Mobile identity in network

19
Hochiminh City University of Technology Faculty of Computer Science and Engineering Mobile Identity Present: Nguyen Thi Thuy Loan 1

Transcript of Mobile identity in network

Page 1: Mobile identity in network

1

Hochiminh City University of TechnologyFaculty of Computer Science and Engineering

Mobile Identity

Present:Nguyen Thi Thuy Loan

Page 2: Mobile identity in network

2

OUTLINE

• Introduction• Mobile identity authentication• Mobile Identity Management• Q&A

Page 3: Mobile identity in network

3

Introduction

• Mobile devices– Mobile phones– Smart cards– RFIDs

Page 4: Mobile identity in network

4

Introduction

• Elements of a mobile identity– Information describe a mobile user’s identity.– Technical access to components of a mobile

identity.– Third parties and exchange information.

Page 5: Mobile identity in network

5

Introduction

• User Identity– Something I know • username, password or PIN

Page 6: Mobile identity in network

6

Introduction

• User Identity– Something I know – Something I have • SIM card and mobile device

Page 7: Mobile identity in network

7

Introduction

• User Identity– Something I know – Something I have – Something I am • location, behavioural profile or biometric parameter

Page 8: Mobile identity in network

8

Mobile identity authentication

• SIM card:– Tampered resistant module providing strong

authentication to Internet applications and services.

Page 9: Mobile identity in network

9

Mobile identity authentication

• SIM card:– Include: • International Mobile Subscriber Identity• strong encryption functions

Page 10: Mobile identity in network

10

Mobile identity authentication

• SIM card:– GSM authentication• Random challenge: RAND• 64-bit session key Kc 128-bit• Response value SRES

Page 11: Mobile identity in network

11

Mobile identity authentication

• Mobile Digital Signature– Proving your real-world identity to third parties.– Making a legally-binding commitment by sending

a confirmed message to another party.– Solve security problems of the online world with

identity confirmation

Page 12: Mobile identity in network

12

Mobile identity authentication

• Use RSA private key in SIM card.

Page 13: Mobile identity in network

13

Mobile Identity Management

• GSM-based Mobile Identity Management– Profile management• the information may be encrypted before it is stored on

the device or transmitted to the network operator.

Page 14: Mobile identity in network

14

Mobile Identity Management

• GSM-based Mobile Identity Management– Profile management– Exchanging mobile identities• The current legal landscape already limits the way of

how to reveal mobile identity information.

Page 15: Mobile identity in network

15

Mobile Identity Management

• GSM-based Mobile Identity Management– Profile management– Exchanging mobile identities– Applications for mobile identities• marketing service, disaster service.

Page 16: Mobile identity in network

16

Mobile Identity Management

• Mobile Identity Management System Target:– Easy identity management & application access– Secure and controlled mobile authentication– Works with native and web based mobile apps

Page 17: Mobile identity in network

17

Mobile Identity Management

• Mobile Identity Management System

Page 18: Mobile identity in network

18

Mobile Identity Management

• Authentication in Mobile Identity Management System– 3-factor authentication• Smart cards that store a biometric matching template• Smart cards store the biometric matching template and

the matching algorithm on the card• Tokens provide the full biometric authentication

process (sensors, feature extraction to acquire a query template from the biometric measurement

Page 19: Mobile identity in network

19

Q&A