Ticket-Based Service Access Scheme for Mobile Users

Abstract

Security is one of the important issues in mobile computing, especially in mobile database systems since mobile environments are dynamic and traditional protection mechanisms do not work very well in such environments. For mobile database access across multiple service domains, the traditional access mechanisms rely on the concept of starting home location and cross domain authentication using roaming agreements. However, the cross domain authentications will involve many complicated authentication activities when the roam path is long. This limits the future mobile applications.This paper presents a global solution for all kinds of mobile services, by a ticket-based service access model that allows anonymous service usage in mobile application and access. The service provider can avoid roaming to multiple service domains, only contacting the Credential Centre to check the user's certification. The user can preserve anonymity and read a clear record of charges in the Credential Centre at anytime. Furthermore, the identity of misbehaving users can be revealed by a Trusted Centre.