New authentication method for mobile centric communications

This paper proposes a new authentication scheme for accessing contents, services and applications in both mobile device and Internet. A user first divide all the contents, services and applications in both mobile device and the Internet into four groups according to their importance: extremely confidential group (ECG) has security level SL=1, very confidential group (VCG) has SL=2, confidential group (CG) with SL=3 and free accessible group (FAG) with SL=4. If it is Internet content or service or application, the pair of username and password necessary for accessing it is put into the group. In order to access the items in the four groups, four authenticating methods are defined, which generates four active usage levels (AUL). Fingerprint plus password1 authentication generates AUL=1, which grants the right to access all four groups. Fingerprint alone generate AUL=2, which grants the right to access groups of VCG, CG and FAG. Password2 authenticating generates AUL=3, which grants right to access CG and FAG. Null authentication generates AUL=4, which is the default AUL and can only access items in FAG. Once an AUL is generated, user can not only access corresponding groups of information stored in the device but also use that mobile device to access corresponding groups of her/his Web accounts seamlessly without memorizing usernames and passwords. Whenever the user wants to access information stored in the mobile devices, or Web accounts provided by a third party, the security middleware obtains SL required to access them, compares the SL with the AUL. If the AUL is equal to or higher than the SL, the access is granted seamlessly and transparently to the user; otherwise, it asks to authenticate again to gain higher AUL, or the access is denied. After the access right to a device is granted, the user can at any time reset the AUL to 4, or the AUL can be set to 4 automatically after a predefined idle period.