Abstract
In this paper we show how mobile devices can be used as authentication tokens. We highlight the prerequisites such as mobile device security and mobile communication security. We elaborate on already existing solutions and on what issues in the context of security remain to be addressed. Beside the comprehensive overview, our main contribution is to explain how the different characteristics of wireless communication can be abstracted. Based on this abstraction an implementation of mobile authentication is transparent both to the application programmer and to the end users.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35612-9_23
Chapter PDF
Similar content being viewed by others
Key words
References
Bluetooth SIG Home page, http://www.bluetooth.org, last accessed on March 6, 2002.
Borisov, Goldberg, Wagner, Intercepting Mobile Communications: The Insecurity of 802.11, http://www.isaac.cs.berkely.edu/isaac/mobicom.pdf, last accessed on March 6, 2002.
Eckert, Mobile Devices in E-Business — New Opportunities and New Risks, Proceedings of SIS 2000, Zurich, 2000.
Ghosh, K.A., and Swaminatha, T.M. Software security and privacy risks in mobile e-commerce, Communications of the ACM, Volume 44 (2), Feb 2001, pp 51–57
Hansmann, Merk, Nicklous, Stober, Pervasive Computing-Handbook, Springer Verlag, 2001.
The Infrared Data Association, http://www.irda.org, accessed March 6, 2002.
Kelly, Chair of IEEE 802.11 Responds to WEP Security Flaws, February 15, 2001, http://slashdot.org/articles/01/02/15/1745204.shtml, last accessed on March 6, 2002.
Securing the handheld environment — An enterprise Perspective, White Paper, Microsoft, 2001, http://www.microsoft.com/mobile/enterprise/papers/security.asp (last visited Feb 19, 2002);
Pocket PC Security, White Paper, Palm, 2001, http://www.palm.com/enterprise/resources/securing/index.html (last visited Feb 19, 2002);
Mc Daid, Bluetooth Security, Parts 1, 2, and 3, http://www.palowireless.com/bluearticle/ccl_securityl. asp, http://www.palowireless.com/bluearticle/ccl_security2. asp, http://www.palowireless.com/bluearticle/cc1_security3.asp, last accessed on March 6, 2002.
Pesonen L., GSM Interception, Helsinki University of Technology, Dpt. Of Computer Science and Engineering, November 21, 1999, last accessed on March 6, 2002.
RSA Security Inc., http://www.rsa.com, last accessed on March 6, 2002.
Robert E. Mahan, Security in Wireless Networks, SANS Institue, http://rr.sans.org/wireless/wireless_net3.php, last visited:March 6, 2002.
Sandhu R.S., Samarati P. Authentication, Access Control, and Audit. ACM Computing Surveys, Vol. 28, No. 1, March 1996.
Gruber, Wolfmaier, State of the Art in Wireless Communication, Technical Report SCCH-TR-0171, Software Competence Center Hagenberg, http://www.scch.at, 2001.
Sutherland, Bluetooth Security: An Oxymoren?, http://www.mcommercetimes.com/Technology/41, last accessed on March 6, 2002.
Vainio J., Bluetooth Security, May 25, 2000, http://www.niksula.cs.hutfil~jiitv/bluesec.html, last accessed on March 6, 2002.
Walke, Mobilfunknetze und ihre Protokolle — Band 1, B. G. Teubner Verlag, Stuttgart, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Weippl, E., Essmayr, W., Gruber, F., Stockner, W., Trenker, T. (2002). Towards Authentication Using Mobile Devices. In: Jerman-Blažič, B., Klobučar, T. (eds) Advanced Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 100. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35612-9_8
Download citation
DOI: https://doi.org/10.1007/978-0-387-35612-9_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4405-7
Online ISBN: 978-0-387-35612-9
eBook Packages: Springer Book Archive