An Open Mobile Identity Tool: An Architecture for Mobile Identity Management

We present an architecture for a flexible and open mobile electronic identity tool, which can work as a replacement for numerous ID cards and licenses. In addition, it can be used in various payment and user authentication scenarios. The tool is mobile phone based and uses a security element (e.g., a SIM card) for storing sensitive identity information. We follow the design for privacy principles, such as minimisation of data collection and informed consent of the user. The tool can be implemented using currently available handset technology.

[1]  Scott Cantor,et al.  Shibboleth Architecture Technical Overview , 2005 .

[2]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[3]  J. Noll,et al.  SIM as Secure Key Storage in Communication Networks , 2007, 2007 Third International Conference on Wireless and Mobile Communications (ICWMC'07).

[4]  Stefan Santesson,et al.  Internet X.509 Public Key Infrastructure Qualified Certificates Profile , 2001, RFC.

[5]  Yvo Desmedt Position Statement in RFID S&P Panel: From Relative Security to Perceived Secure , 2007, Financial Cryptography.

[6]  Ninghui Li,et al.  A Construction for General and Efficient Oblivious Commitment Based Envelope Protocols , 2006, ICICS.

[7]  JooSeok Song,et al.  Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce , 2007, Comput. Commun..

[8]  Helena Handschuh,et al.  High Density Smart Cards: New Security Challenges and Applications , 2007, ISSE.

[9]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[10]  Russ Housley,et al.  An Internet Attribute Certificate Profile for Authorization , 2010, RFC.

[11]  Keith Mayes,et al.  Design, Installation and Execution of a Security Agent for Mobile Stations , 2006, CARDIS.

[12]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[13]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[14]  N. Asokan,et al.  Extending cellular authentication as a service , 2005 .

[15]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[16]  D. B. Davis,et al.  Sun Microsystems Inc. , 1993 .