Abstract
In order to spread the scale of the mobile device market rapidly, mobile office applications have been introduced that can be process office work anytime, anywhere. However, the mobile office is vulnerable to several security threats that can occur over wireless networks, which can result in illegal enterprise information access and disclosure because of the openness and portability of the mobile device. Therefore, the mobile office environment must prevent unauthorized service and resource access, and a user authentication scheme is needed to mitigate the potential security vulnerabilities. In this paper, we propose a USIM-based secure user authentication scheme for a mobile office environment. The proposed scheme uses the USIM to securely share secret information for authentication between the mobile user and the server, and the mobile device can perform re-authentication to the server through the re-authentication phase in the event of handover. Moreover, the proposed authentication scheme is specified using Casper and is verified the security using the CasperFDR and FDR tool.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Formal Systems Ltd (1999) FDR2 user manual
Hoare CAR (1985) Communicationg sequential processes. Prentice-Hall
Jhee E-W and Lee S-H (2011) “The Security Improvement of Mobile Office System through the USIM-based User Authentication”. The 2015 Spring Conference of the KIPS. pp. 982–985
Jiang Y, Li G and Hu A (2010) “Mobile office security technology for WLAN”. 2010 International Conference on Multimedia Information Networking and Security. pp. 795–798
Korea Communications Commission (2012) Korea Internet & Security Agency, Information security rules for introduction and operation of secure mobile office
Lee J, Lee Y, Kim S-C (2013) A white-list based security architecture (WLSA) for the safe mobile office in the BYOD era. Grid Pervasive Comput 7681:860–865
Lee JD, Park JS, Park JH (2013) Study on wireless intrusion prevention system for mobile office. Inf TechnolConvergence 253:495–500
Lowe G (1997) “Casper: A Compiler for the Analysis of Security Protocols”. Proceedings 10th Computer Security Foundations Workshop, pp. 18–30
Ministry of Science (2013) ICT and Future Planning, Korea Internet & Security Agency, Information security guide of mobile office
Tian H, Liu D, Lin J and Jin Y (2010) “What drives mobile office service? A revised technology acceptance model based on the characteristics of Wireless mobile office technology”. 2010 International Conference of Information Science and Management Engineering. pp. 166–170
Yim S, Shin M (2014) Effects of system quality and information quality on the use and job performance of an enterprise mobility solution for a mobile office with a consideration of task mobility and task interdependence as control variables. Asia Pac J Inf Syst 24(2):115–140
Yoon S (2013) “Security issue of mobile office”. Int Secur Focus. pp. 69–84
Yoon S, Yoo HS, Lee Y (2013) A study on the reinforcement of security for mobile office. Res Notes Inf Sci 4:567–571
Zhiyu Y, Linwei Z, Wenna L (2009) “Study on security strategy of wireless mobile office system”. 2009 First International Workshop on Education Technology and Computer Science. pp. 495–498
Acknowledgments
This work was supported by the ICT R&D program of MSIP/IITP, Republic of Korea. [13-912-06-003, Development of Mobile S/W Security Testing Tools for Detecting New Vulnerabilities of Android]
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kim, JS., Kwak, J. Design of USIM-based secure user authentication scheme in a mobile office environment. Multimed Tools Appl 75, 14541–14556 (2016). https://doi.org/10.1007/s11042-015-2869-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-015-2869-x