ABSTRACT
Security is a critical issue in mobile commerce, especially in mobile database systems since mobile environments are dynamic and traditional protection mechanisms do not work very well in such environments. Mobile database access usually across multiple service domains, traditional access mechanisms rely on the concept of starting home location and cross domain authentication using roaming agreements. However, the cross domain authentications involve many complicated authentication activities when the roam path is long. This limits the future mobile applicationsThis paper presents a solution for all kinds of mobile services through short message service (SMS) systems and a ticket-based service access model that allows anonymous service usage in mobile applications. A service provider can avoid roaming to multiple service domains, only contacting the Credential Centre in the model to check a user's certification. The user can preserve anonymity and read a clear record of charges in the Credential Centre at anytime, and the identity of misbehaving users can be revealed by a Trusted Centre. Furthermore, the solution has been demonstrated by the implementation with SMS and RS232
- D. Box. Simple Object Access Protocol (SOAP) 1.1. World Wide Web Consortium (W3C), Cambridge, MA, USA, 2000.Google Scholar
- L. Buttyan and J. Hubaux. Accountable anonymous access to services in mobile communication systems. In Symposium on Reliable Distributed Systems, pages 384--389, 1999. Google ScholarDigital Library
- R. Chinnici, M. Gudgin, J. Moreau, and S. Weerawarana. Web Services Description Language (WSDL) 1.2. World Wide Web Consortium (W3C), Cambridge, MA, USA, 2002.Google Scholar
- F. Gandon and N. Sadeh. "semantic web technologies to reconcile privacy and context awareness". Web Semantics Journal, 1(3), 2004.Google ScholarCross Ref
- A. Lubinski and A. Heuer. Configured replication for mobile applications. Rostocker informatik berichte, 24:101--112, 2000.Google Scholar
- A. Mehrotra. GSM System Engineering. Norwood, Artech House, 1997. Google ScholarDigital Library
- A. Mehrotra and L. Golding. Mobility and security management in the gsm system and some proposed future improvements. IEEE, 86(7), 1998.Google Scholar
- B. Pratel and J. Crowcroft. Ticket based service access for the mobile user. In Proceedings of MobiCom: International Conference on Mobile Computing and Networking, pages 223--232, Budapest, Hungary, 1997. Google ScholarDigital Library
- N. M. Sadeh. m-Commerce: Technologies, Services and Business Models. Wiley, 2002. Google ScholarDigital Library
- H. Wang, J. Cao, and K. Yahico. Building a consumer anonymity scalable payment protocol for the internet purchases. In The 12th International Workshop on Research Issues on Data Engineering: Engineering E-Commerce/E-Business Systems, pages 159--168, San Jose, USA, 2002. Google ScholarDigital Library
- H. Wang, J. Cao, and Y. Zhang. An electronic payment scheme and its rbac management. Concurrent Engineering: Research and Application Journal, 12(3):247--257, 2004.Google ScholarCross Ref
- H. Wang, J. Cao, and Y. Zhang. A flexible payment scheme and its role based access control. IEEE Transactions on Knowledge and Data Engineering, 17(3):425--436, 2005. Google ScholarDigital Library
- H. Wang and Y. Zhang. Untraceable off-line electronic cash flow in e-commerce. In The 24th Australian computer science conference, pages 191--198, GoldCoast, Australia, 2001. Google ScholarDigital Library
- H. Wang, Y. Zhang, J. Cao, and V. Varadharajan. Achieving secure and flexible m-services through tickets. IEEE Transactions on Systems, Man, and Cybernetics, Part A, Special issue on M-Services, 33:697--708, 2003. Google ScholarDigital Library
- U. Wilhelm, S. Staamann, and L. Buttyan. On the problem of trust in mobile agent systems. In IEEE Network and Distributed Systems Security Symposium, pages 11--13, San Diego, CA, 1999.Google Scholar
Index Terms
- Ticket-based mobile commerce system and its implementation
Recommendations
Ticket-based service access scheme for mobile users
Security is one of the important issues in mobile computing, especially in mobile database systems since mobile environments are dynamic and traditional protection mechanisms do not work very well in such environments. For mobile database access across ...
Ticket-based service access scheme for mobile users
ACSC '02: Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4Security is one of the important issues in mobile computing, especially in mobile database systems since mobile environments are dynamic and traditional protection mechanisms do not work very well in such environments. For mobile database access across ...
A server-aided signature scheme for mobile commerce
IWCMC '07: Proceedings of the 2007 international conference on Wireless communications and mobile computingMobile communications offer a wide variety of services to people. All mobile subscribers can use a mobile device to access various resources and conduct their business anytime from anywhere. This feature has contributed greatly to the rapid development ...
Comments