Design and Implementation of Mobile Security Access System (MSAS) Based on SSL VPN

With the rapid development of mobile networks technology and popularization of mobile device, people can access Internet by mobile device and wireless connection covering the entire mobile communication network (GSM/GPRS/CDMA/3G/802.11etc) at any moment. Business system based on mobile network has been becoming hotspot. Compare with traditional business system, the security risk of business system based on mobile network is more popular and grave. However, the traditional mobile communication technology does not provide the security services such as authentication, confidentiality, and integrity etc. To solve this security problem, in this paper, we designed and implemented a mobile security access system (MSAS) using SSL VPN, CA and smart card technology. It establishes a complete authentication mechanism based on smart card and X. 509 certificates, and uses SSL VPN tunnel to protect the security of a message transmission on the Internet and mobile communication network. It will help some commercial companies and government authorities, who need confidential information transmitted over the air, such as banks providing mobile bank service, policemen exchanging data of criminals, etc, to build secure communications channel, and some secure business system based on fixed-IP network extend to mobile network.