Beta 1


Title Short-Lived Certicates as a Mobile Authentication Method
Author Sharma, Pranav Kumar
Supervisor Probst, Christian W. (Language-Based Technology, Department of Informatics and Mathematical Modeling, Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark)
Institution Technical University of Denmark, DTU, DK-2800 Kgs. Lyngby, Denmark
Thesis level Master's thesis
Year 2009
Abstract Convergence of mobile phones and the Internet opens up unlimited opportunities to service providers and users alike. For service providers, it offers an opportunity to deploy innovative services for a large base of users and boost revenue. For users, it brings them closer to the dream of "anytime-anywhere" services available in "all-in-one" device. However, exploiting these opportunities into real world requires an assurance to both service providers and mobile users that the services adheres to well known security models. The Public Key Infrastructure for mobile phones (mobile PKI) is emerging as enabling technology for accessing services over the Internet. Yet, authentication of service providers and users in the mobile PKI brings its own set of challenges. For example, check for certificate revocation is vital but it is resource consuming and requires connectivity. Security of the private key is central to PKI but portable nature of mobile phones exacerbate the issue. Existing practices of offline credential verification to issue a certificate restrict usability of certificates for mobile users. This thesis proposes an authentication method based on short-lived standard X.509 certificates. The objectives are to minimize need for certificate revocation checks, secure credential store and online certificate request, verification and issuance. We present an architecture for obtaining certicates online to mobile phones using existing credentials. We also provide a mechanism for secure storage and usage of credentials in mobile phones so that the mobile signatures qualify for European Telecommunication Standards. We focus on specific usage scenarios and lay down the system requirements in terms of usability, technical merits and use of open standards. After the description of the solution, we present a prototype implementation and illustrate how the usage scenarios benefit from the proposed method. We analyze and validate the solution against requirement criteria using the Goal Matrix Approach.
Series IMM-M.Sc.-2009-28
Fulltext
Original PDF ep09_28_net.pdf (1.03 MB)
Admin Creation date: 2009-06-23    Update date: 2010-08-25    Source: dtu    ID: 245323    Original MXD