A Methodology for UICCBased Security Services in Pervasive Fixed Mobile Convergence Systems - Advanced Design Approaches to Emerging Software Systems - page 192

Information Technology Reference

In-Depth Information

REFERENCES

Therefore, the hardware technologies and

management system for UICC will have to un-

dergo significant evolutions in order to provide

the completely secure UICC-based services to

the customers. Key areas of interest include

developing the secure NAND flash embedded

on UICC, IC-USB or further enhanced interface

technologies between UICC and mobile terminal

and faster on-card public key generation (such as

2048-bit RSA key pairs, etc.), and designing and

developing the management systems for UICC

and UICC-based security services (such as key

management, remote admin for SCWS, etc.)

Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., &

Levkowetz, H. (Eds.). (2004). Extensible authen-

tication protocol (EAP) - RFC 3748 . Retrieved

September 29, 2010, from http://www.ietf.org/

rfc/ rfc3748.txt

Aboba, B., Simon, D., & Eronen, P. (2008).

Extensible authentication protocol (EAP) key

management framework - RFC 5247. Retrieved

September 29, 2010, from http://www.ietf.org/

rfc/ rfc5247.txt

Adams, C., & Farrell, S. Kause., & Mononen, T.

(2005). Internet X.509 public key infrastructure

certificate management protocol (CMP) - RFC

4210 . Retrieved March 29, 2010, from http://

www.ietf.org/ rfc/ rfc4210.txt

CONCLUSION

This chapter presents the basic and inherent se-

curity characteristics of the UICC and the current

practices for the UICC-based security services

such as banking (debit card software embedded

on the UICC), stock (customer account stored on

the UICC), network authentication (EAP-AKA

based user authentication for WiFi, WiBro and

I-WLAN) and so forth.

Moreover, we explained a novel and promising

methodology of the UICC-based service secu-

rity framework (USF) to provide the integrated

security infrastructure and the security services

in the pervasive FMC environments. The main

role of the USF is to perform the cryptographic

operations of the security protocols required for

the FMC services in the client-side. The USF can

support the DRM, PKI, SC and Anti-Virus func-

tions as defined in de-factor and global standards

for interoperability among different kinds of FMC

service infrastructures. Using this methodology,

the UICC-based HSM, the integrated personal

authentication, the multimedia contents sharing,

the anti-virus solution and the secure finance

services for the smart phones can be provided in

the pervasive FMC environments.

Arkko, J., & Haverinen, H. (2006). Extensible

authentication protocol method for 3rd generation

authentication and key agreement (EAP-AKA) -

RFC 4187 . Retrieved September 29, 2010, from

http://www.ietf.org/ rfc/ rfc4187.txt

Badra, M., & Urien, P. (2004). Toward SSL inte-

gration in SIM smartcards (pp. 889-893). IEEE

WCNC.

Blunk, L., & Vollbrecht, J. (1998). PPP exten-

sible authentication protocol (EAP) - RFC 2284 .

Retrieved September 29, 2010, from http://www.

ietf.org/ rfc/ rfc2284.txt

Dierks, T., & Rescorla, E. (2006). The transport

layer security (TLS) protocol v1.1 - RFC 4346 .

Retrieved March 29, 2010, from http://www.ietf.

org/ rfc/ rfc4346.txt

ETSI. (2006). Smartcards UICC security service

module: Stage 1 . (ETSI TS 102 266 V7.1.0).

Retrieved March 29, 2010, from http://pda.etsi.

org/ pda/ queryform.asp

Next Page

Advanced Design Approaches to Emerging Software Systems

Search WWH ::

Custom Search

Home