Authors: W. Adi, Khaled E. A. Negm, A. Mabrouk, H. Ghraieb

Abstract:

In the current study we present a system that is capable to deliver proxy based differentiated service. It will help the carrier service node to sell a prepaid service to clients and limit the use to a particular mobile device or devices for a certain time. The system includes software and hardware architecture for a mobile device with moderate computational power, and a secure protocol for communication between it and its carrier service node. On the carrier service node a proxy runs on a centralized server to be capable of implementing cryptographic algorithms, while the mobile device contains a simple embedded processor capable of executing simple algorithms. One prerequisite is needed for the system to run efficiently that is a presence of Global Trusted Verification Authority (GTVA) which is equivalent to certifying authority in IP networks. This system appears to be of great interest for many commercial transactions, business to business electronic and mobile commerce, and military applications.

Keywords: Mobile Device Security, Identity Authentication, Mobile Commerce Security.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1332560

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1579

References:

[1] Malan, D., Crypto for Tiny Objects, Harvard University Computer Science Report, TR-04-04, 2004.
[2] Handschuh, H. and Paillier, P., Smart card cryptocoprocessors for public-key cryptography, In J.-J. Quisquater and B. Schneier, editors, LNCS, 1820, pp. 386-394. Springer- Verlag, 2000.
[3] M. Dertouzos. The future of computing. Scientific American, August 1999.
[4] G. Banavar, J. Beck, E. Gluzberg, J. Munson, J. Sussman, and D. Zukowski. Challenges: An application model for pervasive computing. In Proc. ACM MOBICOM, 2000.
[5] Patriciu, V., Marin Bica, M. and Ion Bica, I., Implementation Issues of PKI ssTechnology, International Carpathian Control Conference ICCC- 2002, pp. 513-518.
[6] Housley R. and Polk T., Planning for PKI, John Wiley, 2001.
[7] http://linuxdevices.com/
[8] http://www.linuxmobilealliance.org
[9] Koutsopoulou, M., at al., Charging, Accounting and Billing Management Schemes in Mobile Telecommunication Networks and the internet, IEEE Communication Surveys, 6, 2004, pp. 50- 58.
[10] Kim, H. and Afifi, H., Improving Mobile Authentication with New AAA Protocols, in IEEE International Conference on Communications 2003 (ICC-03), Anchorage, USA, 2003.
[11] Mitton, D., et al., "Authentication, Authorization, and Accounting: Protocol Evaluation," RFC 3127, 2001.
[12] 3GPP. 3G security: Security Architecture, Technical Specification Group Service and System Aspects, 3GPP TS 33.102 V. 3.6.0, 2000.
[13] Glass, S. et al., Mobile IP Authentication, Authorization, and Accounting Requirements, Internet RFC2977, 2000.
[14] G.Schaefer, G., Karl, H., and Festag, "Current Approaches to Authentication in Wireless and Mobile Communications Networks", Technical Report TKN-01-002, Telecommunication Networks Group, Technische Universität Berlin, 2001.
[15] M. Girault, Self-certified public keys", Advances in Cryptology: Eurocrypt'91, LNCS 547, Springer-Verlag, 1991, pp. 490-497.
[16] Blaze, M, Feigenbaum, J, and Lacy,J., Decentralized Trust Management, IEEE Symposium on Security and Privacy, 1996, pp. 164-174.
[17] Petersen, H. and Horster, P., Self-certified keys "Concepts and Applications", In Proc. Communications and Multimedia Security'97, pp. 102-116, Chapman & Hall, 1997.
[18] Lee, B. and Kim, K., Self-Certificate: PKI using Self- Certified Key", Proc. of Conference on Information Security and Cryptology 2000, Vol. 10, 2000, pp. 65-73.
[19] Cryptographic Module Security Policy, Federal Information Processing Standards Publications, FIPS 140-1, November 2004.
[20] Technical Specification 3G Security, Security Architecture 3G TS 33.102 V. 3.2.0 from 10.1999.
[21] W. Adi, "Secured Mobile Device Identification with Multi- Verifier", International Conference on Telecommunications (ICT2001), 2001, pp. 289 - 292.
[22] 3GPP. Technical Specification Group Services and System Aspects, 3GPP TR 21.905 V5.5.0, 2002.
[23] Kostiainen, K., Intuitive Security Initiation using locationlimited channels, Master-s Thesis, HELSINKI UNIVERSITY OF TECHNOLOGY, 2004.
[24] Gehrmann, C. Mitchell, C., and Nyberg, K., Manual authentication for wireless devices, CryptoBytes, Vol. 7, 2004, pp. 30-40.
[25] http://www.t-online.com/
[26] Adi, W., Al-Qayedi, A., Negm, K., Mabrouk, A., Musa, S., Secured Mobile Device Software Update over IP Networks, IEEE SoutheastCon 2004, 2004, pp 271-274.
[27] Mabrouk, A., Adi, W., Gharieb, H., and Negm, K., Proxy Based Signature with Secured Mobile Computations, Proceedings of International Symposium of Telecommunications-IST2003, 2003, pp. 544-546.
[28] Negm, K., Adi, W., and Abd-ElWahab, F., Secure Mobile Code Computing Framework, WSEAS Transactions on Information Science and Applications, Vol. 1, 2004, pp. 1411- 1416.