Authentication, Authorisation, and Access Control in Mobile Systems

Authentication, Authorisation, and Access Control in Mobile Systems

Josef Noll, György Kálmán
Copyright: © 2008 |Pages: 13
DOI: 10.4018/978-1-59904-899-4.ch013
(Individual Chapters)
No Current Special Offers


Converging networks and mobility raise new challenges towards the existing authentication, authorisation, and accounting (AAA) systems. Focus of the research is towards integrated solutions for seamless service access of mobile users. Interworking issues between mobile and wireless networks are the basis for detailed research on handover delay, multi-device roaming, mobile networks, security, ease-of-use, and anonymity of the user. This chapter provides an overview over the state of the art in authentication for mobile systems and suggests extending AAA mechanisms to home and community networks, taking into account security and privacy of the users.

Key Terms in this Chapter

Rivest-Shamir-Adleman (RSA): RSA is the de facto standard of public key encryption.

Subscriber Identity Module (SIM): SIM is the smart card used in GSM and UMTS (as USIM) networks to identify the subscribers. It has integrated secure storage and cryptographic functions.

Remote Authentication Dial in User Service (RADIUS): RADIUS is the de facto remote authentication standard over the Internet. It uses UDP as a transport method and is supported by software and hardware manufacturers. Privacy problems may arise when used on wireless links, since only the user password is protected by an MD5 hash.

Authentication, Authorisation, and Accounting (AAA): AAA is a system that handles all users of the system to ensure appropriate right management and billing.

International Mobile Subscriber Identity (IMSI), Temporary-IMSI (TMSI): IMSI and TIMSI is the unique identity number used in UMTS to indentify a subscriber. The temporary one is renewed from time to time, and that is the only one that is used over the air interface.

Extensible Authentication Protocol (EAP): EAP, a flexible protocol family, which includes TLS, IKE protocols, and also the default authentication method of UMTS, EAP-AKA.

Converged Network: Converged network is a network carrying various types of traffic. Such a network is providing services to different terminals, which can access and exchange content regardless of the current networking technology they are using.

Smart Card: Smart card is a tamper resistant pocket sized card, which contains tamper resistant non-volatile storage and security logic.

DIAMETER: Diameter is a proposed successor of RADIUS. It uses TCP as a transport method and provides the possibility to secure transmissions with TLS. It is not backward compatible with RADIUS.

Public Key Infrastructure (PKI): PKI is a service that acts as a trusted third party, manages public keys, and binds users to a public key.

Digital Rights Management (DRM): DRM is a software solution that gives the power for the content creator to keep control over use and redistribution of the material. Used mostly in connection with digital media provider companies, but in pervasive environments, users may also require a way to have a fine-grained security infrastructure in order to control access to own content.

Complete Chapter List

Search this Book: