Mobile identity in network
Transcript of Mobile identity in network
1
Hochiminh City University of TechnologyFaculty of Computer Science and Engineering
Mobile Identity
Present:Nguyen Thi Thuy Loan
2
OUTLINE
• Introduction• Mobile identity authentication• Mobile Identity Management• Q&A
3
Introduction
• Mobile devices– Mobile phones– Smart cards– RFIDs
4
Introduction
• Elements of a mobile identity– Information describe a mobile user’s identity.– Technical access to components of a mobile
identity.– Third parties and exchange information.
5
Introduction
• User Identity– Something I know • username, password or PIN
6
Introduction
• User Identity– Something I know – Something I have • SIM card and mobile device
7
Introduction
• User Identity– Something I know – Something I have – Something I am • location, behavioural profile or biometric parameter
8
Mobile identity authentication
• SIM card:– Tampered resistant module providing strong
authentication to Internet applications and services.
9
Mobile identity authentication
• SIM card:– Include: • International Mobile Subscriber Identity• strong encryption functions
10
Mobile identity authentication
• SIM card:– GSM authentication• Random challenge: RAND• 64-bit session key Kc 128-bit• Response value SRES
11
Mobile identity authentication
• Mobile Digital Signature– Proving your real-world identity to third parties.– Making a legally-binding commitment by sending
a confirmed message to another party.– Solve security problems of the online world with
identity confirmation
12
Mobile identity authentication
• Use RSA private key in SIM card.
13
Mobile Identity Management
• GSM-based Mobile Identity Management– Profile management• the information may be encrypted before it is stored on
the device or transmitted to the network operator.
14
Mobile Identity Management
• GSM-based Mobile Identity Management– Profile management– Exchanging mobile identities• The current legal landscape already limits the way of
how to reveal mobile identity information.
15
Mobile Identity Management
• GSM-based Mobile Identity Management– Profile management– Exchanging mobile identities– Applications for mobile identities• marketing service, disaster service.
16
Mobile Identity Management
• Mobile Identity Management System Target:– Easy identity management & application access– Secure and controlled mobile authentication– Works with native and web based mobile apps
17
Mobile Identity Management
• Mobile Identity Management System
18
Mobile Identity Management
• Authentication in Mobile Identity Management System– 3-factor authentication• Smart cards that store a biometric matching template• Smart cards store the biometric matching template and
the matching algorithm on the card• Tokens provide the full biometric authentication
process (sensors, feature extraction to acquire a query template from the biometric measurement
19
Q&A