Authentication in Ubiquitous Networking

Mobile authentication is an essential service to ensure the security of engaging parties in a ubiquitous wireless network environment. Several solutions have been proposed mainly based on both centralised and distributed authentication models to allow ubiquitous mobile access authentication; however, limitations still exist in these approaches, namely flexibility, security and performance issues and vulnerabilities. These shortcomings are influenced by the resource limitations of both wireless networks and the mobile devices together with inter-technology and inter-provider challenges. In this paper, the authors reviewed the major techniques in the field of ubiquitous mobile access authentication, which has attracted many researchers in the past decade. After investigating existing mobile authentication models and approaches, the common challenges are summarised to serve as the solution key requirements. The identified key solution requirements allow analysing and evaluating mobile authentication approaches.

[1]  Olivier Bonaventure,et al.  SWISH: Secure WiFi sharing , 2011, Comput. Networks.

[2]  Georgios Kambourakis,et al.  Advanced SSL/TLS-based authentication for secure WLAN-3G interworking , 2004 .

[3]  Shigefusa Suzuki,et al.  An Authentication Technique Based on Distributed Security Management for the Global Mobility Network , 1997, IEEE J. Sel. Areas Commun..

[4]  Yuh-Ren Tsai,et al.  SIM-based subscriber authentication mechanism for wireless local area networks , 2006, Comput. Commun..

[5]  Dieter Hogrefe,et al.  A method for authentication and key exchange for seamless inter-domain handovers , 2004, Proceedings. 2004 12th IEEE International Conference on Networks (ICON 2004) (IEEE Cat. No.04EX955).

[6]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[7]  Yanchun Zhang,et al.  Achieving secure and flexible M-services through tickets , 2003, IEEE Trans. Syst. Man Cybern. Part A.

[8]  Frank H. P. Fitzek,et al.  Defining 4G technology from the users perspective , 2006, IEEE Network.

[9]  F. Daoud,et al.  Strategies for provisioning and operating VHE services in multi-access networks , 2002 .

[10]  Randy H. Katz,et al.  The SAHARA Model for Service Composition across Multiple Providers , 2002, Pervasive.

[11]  Chin-Chen Chang,et al.  Enhanced authentication scheme with anonymity for roaming service in global mobility networks , 2009, Comput. Commun..

[12]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[13]  Sarvar Patel,et al.  Efficient authentication and key distribution in wireless IP networks , 2003, IEEE Wireless Communications.

[14]  Eli Biham,et al.  Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication , 2003, Journal of Cryptology.

[15]  Qiong Pu,et al.  An Enhanced Authentication Scheme with Anonymity for Roaming Service in Global Mobility Networks , 2010, 2010 Second International Conference on Multimedia and Information Technology.

[16]  Mohammad Ilyas,et al.  Towards Certificate-Based Authentication for Future Mobile Communications , 2004, Wirel. Pers. Commun..

[17]  Ulrike Meyer,et al.  An approach to enhance inter-provider roaming through secret sharing and its application to WLANs , 2005, WMASH.

[18]  Jon Crowcroft,et al.  Architecting Citywide Ubiquitous Wi-Fi Access , 2007, HotNets.

[19]  Levente Buttyán,et al.  Accountable anonymous access to services in mobile communication systems , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[20]  Xiaotie Deng,et al.  Universal authentication protocols for anonymous wireless communications , 2010, IEEE Transactions on Wireless Communications.

[21]  Marvin A. Sirbu,et al.  Distributed authentication in Kerberos using public key cryptography , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[22]  Xuemin Shen,et al.  Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks , 2006, IEEE Transactions on Wireless Communications.

[23]  Jouni Mikkonen,et al.  Wireless LAN access network architecture for mobile operators , 2001 .

[24]  Geir M. Køien,et al.  Access security in CDMA2000, including a comparison with UMTS access security , 2004, IEEE Wireless Communications.

[25]  Dieter Hogrefe,et al.  Fast Re-Authentication for Inter-Domain Handover using Context Transfer , 2008, 2008 International Conference on Information Networking.

[26]  G. Tsudik,et al.  Authentication of mobile users , 1994, IEEE Network.

[27]  Chin-Chen Chang,et al.  Roaming across wireless local area networks using SIM-based authentication protocol , 2009, Comput. Stand. Interfaces.

[28]  Randy H. Katz,et al.  Secure Authentication System for Public WLAN Roaming , 2005, Mob. Networks Appl..

[29]  P. Syverson,et al.  A Unified Cryptographic Protocol Logic , 1996 .

[30]  Chun Chen,et al.  Privacy-Preserving Universal Authentication Protocol for Wireless Communications , 2011, IEEE Transactions on Wireless Communications.

[31]  Ivan Ganchev,et al.  Toward a ubiquitous consumer wireless world , 2007, IEEE Wireless Communications.

[32]  Xuemin Shen,et al.  A Service-Agent-Based Roaming Architecture for WLAN/Cellular Integrated Networks , 2007, IEEE Transactions on Vehicular Technology.

[33]  Chin-Chen Chang,et al.  An Anonymous and Self-Verified Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks , 2010, IEEE Transactions on Wireless Communications.

[34]  Ulrich Stumpf Prospects for Improving Competition in Mobile Roaming , 2001, ArXiv.

[35]  Kalle Ahmavaara,et al.  Interworking architecture between 3GPP and WLAN systems , 2003, IEEE Commun. Mag..

[36]  Guomin Yang Comments on "An Anonymous and Self-Verified Mobile Authentication with Authenticated Key Agreement for Large-Scale Wireless Networks" , 2011, IEEE Trans. Wirel. Commun..

[37]  Dapeng Wu,et al.  An Efficient Mobile Authentication Scheme for Wireless Networks , 2008, IEEE Transactions on Wireless Communications.

[38]  Ulrike Meyer,et al.  Secure Roaming and Handover Procedures in Wireless Access Networks , 2006 .

[39]  Paramvir Bahl,et al.  Secure wireless Internet access in public places , 2001, ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No.01CH37240).

[40]  Yanchun Zhang,et al.  A Global Ticket-Based Access Scheme for Mobile Users , 2004, Inf. Syst. Frontiers.

[41]  Apostolis K. Salkintzis,et al.  WLAN-GPRS integration for next-generation mobile data networks , 2002, IEEE Wirel. Commun..

[42]  Jongin Lim,et al.  Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks , 2009, IEEE Communications Letters.

[43]  Ulrike Meyer,et al.  On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks , 2004, 2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications (IEEE Cat. No.04TH8754).

[44]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[45]  Ian F. Akyildiz,et al.  A ubiquitous mobile communication architecture for next-generation heterogeneous wireless systems , 2005, IEEE Communications Magazine.

[46]  V. Bahl,et al.  The CHOICE Network: Broadband Wireless Internet Access In Public Places , 2000 .

[47]  Ming-Chia Jiang,et al.  WLAN-centric authentication in integrated GPRS-WLAN networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[48]  Zhenfu Cao,et al.  On the anonymity of some authentication schemes for wireless communications , 2009, IEEE Commun. Lett..

[49]  Jing Xu,et al.  Provable secure authentication protocol with anonymity for roaming service in global mobility networks , 2011, Comput. Networks.

[50]  Yuh-Min Tseng USIM-based EAP-TLS authentication protocol for wireless local area networks , 2009, Comput. Stand. Interfaces.

[51]  Anish Prasad Shrestha,et al.  Kerberos based authentication for inter-domain roaming in wireless heterogeneous network , 2010, Comput. Math. Appl..

[52]  Andreas Noack,et al.  Efficient Authenticated Wireless Roaming via Tunnels , 2009, QSHINE.

[53]  Alejandro Quintero,et al.  Mobile services access and payment through reusable tickets , 2009, Comput. Commun..

[54]  Chin-Ling Chen,et al.  A Mobile Ticket System Based on Personal Trusted Device , 2007, Wirel. Pers. Commun..

[55]  Peter Honeyman,et al.  Formal Methods for the Analysis of Authentication Protocols , 1993 .

[56]  Yen-Cheng Chen,et al.  A practical authentication protocol with anonymity for wireless access networks , 2011, Wirel. Commun. Mob. Comput..

[57]  Tai-Yun Kim,et al.  Ticket based authentication and payment protocol for mobile telecommunications systems , 2001, Proceedings 2001 Pacific Rim International Symposium on Dependable Computing.

[58]  Chin-Chen Chang,et al.  A self-encryption mechanism for authentication of roaming and teleconference services , 2003, IEEE Trans. Wirel. Commun..

[59]  Yuh-Min Tseng,et al.  Authentication and Billing Protocols for the Integration of WLAN and 3G Networks , 2004, Wirel. Pers. Commun..

[60]  Bala Srinivasan,et al.  A Hybrid Mobile Authentication Model for Ubiquitous Networking , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[61]  Jianfeng Ma,et al.  A new authentication scheme with anonymity for wireless environments , 2004, IEEE Trans. Consumer Electron..

[62]  Yuefei Zhu,et al.  A novel lightweight authentication scheme with anonymity for roaming service in global mobility networks , 2011, Int. J. Netw. Manag..

[63]  Xiaotie Deng,et al.  Anonymous and Authenticated Key Exchange for Roaming Networks , 2007, IEEE Transactions on Wireless Communications.

[64]  Paramvir Bahl,et al.  PAWNs: Satisfying the need for ubiquitos secure connectivity and location services , 2002, IEEE Wireless Communications.

[65]  Wei-Bin Lee,et al.  A Secure Authentication Scheme with Anonymity for Wireless Communications , 2008, IEEE Commun. Lett..

[66]  Yi-Bing Lin,et al.  Mobile prepaid phone services , 2000, IEEE Wirel. Commun..

[67]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[68]  William A. Arbaugh,et al.  AAA for Spontaneous Roaming Agreements in Heterogeneous Wireless Networks , 2007, ATC.

[69]  M. Rahnema,et al.  Overview of the GSM system and protocol architecture , 1993, IEEE Communications Magazine.

[70]  Sulabh Agarwal,et al.  MoB: a mobile bazaar for wide-area wireless services , 2005, MobiCom '05.

[71]  William A. Arbaugh,et al.  Wireless Network Security and Interworking , 2006, Proceedings of the IEEE.

[72]  Pin-Han Ho,et al.  PPAB: A Privacy-Preserving Authentication and Billing Architecture for Metropolitan Area Sharing Networks , 2009, IEEE Transactions on Vehicular Technology.