Author(s):
Marko Schuba, Volker Gerstenberger, Paul Lahaije Nordsec 2004

IEEE Communications Magazine, Sep.2004, Vol. 42, No. 9

Download document:
Internet ID - Flexible Re-use of Mobile Phone Authentication Security for Service Access. (pdf)

Abstract:
Identity management systems like .NET Passport and the Liberty Alliance Project allow for different forms of authentication to be used. Although simple username and password schemes are very commonly used, these are not considered to be very secure. This paper describes the Internet ID approach for user authentication in identity management systems. The approach utilizes the huge existing base and high security of SIM smart cards in mobile phones to authenticate end users in Liberty Alliance based systems. The Internet ID approach is applicable to both the mobile and fixed Internet worlds, i.e. services can be accessed via a mobile terminal or via a PC. Authentication is, in both cases, done via the mobile phone and its SIM card, combining the security of the SIM with the "always on" capability and convenience of the mobile phone.

Notice:
Copyright 2004 IEEE. Reprinted from 2004. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Ericsson's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.

In order to read PDF files, you need to have Adobe® Acrobat® Reader® installed in your computer. You can download the latest Acrobat® Reader® for free  from Adobe's website.