The Experts below are selected from a list of 933 Experts worldwide ranked by ideXlab platform
Konstantinos Markantonakis - One of the best experts on this subject based on the ideXlab platform.
-
SSCC - Virtual World Authentication Using the Smart Card Web Server
Communications in Computer and Information Science, 2013Co-Authors: Lazaros Kyrillidis, Keith Mayes, Sheila Cobourne, Graham Hili, Konstantinos MarkantonakisAbstract:Virtual Worlds (VWs) are persistent, immersive digital environments, in which people utilise digital representation of themselves. Current management of VW Identity is very limited, and security issues arise, such as Identity theft. This paper proposes a two-factor user authentication scheme based on One Time Passwords (OTPs), exploiting a Smart Card Web Server (SCWS) hosted on the tamper-resistant Subscriber Identity Module (SIM) within the user’s mobile phone. Additionally, geolocation attributes are used to compare phone and PC locations, introducing another obstacle for an attacker. A preliminary security analysis is done on the protocol, and future work is identified.
-
NSS - Using the Smart Card Web Server in Secure Branchless Banking
Network and System Security, 2013Co-Authors: Sheila Cobourne, Keith Mayes, Konstantinos MarkantonakisAbstract:In remote areas of developing countries, the mobile phone network may be the only connection with outside organizations such as banks. SMS messages are used in branchless banking schemes such as M-PESA in Kenya, but can be vulnerable to SMS spoofing exploits. This paper proposes a branchless banking system for withdrawal, deposit and transfer transactions, using an application on the phone’s tamper-resistant Subscriber Identity Module (SIM) equipped with a Smart Card Web Server (SCWS) and public key cryptography capabilities.
-
An Architecture to Support Multiple Subscriber Identity Applications Accessing Multiple Mobile Telecommunication Access Network Systems
2008 Third International Conference on Convergence and Hybrid Information Technology, 2008Co-Authors: Lishoy Francis, Keith Mayes, Konstantinos MarkantonakisAbstract:With the advances in smart card technology it is quite possible to support more than one type of Subscriber Identity applications on the same smart card. We propose an architecture capable of hosting multi faceted Subscriber Identity applications which exploits common functions and data in a secure partitioned manner. The associated security mechanisms are also defined in order to realise its implementation on a single smart card. Our proposed architecture provides a harmonised secure authentication environment. The architecture is extensible to platforms on mobile devices and secure tokens operating across diverse access interfaces. Furthermore, we propose a set of protocols for secure communications between terminal, control module and hosted Subscriber Identity applications.
Dilip Kr. Saikia - One of the best experts on this subject based on the ideXlab platform.
-
UMTS user Identity confidentiality: An end-to-end solution
2011 Eighth International Conference on Wireless and Optical Communications Networks, 2011Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:In all mobile communication scenario, it is envisaged that user Identity remains confidential. Universal Mobile Telecommunication System (UMTS) is no exception to this. Every Mobile Station (MS) in UMTS is assigned a unique International Mobile Subscriber Identity (IMSI). If this IMSI is compromised, so will be the user Identity. There is restriction on transmission of this IMSI over radio link. Unfortunately, circumstances when such transmission happens can be created by an adversary, thereby compromising anonymity of users. In this paper, we build on our End-to-End User Identity Confidentiality (E2EUIC) solution [1], an extension to 3GPP-AKA that not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
-
WOCN - UMTS user Identity confidentiality: An end-to-end solution
2011 Eighth International Conference on Wireless and Optical Communications Networks, 2011Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:In all mobile communication scenario, it is envisaged that user Identity remains confidential. Universal Mobile Telecommunication System (UMTS) is no exception to this. Every Mobile Station (MS) in UMTS is assigned a unique International Mobile Subscriber Identity (IMSI). If this IMSI is compromised, so will be the user Identity. There is restriction on transmission of this IMSI over radio link. Unfortunately, circumstances when such transmission happens can be created by an adversary, thereby compromising anonymity of users. In this paper, we build on our End-to-End User Identity Confidentiality (E2EUIC) solution [1], an extension to 3GPP-AKA that not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
-
End-to-End User Identity Confidentiality for UMTS networks
2010 3rd International Conference on Computer Science and Information Technology, 2010Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:A standard security feature in any wireless network is user Identity confidentiality. In Universal Mobile Telecommunication System (UMTS), there are circumstances where this important security feature is compromised due to transmission of the International Mobile Subscriber Identity (IMSI) in clear-text over the radio interface. Such situations defy anonymity of users. In addition, it is assumed that there is no threat from the agents in the wired network. In this paper, we introduce End-to-End User Identity Confidentiality (E2EUIC), an extension to 3GPP-AKA which not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
Keith Mayes - One of the best experts on this subject based on the ideXlab platform.
-
SSCC - Virtual World Authentication Using the Smart Card Web Server
Communications in Computer and Information Science, 2013Co-Authors: Lazaros Kyrillidis, Keith Mayes, Sheila Cobourne, Graham Hili, Konstantinos MarkantonakisAbstract:Virtual Worlds (VWs) are persistent, immersive digital environments, in which people utilise digital representation of themselves. Current management of VW Identity is very limited, and security issues arise, such as Identity theft. This paper proposes a two-factor user authentication scheme based on One Time Passwords (OTPs), exploiting a Smart Card Web Server (SCWS) hosted on the tamper-resistant Subscriber Identity Module (SIM) within the user’s mobile phone. Additionally, geolocation attributes are used to compare phone and PC locations, introducing another obstacle for an attacker. A preliminary security analysis is done on the protocol, and future work is identified.
-
NSS - Using the Smart Card Web Server in Secure Branchless Banking
Network and System Security, 2013Co-Authors: Sheila Cobourne, Keith Mayes, Konstantinos MarkantonakisAbstract:In remote areas of developing countries, the mobile phone network may be the only connection with outside organizations such as banks. SMS messages are used in branchless banking schemes such as M-PESA in Kenya, but can be vulnerable to SMS spoofing exploits. This paper proposes a branchless banking system for withdrawal, deposit and transfer transactions, using an application on the phone’s tamper-resistant Subscriber Identity Module (SIM) equipped with a Smart Card Web Server (SCWS) and public key cryptography capabilities.
-
Considerations for mobile authentication in the Cloud
Information Security Technical Report, 2011Co-Authors: Zaheer Ahmad, Song Dong, Keith Mayes, Kostas MarkantonakisAbstract:The Cloud promises significant benefits and opportunities for key players in the mobile communication industry as well as the end users. However, along with these opportunities comes a plethora of security issues including potential attacks, Identity authentication, personal data management and privacy. There are issues with the use of legacy security mechanisms and interoperability of the various Smartphone platforms as well as the virtualisation products that are meant to assist with Smartphone security and stability. This paper first considers the general security concerns and how a Subscriber Identity Module-based security framework could be used. It goes on to introduce Smartphone virtualisation and proposes a framework for comparing product capabilities. Finally, use cases are discussed related to personal data security, including data on removable components.
-
An Architecture to Support Multiple Subscriber Identity Applications Accessing Multiple Mobile Telecommunication Access Network Systems
2008 Third International Conference on Convergence and Hybrid Information Technology, 2008Co-Authors: Lishoy Francis, Keith Mayes, Konstantinos MarkantonakisAbstract:With the advances in smart card technology it is quite possible to support more than one type of Subscriber Identity applications on the same smart card. We propose an architecture capable of hosting multi faceted Subscriber Identity applications which exploits common functions and data in a secure partitioned manner. The associated security mechanisms are also defined in order to realise its implementation on a single smart card. Our proposed architecture provides a harmonised secure authentication environment. The architecture is extensible to platforms on mobile devices and secure tokens operating across diverse access interfaces. Furthermore, we propose a set of protocols for secure communications between terminal, control module and hosted Subscriber Identity applications.
Sheila Cobourne - One of the best experts on this subject based on the ideXlab platform.
-
SSCC - Virtual World Authentication Using the Smart Card Web Server
Communications in Computer and Information Science, 2013Co-Authors: Lazaros Kyrillidis, Keith Mayes, Sheila Cobourne, Graham Hili, Konstantinos MarkantonakisAbstract:Virtual Worlds (VWs) are persistent, immersive digital environments, in which people utilise digital representation of themselves. Current management of VW Identity is very limited, and security issues arise, such as Identity theft. This paper proposes a two-factor user authentication scheme based on One Time Passwords (OTPs), exploiting a Smart Card Web Server (SCWS) hosted on the tamper-resistant Subscriber Identity Module (SIM) within the user’s mobile phone. Additionally, geolocation attributes are used to compare phone and PC locations, introducing another obstacle for an attacker. A preliminary security analysis is done on the protocol, and future work is identified.
-
NSS - Using the Smart Card Web Server in Secure Branchless Banking
Network and System Security, 2013Co-Authors: Sheila Cobourne, Keith Mayes, Konstantinos MarkantonakisAbstract:In remote areas of developing countries, the mobile phone network may be the only connection with outside organizations such as banks. SMS messages are used in branchless banking schemes such as M-PESA in Kenya, but can be vulnerable to SMS spoofing exploits. This paper proposes a branchless banking system for withdrawal, deposit and transfer transactions, using an application on the phone’s tamper-resistant Subscriber Identity Module (SIM) equipped with a Smart Card Web Server (SCWS) and public key cryptography capabilities.
-
Smart Cards, Tokens, Security and Applications, 2nd Ed. - OTA and Secure SIM Lifecycle Management
2008Co-Authors: Joos Cadonau, Danushka Jayasinghe, Sheila CobourneAbstract:In the GSM mobile communication industry, the end-user is referred to as the Subscriber and identified in the operator’s network using the Subscriber Identity Module (SIM) . In the third-generation network 3G, the equivalent application is called Universal Subscriber Identity Module (USIM ) card; although by convention we use SIM for both, unless a distinction is needed. A SIM card is a removable smart card for mobile phones. A mobile network operator is a telephone company that provides services for mobile phone Subscribers. The SIM card is a managed platform, belonging to the operator’s network. It offers to store operator specific but also Subscriber-related data. SIM cards are in use for a long time, compared to the handset and other entities in the network. Therefore, SIM card data—operator or Subscriber dependent—changes over time and needs Over-the-Air (OTA) management. Customers cannot be asked to visit an operator shop for data management; Over-the-Air updates using the SMS as a bearer are the only possibility for mass updates. This implies certain security requirements which are specified in the 3GPP/ETSI standards. Also, the current bandwidth offered by SMS limits the range of possible adaptations and requires the mobile network operator to have a flexible Over-the-Air system, adapted to their needs. The Over-the-Air management is only one stage of the SIM life cycle. To be able to launch new services during the life cycle of a SIM card, the whole SIM life cycle has to be planned carefully. There exist systems that support the operator in knowing in real time the status of a SIM card in all phases of the SIM life cycle.
Hiten Choudhury - One of the best experts on this subject based on the ideXlab platform.
-
UMTS user Identity confidentiality: An end-to-end solution
2011 Eighth International Conference on Wireless and Optical Communications Networks, 2011Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:In all mobile communication scenario, it is envisaged that user Identity remains confidential. Universal Mobile Telecommunication System (UMTS) is no exception to this. Every Mobile Station (MS) in UMTS is assigned a unique International Mobile Subscriber Identity (IMSI). If this IMSI is compromised, so will be the user Identity. There is restriction on transmission of this IMSI over radio link. Unfortunately, circumstances when such transmission happens can be created by an adversary, thereby compromising anonymity of users. In this paper, we build on our End-to-End User Identity Confidentiality (E2EUIC) solution [1], an extension to 3GPP-AKA that not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
-
WOCN - UMTS user Identity confidentiality: An end-to-end solution
2011 Eighth International Conference on Wireless and Optical Communications Networks, 2011Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:In all mobile communication scenario, it is envisaged that user Identity remains confidential. Universal Mobile Telecommunication System (UMTS) is no exception to this. Every Mobile Station (MS) in UMTS is assigned a unique International Mobile Subscriber Identity (IMSI). If this IMSI is compromised, so will be the user Identity. There is restriction on transmission of this IMSI over radio link. Unfortunately, circumstances when such transmission happens can be created by an adversary, thereby compromising anonymity of users. In this paper, we build on our End-to-End User Identity Confidentiality (E2EUIC) solution [1], an extension to 3GPP-AKA that not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
-
End-to-End User Identity Confidentiality for UMTS networks
2010 3rd International Conference on Computer Science and Information Technology, 2010Co-Authors: Hiten Choudhury, Basav Roychoudhury, Dilip Kr. SaikiaAbstract:A standard security feature in any wireless network is user Identity confidentiality. In Universal Mobile Telecommunication System (UMTS), there are circumstances where this important security feature is compromised due to transmission of the International Mobile Subscriber Identity (IMSI) in clear-text over the radio interface. Such situations defy anonymity of users. In addition, it is assumed that there is no threat from the agents in the wired network. In this paper, we introduce End-to-End User Identity Confidentiality (E2EUIC), an extension to 3GPP-AKA which not only takes care of Identity confidentiality vulnerability over the wireless link, but goes one step ahead to ensure the same over the wired network as well.
