Ticket-Based Service Access Scheme for Mobile Users

Security is one of the important issues in mobile computing, especially in mobile database systems since mobile environments are dynamic and traditional protection mechanisms do not work very well in such environments. For mobile database access across multiple service domains, the traditional access mechanisms rely on the concept of starting home location and cross domain authentication using roaming agreements. However, the cross domain authentications will involve many complicated authentication activities when the roam path is long. This limits the future mobile applications.This paper presents a global solution for all kinds of mobile services, by a ticket-based service access model that allows anonymous service usage in mobile application and access. The service provider can avoid roaming to multiple service domains, only contacting the Credential Centre to check the user's certification. The user can preserve anonymity and read a clear record of charges in the Credential Centre at anytime. Furthermore, the identity of misbehaving users can be revealed by a Trusted Centre.

[1]  Yanchun Zhang,et al.  A Protocol for Untraceable Electronic Cash , 2000, Web-Age Information Management.

[2]  Astrid Lubinski,et al.  Security Issues in Mobile Database Access , 1998, DBSec.

[3]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[4]  Yuval Ishai,et al.  One-way functions are essential for single-server private information retrieval , 1999, STOC '99.

[5]  Hugo Krawczyk,et al.  Security issues in a CDPD wireless network , 1995, IEEE Wirel. Commun..

[6]  Jon Crowcroft,et al.  Ticket based service access for the mobile user , 1997, MobiCom '97.

[7]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[8]  Levente Buttyán,et al.  Accountable anonymous access to services in mobile communication systems , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[9]  Yanchun Zhang,et al.  A consumer scalable anonymity payment scheme with role based access control , 2001, Proceedings of the Second International Conference on Web Information Systems Engineering.

[10]  Levente Buttyán,et al.  On the Problem of Trust in Mobile Agent Systems , 1998, NDSS.

[11]  Hua Wang,et al.  Untraceable off-line electronic cash flow in e-commerce , 2001, Proceedings 24th Australian Computer Science Conference. ACSC 2001.

[12]  Günther Horn,et al.  Authentication and Payment in Future Mobile Systems , 1998, J. Comput. Secur..

[13]  Hugo Krawczyk,et al.  Pseudorandom functions revisited: the cascade construction and its concrete security , 1996, Proceedings of 37th Conference on Foundations of Computer Science.

[14]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[15]  A. Mehrotra,et al.  Mobility and security management in the GSM system and some proposed future improvements , 1998, Proc. IEEE.

[16]  Asha K. Mehrotra,et al.  GSM System Engineering , 1997 .