Security Analysis of the Secure Authentication Protocol by Means of Coloured Petri Nets
- Wiebke Dresp
- Communications and Multimedia Security
Mobile communication on the Internet sets more security concerns than traditional mobile networks such as GSM. The network infrastructure registration process should give credentials to the user to let him or her being identified by any service provider in order to prevent fraudulent use. In addition, a user should be able to communicate with privacy and to sign a message (e.g. a payment order) so that billing is possible. Users should be able to connect from everywhere, with various types of terminals, possibly mobile. In this paper, we propose to secure an infrastructure providing telecommunication services on the Internet for a mobile user. We establish a trust relationship between any pair of the parties with a password-based user access. As for user-to-user communication, both signaling and media data can be secured. We illustrate the use of this infrastructure to provide secure IP-Telephony.