Robust mutual trust architecture for safety critical service in heterogeneous mobile network environment

Wireless network services are more vigorous than ever due to the rapid development of mobile devices such as smartphones. Most mobile devices are evolving into multi-purpose handsets having multiple interfaces and always on, operating in a state that can receive the data any time through these different interfaces. In line with this trend, safety critical services such as e-commerce and on-line financial service have now mostly been used through the mobile environment. Since the Internet service is made up of interaction between the user and the service provider, service safety is based on mutual trust between them. In other words, the user terminal and the service provider system should have confidence in the identities of each other. In heterogeneous mobile network, the user terminal can get access to the service system through diverse access networks simultaneously. So, service provider cannot distinguish which is a valid access for service. In this paper, we propose a mutual trust architecture that can maintain a sustainable secure relation between the user terminal and the safety critical service system by using both personal and network information.

[1]  Stephen T. Kent,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[2]  Bob Briscoe,et al.  Tunnelling of Explicit Congestion Notification , 2010, RFC.

[3]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[4]  Nikos I. Passas,et al.  Media-independent handover for seamless service provision in heterogeneous networks , 2008, IEEE Communications Magazine.

[5]  Taeshik Shon,et al.  A security model for IPTV with one-time password and Conditional Access System for smart mobile platform , 2013, Telecommun. Syst..

[6]  Donald E. Eastlake,et al.  US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF) , 2011, RFC.

[7]  R. P. Sundarraj,et al.  Using information-systems constructs to study online- and telephone-banking technologies , 2005, Electron. Commer. Res. Appl..

[8]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[9]  Pasi Eronen,et al.  IKEv2 Mobility and Multihoming Protocol (MOBIKE) , 2006, RFC.

[10]  Jae-Pil Lee,et al.  The study on a convergence security service for manufacturing industries , 2013, Telecommun. Syst..

[11]  S. W. Depp,et al.  Technology directions for portable computers , 1995, Proc. IEEE.

[12]  Stuart J. Barnes,et al.  Mobile banking: concept and potential , 2003, Int. J. Mob. Commun..

[13]  Jianxin Li,et al.  HiTrust: building cross-organizational trust relationship based on a hybrid negotiation tree , 2013, Telecommun. Syst..

[14]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[15]  David L. Black,et al.  Using Authenticated Encryption Algorithms with the Encrypted Payload of the Internet Key Exchange version 2 (IKEv2) Protocol , 2008, RFC.

[16]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.

[17]  Paul E. Hoffman,et al.  Internet Key Exchange Protocol Version 2 (IKEv2) , 2010, RFC.

[18]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[19]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.