The Role of Mobile Device Authentication with respect to Domain overlapping Business Models

摘要

In the contact of mobility protocols such as Mobile IP, authentication, authorization and accounting (AAA) are challenging problems. Current mobility protocol deployments typically do not span trust boundaries, because there has not been any clear agreement about how network administrators from unrelated enterprises could agree upon to assure mutual security, and compensate each other for resource utilization, when enabling connections for mobile computers. AAA addresses this problem. We propose and evaluate various schemes and protocols to authenticate a mobile node and, if necessary, also its resource usage in the context of Mobile IP/AAA. Their suitability depends on the assumed mobility scenario, its privacy issues and it also strongly depends on the purposes of the assumed accounting scenario. The requirements for an integrated AAA framework differ significantly when different business models with different charging schemes are deployed. For example pre- or post-paid usage-based business models have completely different requirements for an authentication scheme/protocol than fixed contract business models.