Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Purchase Benefits
What is included with this book?
Silke Holtmanns, Nokia Research Center, Helsinki, Finland is a Researcher in?the at Nokia Research Center (NRC) Helsinki in the Trustworthy Communications and Identities Team of the Internet Core Technology Center. She joined NRC in 2004 in the?Mobile Computer Human-Interaction Competence Area and the Software and Applications Technology Lab. Prior to joining Nokia, she worked at Ericsson Research Department - Service Networks and Applications Technology.
Valtteri Niemi, Nokia Research Center, Helsinki, Finland is a Research Team Leader at NRC and a part-time professor at the University of Turku
Philip Ginzboorg, Nokia Research Center, Helsinki, Finland is a Principal Research Engineer at NRC.
Pekka Laitinen, Nokia Research Center, Helsinki, Finland is a Security Researcher at NRC.
N. Asokan, Helsinki Finland is a part-time Professor at the Helsinki University of Technology.
Preface | p. ix |
Acknowledgements | p. xi |
Introduction | p. 1 |
Authenticated Key Agreement | p. 1 |
The Challenge in Authenticated Key Agreement | p. 2 |
How to Read this Book? | p. 5 |
Reference | p. 6 |
Classical Approaches to Authentication and Key Agreement | p. 7 |
Existing Mobile Security Solutions | p. 7 |
UMTS Security Infrastructure | p. 7 |
Issues in Securing Services with Radio Layer Security | p. 14 |
General-Purpose Approaches to Authentication and Key Management | p. 16 |
Public Key Infrastructure (PKI) | p. 16 |
Passwords | p. 18 |
Kerberos | p. 19 |
Radio Layer and General Purpose Security Mechanisms | p. 19 |
Requirements for GAA | p. 20 |
References | p. 21 |
Generic Authentication Architecture | p. 23 |
Overview of Generic Authentication Architecture | p. 23 |
Rationales for Design Decisions | p. 23 |
A Bird's Eye View of GAA | p. 25 |
Foundations of GAA | p. 30 |
Architectural Elements of GAA | p. 30 |
Bootstrapping | p. 33 |
Authentication | p. 39 |
Variations of the Generic Bootstrapping Architecture | p. 41 |
GBA_ME | p. 42 |
GBA_U | p. 42 |
2G GBA | p. 47 |
Detection of Bootstrapping Variants by the NAF | p. 48 |
3GPP2 GBA | p. 54 |
Building Blocks of GAA | p. 66 |
Introduction | p. 66 |
PKI Portal | p. 72 |
HTTPS Support | p. 74 |
Key Distribution Service | p. 74 |
Key Distribution for Terminal to Remote Device Usage | p. 74 |
Key Distribution for UICC to Terminal Usage | p. 77 |
Other Architectural Issues | p. 79 |
Access Control Mechanisms in GAA | p. 79 |
Local Policy Enforcement in the BSF | p. 80 |
USS usage for NAFs | p. 81 |
Identities in GAA | p. 82 |
Identity Privacy and Unlinkability | p. 84 |
Usability and GAA | p. 84 |
Split Terminal | p. 84 |
Interoperator GAA: Using GAA Across Operator Boundaries | p. 89 |
Security Considerations of GAA | p. 91 |
Overview of 3GPP GAA Specifications | p. 96 |
References | p. 100 |
Applications Using Generic Authentication Architecture | p. 105 |
Standardized Usage Scenarios | p. 105 |
Authentication Using GAA | p. 105 |
HTTP Digest Authentication | p. 107 |
Pre-Shared Key TLS | p. 111 |
Proxy Mode Authentication | p. 112 |
Referrer Mode Authentication | p. 116 |
Broadcast Mobile TV Service | p. 119 |
Security Goals | p. 123 |
Service Architecture | p. 123 |
Message Flow Example | p. 126 |
Tracing Source of Leaked Keys | p. 130 |
Further Standardized Usage Scenarios | p. 131 |
Additional Usage Scenarios | p. 135 |
Secure Enterprise Login | p. 136 |
Personalization for Payments and Securing Public Transport Tickets | p. 138 |
Secure Messaging in Delay and Disruption-prone Environments | p. 140 |
Terminal to Terminal Security | p. 141 |
Transitive Trust in IP Multimedia Subsystems (IMS) | p. 144 |
References | p. 148 |
Guidance for Deploying GAA | p. 153 |
Integration with Application Servers | p. 153 |
Introduction | p. 153 |
Username / Password Replacement | p. 154 |
NAF Library | p. 155 |
Apache Web Server | p. 156 |
J2EE Servers | p. 157 |
Direct Usage of NAF Library | p. 158 |
Web Services Direct Usage | p. 159 |
Integration with OS Security | p. 159 |
Threats for GAA Implementations in Open Platform UEs | p. 160 |
Access Control Requirements | p. 161 |
Basic Access Control in Practice: Integration in the Series 60 Platform | p. 162 |
Extended Access Control: Design Options | p. 163 |
Other Platforms | p. 165 |
Integration with Identity Management Systems | p. 166 |
Introduction | p. 166 |
GAA Interworking with Liberty ID-FF | p. 167 |
Integration of GAA into Mobile Networks | p. 170 |
Integration of HLR into GAA | p. 170 |
Key Lifetime Setting in BSF | p. 173 |
Usage of SIM Cards in GAA (2G GBA) | p. 175 |
Charging and GAA | p. 177 |
GAA Integration into Large Networks | p. 178 |
References | p. 180 |
Future Trends | p. 183 |
Standardization Outlook | p. 183 |
GBA Push | p. 183 |
GAA User Privacy | p. 185 |
GAA in Evolved Packet Systems (EPSs) and Mobile IP (MIP) | p. 187 |
Outlook for GAA | p. 189 |
References | p. 192 |
Terminology and Abbreviations | p. 193 |
Index | p. 201 |
Table of Contents provided by Ingram. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.