Untraceable Identity Management Framework for Mobile Access

Min-Chih Kao, Yi-Shiung Yeh, Chuan-Chi Wang
2008 2008 Eighth International Conference on Intelligent Systems Design and Applications  
Although some Extensible Authentication Protocol (EAP) methods such as EAP-TTLS (Tunneled Transport Layer Security) can hide true identity to protect the privacy of the mobile user, they cannot identify the mobile user for accounting and authorization purposes. The EAP framework lacks a mechanism to manage the relationship between true identities and pseudo identities. This study proposes an identity management framework based on the short-lived certificate so that the proposed scheme can deal
more » ... ed scheme can deal with both authentication and authorization with privacy. The proposed scheme has no need of a certificate revoke scheme in which the authentication process can only occur between the mobile user and an authenticator. This greatly reduces the authentication delay. Thus, the proposed scheme can achieve both privacy and efficiency.
doi:10.1109/isda.2008.248 dblp:conf/isda/KaoYW08 fatcat:j74ho6gfszb6jokpaue5uauyfq