Delivering Attribute Certificates over GPRS

Attribute Certificates (ACs) have been developed and standardized by the ANSI X9 committee as an alternative and better approach, to X.509 public key certificates, for carrying authorization information. Attribute Authorities (AA) bind the characteristics of an entity (called attributes) to that entity by signing the appropriate AC. Therefore, ACs can be used for controlling access to system resources and employing role-based authorization and access controls policies accordingly. Although ACs are widely used and standardized, to the best of our knowledge, no mobile infrastructure or service currently utilizes them. In this paper, we first examine how basic Public Key Infrastructure (PKI) can be incorporated into mobile networks and especially the Universal Mobile Telecommunications System (UMTS). As a case study, we then experiment with ACs in the GPRS network, using a prototype implementation. In particular, we investigate and measure the performance in terms of service and transfer times when ACs are introduced in the mobile environment. Our measurements show that ACs technology not only is feasible to implement in present and future mobile networks, but at the same time can deliver flexible and relatively fast services to the subscribers, without compromising security.