An experimental study of a business domain independent application level and Internet access authentication and authorization concept

Author

Huber, Rainer ; Jordan, Norbert

Author_Institution

Inst. of Broadband Commun., Vienna Univ. of Technol., Austria

fYear

2005

Firstpage

35

Lastpage

41

Abstract

The movement of many business domains towards offering services via the Internet demands for convergent and extensible AAA (authentication, authorization and accounting) concepts. This paper introduces a convergent access and application level AAA framework that ports the concepts of IEEE 802.1x and EAP to the application layer and utilizes SOAP as the transport medium for EAP messages. The requirements for the mobile network operator domain have been analyzed and as a proof of concept, an Internet shop application has also been implemented. It supports secure payment via EAP-SIM by utilizing the developed AAA framework. In addition, the integration into an IEEE 802.11i reference environment is described and EAP-SIM AAA characteristics on the WLAN access level have been investigated.

Keywords

Internet; access protocols; authorisation; electronic commerce; message authentication; retail data processing; wireless LAN; EAP-SIM; IEEE 802.11i reference environment; Internet shop application; SOAP; WLAN access level; authorization; message authentication; mobile network operator domain; secure payment; Application software; Authentication; Authorization; Broadband communication; Business communication; IP networks; Simple object access protocol; Telecommunication control; Web and internet services; Wireless LAN;

fLanguage

English

Publisher

ieee

Conference_Titel

Mobile Business, 2005. ICMB 2005. International Conference on

Print_ISBN

0-7695-2367-6

Type

conf

DOI

10.1109/ICMB.2005.17

Filename

1493585