Vis enkel innførsel

Mobile Supplicant for SIM Authentication

dc.contributor.advisorDo, Van Thanhnb_NO
dc.contributor.advisorJørstad, Ivarnb_NO
dc.contributor.authorHolje, Håvardnb_NO
dc.date.accessioned2014-12-19T14:12:07Z
dc.date.available2014-12-19T14:12:07Z
dc.date.created2010-09-03nb_NO
dc.date.issued2007nb_NO
dc.identifier347496nb_NO
dc.identifierntnudaim:3383nb_NO
dc.identifier.urihttp://hdl.handle.net/11250/261686
dc.description.abstractThis Master’s thesis proposes a solution for utilizing the GSM SIM to authenticate users to distributed services accessed through the mobile terminal. By combining the GSM SIM authentication mechanisms with the EAP-SIM framework we achieve mutual authentication between the parties. By combining the fact that the GSM SIM is a tamper resistant Smart Card, and that users have to present a valid PIN to activate the system, we have also achieved strong two-factor authentication that fulfils the highest security level defined by NIST. The proposed system is secure, easy to use and inexpensive, because most of the components needed already exist in the GSM network today. Existing strong user authentication systems for mobile handsets require several devices to be able to offer secure services. The proposed system only requires one device, namely the mobile handset which the user is carrying anyway. The only user interaction required is typing the PIN. The authors’ major contribution to the proposed system is the Supplicant, residing on the mobile handset and communicating with the SIM through the SATSA-APDU interface. By running the Supplicant as a local proxy on the mobile handset, it is able to communicate with all kinds of client applications supporting HTTP, e.g. mobile browsers, J2ME MIDlets and native applications. A prototype implementing several of the components in the proposed system has been developed. Unfortunately, due to several reasons, the prototype cannot be deployed on a real mobile handset today’s date. We are missing the necessarily certificate required to get access to the SIM and neither of today’s mobile handsets support all the functionality needed. However, the prototype has been implemented successfully on a PC running the Wireless Toolkit from Sun, which simulates the SIM environment. Based on results from this thesis, the author has written the paper "A Unified Authentication Solution for Mobile Services". The paper was accepted and published on the ERCIM workshop on eMobility in Coimbra, Portugal, on May 2007.nb_NO
dc.languageengnb_NO
dc.publisherInstitutt for telematikknb_NO
dc.subjectntnudaimno_NO
dc.subjectSIE7 kommunikasjonsteknologino_NO
dc.subjectTelematikkno_NO
dc.titleMobile Supplicant for SIM Authenticationnb_NO
dc.typeMaster thesisnb_NO
dc.source.pagenumber145nb_NO
dc.contributor.departmentNorges teknisk-naturvitenskapelige universitet, Fakultet for informasjonsteknologi, matematikk og elektroteknikk, Institutt for telematikknb_NO


Tilhørende fil(er)

Thumbnail
Filnavn:
347496_FULLTEXT01.pdf
Størrelse:
1.476Mb
Format:
PDF
Åpne
Thumbnail
Filnavn:
347496_COVER01.pdf
Størrelse:
67.61Kb
Format:
PDF
Åpne
Thumbnail
Filnavn:
347496_ATTACHMENT01.zip
Størrelse:
785.5Kb
Format:
Ukjent
Åpne

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel