Authorization Mechanisms for Mobile Commerce Implementations in Enhanced Prepaid Solutions

摘要

Mobile commerce (m-commerce) provides an exciting set of new capabilities that service providers can leverage to grow their revenue base while attracting new services that enhance the end-user experience. With these new opportunities the risk of new security threats that need to be addressed also arises. In this paper, security issues―in particular, those dealing with service and subscriber authorization―in enhanced prepaid implementations for m-commerce―are discussed. These products typically provide an enriched rating engine and a highly configurable feature set for service and content charging in wireless networks. Client application and subscriber-level authentication and authorization are key mechanisms that serve to regulate access to, and usage of, content-based transactions in m-commerce. Solution architectures and a discussion of authorization criteria are presented.