Authentication and Authorization of Mobile Clients in Public Data Networks

Reddy, Prakash; Krishnan, Venky; Zhang, Kan; Das, Devaraj

doi:10.1007/3-540-45831-X_9

Prakash Reddy⁷,
Venky Krishnan⁷,
Kan Zhang⁷ &
…
Devaraj Das⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2437))

Included in the following conference series:

International Conference on Infrastructure Security

770 Accesses
1 Citations

Abstract

We present a protocol that enables mobile clients to be authenticated and authorized in data networks that are deployed in public places otherwise referred to as hotspots! The three key elements of a hotspot network are the mobile client, the hotspot server and the service provider. A mobile client is any device that can be used to access the internet. The hotspot server is a node in the data network that is a bridge between wireless clients and wired broadband network. The service provider is an entity that has an existing service relationship with the client and the hotspot server. The protocol discussed in this paper shows how three parties: Client, hotspot server and the service provider come together in a mutually un-trusted environment, authenticate each other and upon authentication exchange authorization tokens that are used in subsequent service requests. The most common use of this protocol is for clients to gain internet connectivity in public places, specifically in hotspots. The hotspot server provides the equivalent of cellular network roaming functionality. The service provider allows added features to its clients.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

OpenSSL, http://www.openssl.org/
B. Clifford Neuman and Theodore Ts’o. Kerberos: An Authentication Service for Computer Networks, IEEE Communications, 32(9):33–38. September 1994
Article Google Scholar

Download references

Author information

Authors and Affiliations

HP Labs, 1501 Page Mill Road, Palo Alto Ca, USA
Prakash Reddy, Venky Krishnan, Kan Zhang & Devaraj Das

Authors

Prakash Reddy
View author publications
You can also search for this author in PubMed Google Scholar
Venky Krishnan
View author publications
You can also search for this author in PubMed Google Scholar
Kan Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Devaraj Das
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

University of Wisconsin-Milwaukee, 53201, Milwaukee, WI, USA
George Davida
TechTegrity LLC, P.O. Box 2125, 07091, Westfield, NJ, USA
Yair Frankel
Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, BS34 8QZ, Bristol, UK
Owen Rees

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Reddy, P., Krishnan, V., Zhang, K., Das, D. (2002). Authentication and Authorization of Mobile Clients in Public Data Networks. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_9

Download citation

DOI: https://doi.org/10.1007/3-540-45831-X_9
Published: 26 September 2002
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44309-4
Online ISBN: 978-3-540-45831-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics