Passport-Visa based Authentication Mechanism for Ubiquitous Mobile Communication

摘要

The increase in mobile device capability (processing power, memory, storage) as well as the introduction of wireless systems (Wi-Fi, WiMAX, 3.5G) have opened new opportunities for the next generation of mobile services such as mobile internet, m-commerce, m-learning and m-government. This makes it desirable for mobile internet users to be connected everywhere. However, ubiquitous connectivity faces interoperation issues between wireless network providers and wireless network technologies. Although mobile users want to get as many services as possible when they travel, there is a lack of technologies to identify visited users in current foreign network authentication systems. This challenge lies in the fact that a foreign network provider does not initially have the authentication credentials of a mobile user. Existing systems use service agreement to exchange authentication information between home network and foreign network. This paper proposes a Passport (identification token) and Visa (authorisation token) to provide the mobile user with a flexible authentication method to access foreign network services. The technique is lightweight for the mobile device side as it employs just symmetric keys. The symmetric keys do not need key management (no need to store them) on the servers side (home network and foreign network) as they are stored in the Passport and the Visa. The security analysis indicates that our proposal is more suitable for ubiquitous mobile communication.