Extending cellular authentication as a service

Laitinen, Pekka; Ginzboorg, Philip; Asokan, N.; Holtmanns, Silke; Niemi, Valtteri

doi:10.1049/ic:20050605

Cited by 12 publications

(11 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Laitinen et al [1] describes the many desirable advantages offered by GAA to the end users: they do not have to create and remember new credentials every time they sing up to a new service, and they can avoid the management of several credentials to different services. They can also easily change UE they are using by, for example, switching the SIM card from a cellular phone to another.…”

Section: Resultsmentioning

confidence: 99%

“…The existence of several credentials is a problem not only because it is inconvenient for the user to manage them, but also because provisioning these credentials to the users is expensive for the operators and other service providers, and it requires effort from the users as well. [1] For example, a third-party WWW-based service provider might send credentials via e-mail to the user and ask him to change the password as soon as possible. This, of course, is not very secure, and requires the user to choose a good password and also to remember it.…”

Section: Introductionmentioning

confidence: 99%

“…The main idea is that GAA is an authentication service provided by the cellular network operator which allows the client and the service to authenticate each other. [1] However, GAA does not provide a Single Sign On service, just the shared secrets for the both parties.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Generic Authentication Architecture

2008

Cellular Authentication

View full text Add to dashboard Cite

Nowadays, the owners of modern mobile phones are able to use a vast amount of different services, most of them requiring some kind of authentication. Until now, the user had to manage with different credentials manually, which can become a considerable nuisance, when the amount of used services grows. Also, this hassle with the credentials can also create security problems, for example, as the users use the same, weak passwords over and over again for different services. Also, if the service providers should provide all the necessary credentials to the users, it would be very expensive.The Generic Authentication Architecture (GAA) is 3GPP's solution to the aforementioned problems. It provides fresh key material for clients and servers that require shared secret based authentication, and signs certificates for those applications which require asymmetric authentication. The users' equipments authenticate themselves to the operator's GAA service by existing 3G or 2G authentication protocols, and in the process receive new keys. Also the services, which the users want to use, are able to fetch them from GAA. This way the clients and servers are able to share secrets.In addition to other services, the method described above can also be used to authenticate clients to a public key infrastructure, which can then be asked to sign certificates for the client's public key(s).GAA obviously eases the use of different services for users, but also creates new business possibilities for the operators and service providers. However, there are also problems: the operator might not be trustworthy to authenticate everything, for example electronic voting or banking. Also, the operator is able to bill from authenticating to other providers' services, which increases clients' costs.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Generic Authentication Architecture

2008

Cellular Authentication

View full text Add to dashboard Cite

show abstract

“…"Data Mining Models as a Service (E)" (2000), Sarawagi and Nagaralu [77] proposed it to cover Document Classification service, Collaborative Filtering Service, and Risk Prediction service. "Authentication as a Service (E)" (2005), Laitinen et al [57] leveraged authentication from a communication infrastructure to a service provision in Cellular Network. Similarly Lakshminarayanan et al [58] proposed "Routing as a Service (E)" (2006) to leverage specialized route computation as a service.…”

Section: Network Servicesmentioning

confidence: 99%

Sorting Terms of “aaS” of Everything as a Service

Duan¹,

Sun²,

Longo³

et al. 2016

IJNDC

View full text Add to dashboard Cite

Numerous service models have been proposed in the form of "as a Service" or "aaS" in the past. This is especially eminent in the era of the Cloud under the term of anything as a service or everything as a service(XaaS). A unified view of XaaS can aid efficient classification of services for service registration, discovery, and composition. In view of that there lacks such a unified view which is demanded by systematic application of XaaS in the Web Service Ecosystem, towards proposing a taxonomy of "aaS", we present in this work a collection of "aaS" based on a throughout literature survey. We also proposed a strategy to identify the terms from the servicelization perspective.

show abstract

“…The CA is used to establish trust in the network and each mobile device stores its own public key certificate, signed by the CA. Each mobile device user A has a cellular account, which uniquely identifies it during its operation [1,15]. We denote the unique identifier of A with Id(A).…”

Section: System Modelmentioning

confidence: 99%