SSL and TLS: designing and building secure systems
SSL and TLS: designing and building secure systems
Proxy-based security protocols in networked mobile devices
Proceedings of the 2002 ACM symposium on Applied computing
Network Security with Openssl
Wireless IP and Building the Mobile Internet
Wireless IP and Building the Mobile Internet
IEEE Internet Computing
Analyzing the energy consumption of security protocols
Proceedings of the 2003 international symposium on Low power electronics and design
Securing electronic commerce: reducing the SSL overhead
IEEE Network: The Magazine of Global Internetworking
An all-IP approach for UMTS third-generation mobile networks
IEEE Network: The Magazine of Global Internetworking
PKI-based secure mobile access to electronic health services and data
Technology and Health Care
A USIM-based uniform access authentication framework in mobile communication
EURASIP Journal on Wireless Communications and Networking - Special issue on security and resilience for smart devices and applications
Application-binding protocol in the user centric smart card ownership model
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
| Hi-index | 0.00 |
The SSL/TLS protocol is a de-facto standard that has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future heterogeneous wireless environments. In this paper, we propose potential solutions that this protocol can offer to future “all-IP” heterogeneous mobile networks with particular emphasis on the user's side. Our approach takes into consideration the necessary underlying public key infrastructure (PKI) to be incorporated in future 3G core network versions and is under investigation by 3GPP. We focus on the standard 3G+ authentication and key agreement (AKA), as well as the recently standardized extensible authentication protocol (EAP)-AKA procedures and claim that SSL-based AKA mechanisms can provide for an alternative, more robust, flexible and scalable security framework. In this 3G+ environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespectively of the underlying network technology. We conducted a plethora of experiments concentrating on the SSL's handshake protocol performance, as this protocol contains demanding public key operations, which are considered heavy for mobile devices. We gathered measurements over the GPRS and IEEE802.11b networks, using prototype implementations, different test beds and considering battery consumption. The results showed that the expected high data rates on one hand, and protocol optimisations on the other hand, can make SSL-based authentication a realistic solution in terms of service time for future mobile systems.