocol Security Support
		  for Mobile Devices) aimed to analyze and improve the
		  current state-of-the-art of security in mobile devices
		  specifically on the hardware, middleware, API, network
		  protocol, and user interaction levels. Major contributions
		  within all 5 years include significant advances in
		  biometric, token, and multi-device based authentication
		  methods for smart phones, a comprehensive analysis and
		  protocol design towards an open ecosystem for
		  tamper-resistant hardware in mobile devices, high-level
		  results on securing mobile user interactions, and the
		  integrative research on digital identities for real-world
		  interaction, demonstrated in the Austrian mobile Driving
		  License (AmDL) system.

		  Module 2 (Security Support for Mobile Services, Libraries
		  and Applications) aimed to improve application security on
		  the higher layers of the smartphone stack, complementing
		  module 1 in tackling the whole stack across the JRC. The
		  work in this module resulted in improvements to users
		  security and privacy, enhancements for secure network
		  communications of applications, self-defense of users
		  concerning security and privacy issues in applicatins and
		  the creation of analysis tools to detect implementation
		  flaws as well as malicious applications.

		  As predicted in the original project proposal, the mobile
		  landscape is changing rapidly and mobile device security
		  has experienced significant developments beyond the JRC
		  u’smile over the last few years. While the initial
		  motivations and visions remained valid and continued to
		  drive the overall focus of the JRC u’smile, new fields –
		  particularly in the areas of user and cross-device
		  authentication as well as network level privacy
		  implications – have opened, public interest in certain
		  areas – such as digital identities – has dramatically
		  increased, and requirements have changed. At the same time,
		  some of the initially proposed research areas – most
		  prominently virtualization on smart phones – had to be
		  abandoned due to the shift of resources into new directions
		  and due to unforeseen inaccessibility of proprietary
		  technologies based on competitive market forces.

		  We are happy to report that most milestones were met and
		  that the critical path of our planned research has been
		  fulfilled despite these rapid and often unpredictable
		  developments in the mobile domain. Nevertheless, several
		  changes to the original project plan proposed in the
		  project application were necessary:

		  Some work packages in both modules were merged in order to
		  account for tight relationships and to benefit from
		  improved outcomes through a holistic approach.

		  A new industry partner – Österreichische Staatsdruckerei
		  GmbH – could be acquired in the area of digital identity
		  use-cases. This allowed us to install a new work package
		  1.9 focusing on providing digital identity documents and
		  services on/with mobile devices.

		  The original concept of virtualization on smart phones to
		  compartmentalize single devices into multiple ’security
		  zones’ was successfully prototyped and evaluated on the
		  user interaction level to give guidance on future products,
		  but could unfortunately not be implemented in a full-stack
		  prototype due to unavailable low-level access to the boot
		  loader and TrustZone layers.

		  The addition of the new work package on digital identities
		  also resulted in an additional project outcome: the
		  Austrian Mobile Driving License (AmDL), a prototype of a
		  privacy-preserving mobile driving license. This shared
		  demonstrator successfully integrates and show-cases results
		  spanning across all work packages and across both modules
		  of the JRC u’smile. Moreover, with this demonstrator we
		  achieved the goal of the initial motivating vision of the
		  JRC u’smile: to – globally, securely, and intuitively
		  usably – substitute current wallets and key chains by
		  suitable services and applications on mobile phones.

		  Finally, specific follow-up projects with partners from the
		  JRC u’smile include the proposal for a new Christian
		  Doppler Laboratory ’Digidow’ to extend the JRC vision of
		  digital identities far beyond mobile devices and into cloud
		  services, and the extension of the JRC TARGET with a third
		  module to transfer our collected knowledge on application
		  analysis and system security improvements.<br>
<br><pre>@techreport{Mayrhofer_17_UserfriendlySecure,
  author = {Mayrhofer, Ren\'e and Weippl, Edgar and Buhov, Damjan and Findling, Rainhard Dieter and Hintze, Daniel and H\"olzl, Michael and Merzdovnik, Georg and Muaaz, Muhammad and Roland, Michael},
  institution = {u'smile Josef-Ressel Center, University of Applied
  		  Sciences Upper Austria and SBA Research},
  title = {User-friendly Secure Mobile Environments (Final Report for
  		  JRC u’smile)},
  year = {2017},
  month = oct
}
</pre>