A Hybrid Mobile Authentication Model for Ubiquitous Networking

The development in mobile devices and wireless technologies (e.g Cellular, Wi-Fi) has facilitated a growth in mobile services. As mobile users are usually moving, roaming services are deployed to allow users to access foreign network services without being limited to the geographical coverage of their home networks. Several solutions have been proposed to allow ubiquitous mobile access authentication; however, limitations still exist in these approaches, such as performance issues and security vulnerabilities. In this paper a novel hybrid mobile authentication model is proposed, with its realisation through suitable protocols that combine the advantages of both distributed and centralised models. The proposed Passport and Visa tokens assist a foreign network in authenticating and authorising visiting mobile users. These tokens also offer a unique solution to achieving secure and efficient key management. Most importantly, the proposed solution provides an efficient technique, using recency evidence (a Passport Stamp), to tackle the problem of a user revocation status check. The security and performance analysis demonstrates that the proposed protocols efficiently ensure secure roaming, greatly enhance computation speed, and reduce communication costs.

[1]  Shigefusa Suzuki,et al.  An Authentication Technique Based on Distributed Security Management for the Global Mobility Network , 1997, IEEE J. Sel. Areas Commun..

[2]  Xiaotie Deng,et al.  Anonymous and Authenticated Key Exchange for Roaming Networks , 2007, IEEE Transactions on Wireless Communications.

[3]  Ian F. Akyildiz,et al.  A ubiquitous mobile communication architecture for next-generation heterogeneous wireless systems , 2005, IEEE Communications Magazine.

[4]  Neal Leavitt,et al.  Internet Security under Attack: The Undermining of Digital Certificates , 2011, Computer.

[5]  Chun Chen,et al.  Security and efficiency in roaming services for wireless networks: challenges, approaches, and prospects , 2013, IEEE Communications Magazine.

[6]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[7]  Steven Furnell,et al.  Advanced user authentication for mobile devices , 2007, Comput. Secur..

[8]  Guomin Yang Comments on "An Anonymous and Self-Verified Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks" , 2011, IEEE Trans. Wirel. Commun..

[9]  Dapeng Wu,et al.  An Efficient Mobile Authentication Scheme for Wireless Networks , 2008, IEEE Transactions on Wireless Communications.

[10]  William A. Arbaugh,et al.  AAA for Spontaneous Roaming Agreements in Heterogeneous Wireless Networks , 2007, ATC.

[11]  Chun Chen,et al.  Privacy-Preserving Universal Authentication Protocol for Wireless Communications , 2011, IEEE Transactions on Wireless Communications.

[12]  Marvin A. Sirbu,et al.  Distributed authentication in Kerberos using public key cryptography , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[13]  Xuemin Shen,et al.  Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks , 2006, IEEE Transactions on Wireless Communications.

[14]  Chin-Chen Chang,et al.  An Anonymous and Self-Verified Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks , 2010, IEEE Transactions on Wireless Communications.

[15]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[16]  Xiaotie Deng,et al.  Universal authentication protocols for anonymous wireless communications , 2010, IEEE Transactions on Wireless Communications.

[17]  Bala Srinivasan,et al.  Two-Party Mobile Authentication Protocols for Wireless Roaming Networks , 2011, 2011 IEEE 10th International Symposium on Network Computing and Applications.

[18]  Chin-Chen Chang,et al.  A self-encryption mechanism for authentication of roaming and teleconference services , 2003, IEEE Trans. Wirel. Commun..

[19]  Bala Srinivasan,et al.  Analysis of mobile authentication protocols by SVO logic , 2012, SecurIT '12.

[20]  Bala Srinivasan,et al.  Fraudulent Internet Banking Payments Prevention using Dynamic Key , 2008, J. Networks.

[21]  Anish Prasad Shrestha,et al.  Kerberos based authentication for inter-domain roaming in wireless heterogeneous network , 2010, Comput. Math. Appl..

[22]  Nathalie Feyt,et al.  Hardware and Software Symbiosis Helps Smart Card Evolution , 2001, IEEE Micro.

[23]  Ronald L. Rivest,et al.  Can We Eliminate Certificate Revocations Lists? , 1998, Financial Cryptography.

[24]  Ivan Ganchev,et al.  Toward a ubiquitous consumer wireless world , 2007, IEEE Wireless Communications.

[25]  Bala Srinivasan,et al.  Passport/Visa: Authentication and Authorisation Tokens for Ubiquitous Wireless Communications , 2010, MobiQuitous.

[26]  Michael Roe,et al.  Reducing Reauthentication Delay in Wireless Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[27]  Yen-Cheng Chen,et al.  A practical authentication protocol with anonymity for wireless access networks , 2011, Wirel. Commun. Mob. Comput..

[28]  Levente Buttyán,et al.  Extensions to an authentication technique proposed for the global mobility network , 2000, IEEE Trans. Commun..