Title :
Using GSM/UMTS for single sign-on
Author :
Pashalidis, Andreas ; Mitchell, Chris
Author_Institution :
Inf. Security Group, R. Holloway Univ. of London, Egham, UK
Abstract :
At present, network users have to remember a user-name and a corresponding password for every service with which they are registered. Single sign-on (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users authenticate themselves only once to an entity termed the ´authentication service provider´ (ASP) and subsequently use disparate service providers (SPs) without re-authenticating. The information about the user´s authentication status is handled between the ASP and the desired SP in a manner transparent to the user. We propose an SSO protocol where a GSM or UMTS operator plays the role of the ASP and by which its subscribers can be authenticated to SPs without any user interaction and in a way that preserves the user´s privacy and mobility. The protocol requires only minimal changes to the deployed GSM infrastructure.
Keywords :
3G mobile communication; authorisation; cellular radio; data privacy; mobile computing; protocols; telecommunication security; GSM; Liberty Alliance; UMTS; authentication service provider; network users; password; single sign-on protocol; user-name; 3G mobile communication; Application specific processors; Authentication; Computer security; Electronic mail; GSM; Information security; Privacy; Protection; Protocols;
Conference_Titel :
Mobile Future and Symposium on Trends in Communications, 2003. SympoTIC '03. Joint First Workshop on
Print_ISBN :
0-7803-7993-4
DOI :
10.1109/TIC.2003.1249107
