In the current study we present a system that is
capable to deliver proxy based differentiated service. It will help the
carrier service node to sell a prepaid service to clients and limit the
use to a particular mobile device or devices for a certain time. The
system includes software and hardware architecture for a mobile
device with moderate computational power, and a secure protocol for
communication between it and its carrier service node. On the
carrier service node a proxy runs on a centralized server to be
capable of implementing cryptographic algorithms, while the mobile
device contains a simple embedded processor capable of executing
simple algorithms. One prerequisite is needed for the system to run
efficiently that is a presence of Global Trusted Verification Authority
(GTVA) which is equivalent to certifying authority in IP networks.
This system appears to be of great interest for many commercial
transactions, business to business electronic and mobile commerce,
and military applications.
[1] Malan, D., Crypto for Tiny Objects, Harvard University
Computer Science Report, TR-04-04, 2004.
[2] Handschuh, H. and Paillier, P., Smart card cryptocoprocessors
for public-key cryptography, In J.-J. Quisquater
and B. Schneier, editors, LNCS, 1820, pp. 386-394. Springer-
Verlag, 2000.
[3] M. Dertouzos. The future of computing. Scientific American,
August 1999.
[4] G. Banavar, J. Beck, E. Gluzberg, J. Munson, J. Sussman,
and D. Zukowski. Challenges: An application model for
pervasive computing. In Proc. ACM MOBICOM, 2000.
[5] Patriciu, V., Marin Bica, M. and Ion Bica, I., Implementation
Issues of PKI ssTechnology, International Carpathian Control
Conference ICCC- 2002, pp. 513-518.
[6] Housley R. and Polk T., Planning for PKI, John Wiley, 2001.
[7] http://linuxdevices.com/
[8] http://www.linuxmobilealliance.org
[9] Koutsopoulou, M., at al., Charging, Accounting and Billing
Management Schemes in Mobile Telecommunication Networks
and the internet, IEEE Communication Surveys, 6, 2004, pp. 50-
58.
[10] Kim, H. and Afifi, H., Improving Mobile Authentication with
New AAA Protocols, in IEEE International Conference on
Communications 2003 (ICC-03), Anchorage, USA, 2003.
[11] Mitton, D., et al., "Authentication, Authorization, and
Accounting: Protocol Evaluation," RFC 3127, 2001.
[12] 3GPP. 3G security: Security Architecture, Technical
Specification Group Service and System Aspects, 3GPP TS
33.102 V. 3.6.0, 2000.
[13] Glass, S. et al., Mobile IP Authentication, Authorization, and
Accounting Requirements, Internet RFC2977, 2000.
[14] G.Schaefer, G., Karl, H., and Festag, "Current Approaches to
Authentication in Wireless and Mobile Communications
Networks", Technical Report TKN-01-002, Telecommunication
Networks Group, Technische Universität Berlin, 2001.
[15] M. Girault, Self-certified public keys", Advances in
Cryptology: Eurocrypt'91, LNCS 547, Springer-Verlag, 1991,
pp. 490-497.
[16] Blaze, M, Feigenbaum, J, and Lacy,J., Decentralized Trust
Management, IEEE Symposium on Security and Privacy, 1996,
pp. 164-174.
[17] Petersen, H. and Horster, P., Self-certified keys "Concepts
and Applications", In Proc. Communications and Multimedia
Security'97, pp. 102-116, Chapman & Hall, 1997.
[18] Lee, B. and Kim, K., Self-Certificate: PKI using Self-
Certified Key", Proc. of Conference on Information Security and
Cryptology 2000, Vol. 10, 2000, pp. 65-73.
[19] Cryptographic Module Security Policy, Federal Information
Processing Standards Publications, FIPS 140-1, November 2004.
[20] Technical Specification 3G Security, Security Architecture
3G TS 33.102 V. 3.2.0 from 10.1999.
[21] W. Adi, "Secured Mobile Device Identification with Multi-
Verifier", International Conference on Telecommunications
(ICT2001), 2001, pp. 289 - 292.
[22] 3GPP. Technical Specification Group Services and System
Aspects, 3GPP TR 21.905 V5.5.0, 2002.
[23] Kostiainen, K., Intuitive Security Initiation using locationlimited
channels, Master-s Thesis, HELSINKI UNIVERSITY
OF TECHNOLOGY, 2004.
[24] Gehrmann, C. Mitchell, C., and Nyberg, K., Manual
authentication for wireless devices, CryptoBytes, Vol. 7, 2004,
pp. 30-40.
[25] http://www.t-online.com/
[26] Adi, W., Al-Qayedi, A., Negm, K., Mabrouk, A., Musa, S.,
Secured Mobile Device Software Update over IP Networks,
IEEE SoutheastCon 2004, 2004, pp 271-274.
[27] Mabrouk, A., Adi, W., Gharieb, H., and Negm, K., Proxy
Based Signature with Secured Mobile Computations,
Proceedings of International Symposium of
Telecommunications-IST2003, 2003, pp. 544-546.
[28] Negm, K., Adi, W., and Abd-ElWahab, F., Secure Mobile
Code Computing Framework, WSEAS Transactions on
Information Science and Applications, Vol. 1, 2004, pp. 1411-
1416.
[1] Malan, D., Crypto for Tiny Objects, Harvard University
Computer Science Report, TR-04-04, 2004.
[2] Handschuh, H. and Paillier, P., Smart card cryptocoprocessors
for public-key cryptography, In J.-J. Quisquater
and B. Schneier, editors, LNCS, 1820, pp. 386-394. Springer-
Verlag, 2000.
[3] M. Dertouzos. The future of computing. Scientific American,
August 1999.
[4] G. Banavar, J. Beck, E. Gluzberg, J. Munson, J. Sussman,
and D. Zukowski. Challenges: An application model for
pervasive computing. In Proc. ACM MOBICOM, 2000.
[5] Patriciu, V., Marin Bica, M. and Ion Bica, I., Implementation
Issues of PKI ssTechnology, International Carpathian Control
Conference ICCC- 2002, pp. 513-518.
[6] Housley R. and Polk T., Planning for PKI, John Wiley, 2001.
[7] http://linuxdevices.com/
[8] http://www.linuxmobilealliance.org
[9] Koutsopoulou, M., at al., Charging, Accounting and Billing
Management Schemes in Mobile Telecommunication Networks
and the internet, IEEE Communication Surveys, 6, 2004, pp. 50-
58.
[10] Kim, H. and Afifi, H., Improving Mobile Authentication with
New AAA Protocols, in IEEE International Conference on
Communications 2003 (ICC-03), Anchorage, USA, 2003.
[11] Mitton, D., et al., "Authentication, Authorization, and
Accounting: Protocol Evaluation," RFC 3127, 2001.
[12] 3GPP. 3G security: Security Architecture, Technical
Specification Group Service and System Aspects, 3GPP TS
33.102 V. 3.6.0, 2000.
[13] Glass, S. et al., Mobile IP Authentication, Authorization, and
Accounting Requirements, Internet RFC2977, 2000.
[14] G.Schaefer, G., Karl, H., and Festag, "Current Approaches to
Authentication in Wireless and Mobile Communications
Networks", Technical Report TKN-01-002, Telecommunication
Networks Group, Technische Universität Berlin, 2001.
[15] M. Girault, Self-certified public keys", Advances in
Cryptology: Eurocrypt'91, LNCS 547, Springer-Verlag, 1991,
pp. 490-497.
[16] Blaze, M, Feigenbaum, J, and Lacy,J., Decentralized Trust
Management, IEEE Symposium on Security and Privacy, 1996,
pp. 164-174.
[17] Petersen, H. and Horster, P., Self-certified keys "Concepts
and Applications", In Proc. Communications and Multimedia
Security'97, pp. 102-116, Chapman & Hall, 1997.
[18] Lee, B. and Kim, K., Self-Certificate: PKI using Self-
Certified Key", Proc. of Conference on Information Security and
Cryptology 2000, Vol. 10, 2000, pp. 65-73.
[19] Cryptographic Module Security Policy, Federal Information
Processing Standards Publications, FIPS 140-1, November 2004.
[20] Technical Specification 3G Security, Security Architecture
3G TS 33.102 V. 3.2.0 from 10.1999.
[21] W. Adi, "Secured Mobile Device Identification with Multi-
Verifier", International Conference on Telecommunications
(ICT2001), 2001, pp. 289 - 292.
[22] 3GPP. Technical Specification Group Services and System
Aspects, 3GPP TR 21.905 V5.5.0, 2002.
[23] Kostiainen, K., Intuitive Security Initiation using locationlimited
channels, Master-s Thesis, HELSINKI UNIVERSITY
OF TECHNOLOGY, 2004.
[24] Gehrmann, C. Mitchell, C., and Nyberg, K., Manual
authentication for wireless devices, CryptoBytes, Vol. 7, 2004,
pp. 30-40.
[25] http://www.t-online.com/
[26] Adi, W., Al-Qayedi, A., Negm, K., Mabrouk, A., Musa, S.,
Secured Mobile Device Software Update over IP Networks,
IEEE SoutheastCon 2004, 2004, pp 271-274.
[27] Mabrouk, A., Adi, W., Gharieb, H., and Negm, K., Proxy
Based Signature with Secured Mobile Computations,
Proceedings of International Symposium of
Telecommunications-IST2003, 2003, pp. 544-546.
[28] Negm, K., Adi, W., and Abd-ElWahab, F., Secure Mobile
Code Computing Framework, WSEAS Transactions on
Information Science and Applications, Vol. 1, 2004, pp. 1411-
1416.
@article{"International Journal of Electrical, Electronic and Communication Sciences:55844", author = "W. Adi and Khaled E. A. Negm and A. Mabrouk and H. Ghraieb", title = "Authenticated Mobile Device Proxy Service", abstract = "In the current study we present a system that is
capable to deliver proxy based differentiated service. It will help the
carrier service node to sell a prepaid service to clients and limit the
use to a particular mobile device or devices for a certain time. The
system includes software and hardware architecture for a mobile
device with moderate computational power, and a secure protocol for
communication between it and its carrier service node. On the
carrier service node a proxy runs on a centralized server to be
capable of implementing cryptographic algorithms, while the mobile
device contains a simple embedded processor capable of executing
simple algorithms. One prerequisite is needed for the system to run
efficiently that is a presence of Global Trusted Verification Authority
(GTVA) which is equivalent to certifying authority in IP networks.
This system appears to be of great interest for many commercial
transactions, business to business electronic and mobile commerce,
and military applications.", keywords = "Mobile Device Security, Identity Authentication,Mobile Commerce Security.", volume = "1", number = "5", pages = "741-6", }
