Abstract
To access services on the Web, users need quite often to have accounts, i.e. user names and passwords. This becomes a problem when the number of accounts keeps increasing at the same time password is a very weak form of authentication exposing the users to fraud and abuses. To address both mentioned issues we propose a Mobile Universal identity, which by combining Internet identifiers with mobile identifiers is capable of delivering strong authentication for Internet services. By introducing an identity provider, the solution enables the user to employ the Mobile Universal identity for multiple service providers. By federation with other identities, Mobile Universal identity can be used with service providers worldwide.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
3rd Generation Partnership Project: 3GPP TS 33.220 V8.2.0 (2007-12) Technical Specification Group Services and System Aspects; Generic Authentication Architecture (GAA) Generic bootstrapping architecture (Release 8)
Van Thanh, D., Jønvik, T., Van Thuan, D., Jørstad, I.: Enhancing internet service security using GSM SIM authentication. In: Proceedings of the IEEE Globecom 2006 Conference, San Francisco, USA, November 27, December 1, 2006. ISBN 1-4244-0357-X
Van Thanh, D., Jønvik, T., Feng, B., Van Thuan, D., Jørstad, I.: Simple strong authentication for internet applications using mobile phones. In: Proceedings of IEEE Global Communications Conference (IEEE GLOBECOM 2008), New Orleans, LA, USA, November 30, December 4, 2008. ISBN 978-1-4244-2324-8
Facebook Inc.: Facebook login. https://developers.facebook.com/docs/facebook-login/
Google: Google account. https://developers.google.com/+/features/sign-in
Twitter. https://twitter.com/
EMC2. http://www.emc.com/security/rsa-securid/rsa-securid-software-authenticators.htm
3rd Generation Partnership Project: 3GPP TS 11.11 V6.0.0 (1998-04); Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) Interface (Release 97)
NIST: National Institute of Standards and Technology. Special Publication 800-63 Version 1.0.2 Electronic Authentication Guideline, April 2006
T. Wason, et al., Liberty ID-FF Architecture Overview: Version: 1.2-errata-v1.0. Liberty Alliance Project (2005)
OpenId. http://openid.net/
oAuth. http://oauth.net/
The Internet Engineering Task Force: Network Working Group, Haverinen, H., Salowey, J.: EAP-SIM Authentication. RFC 4186, IETF, January 2006
The Internet Engineering Task Force: Network Working Group. RFC 4187 Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)
ETSI TS 100 974 V7.15.0 (2004-03). Digital cellular telecommunications system (Phase 2+); Mobile Application Part (MAP) specification - (3GPP TS 09.02 version 7.15.0 Release 1998
Open Mobile Alliance (OMA): Wireless Application Protocol Architecture Specification - WAP Architecture Version, April 30, 1998
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
van Thanhe, D., Jørstad, I., van Thuan, D. (2015). Strong Authentication for Web Services with Mobile Universal Identity. In: Younas, M., Awan, I., Mecella, M. (eds) Mobile Web and Intelligent Information Systems. MobiWIS 2015. Lecture Notes in Computer Science(), vol 9228. Springer, Cham. https://doi.org/10.1007/978-3-319-23144-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-23144-0_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23143-3
Online ISBN: 978-3-319-23144-0
eBook Packages: Computer ScienceComputer Science (R0)