Untraceable Identity Management Framework for Mobile Access

Author

Kao, Min-Chih ; Yeh, Yi-Shiung ; Wang, Chuan-Chi

Author_Institution

Dept. of Comput. Sci. & Inf. Eng., Nat. Chiao-Tung Univ., Hsinchu

Volume

2

fYear

2008

Firstpage

614

Lastpage

620

Abstract

Although some Extensible Authentication Protocol (EAP) methods such as EAP-TTLS (Tunneled Transport Layer Security) can hide true identity to protect the privacy of the mobile user, they cannot identify the mobile user for accounting and authorization purposes. The EAP framework lacks a mechanism to manage the relationship between true identities and pseudo identities. This study proposes an identity management framework based on the short-lived certificate so that the proposed scheme can deal with both authentication and authorization with privacy. The proposed scheme has no need of a certificate revoke scheme in which the authentication process can only occur between the mobile user and an authenticator. This greatly reduces the authentication delay. Thus, the proposed scheme can achieve both privacy and efficiency.

Keywords

authorisation; certification; cryptographic protocols; data privacy; message authentication; mobile radio; telecommunication security; authorization; extensible authentication protocol; mobile access privacy; short-lived certificate; untraceable identity management framework; Access protocols; Authentication; Authorization; Computer science; Electronic mail; Home automation; Identity management systems; Mobile computing; Privacy; Protection; Extensible authentication protocol (EAP); Privacy; Short- lived certificate;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Systems Design and Applications, 2008. ISDA '08. Eighth International Conference on

Conference_Location

Kaohsiung

Print_ISBN

978-0-7695-3382-7

Type

conf

DOI

10.1109/ISDA.2008.248

Filename

4696402