携帯、インターネット・サービスのための携帯電話認証<br>Cellular Authentication for Mobile and Internet Services

個数:

携帯、インターネット・サービスのための携帯電話認証
Cellular Authentication for Mobile and Internet Services

  • 在庫がございません。海外の書籍取次会社を通じて出版社等からお取り寄せいたします。
    通常6~9週間ほどで発送の見込みですが、商品によってはさらに時間がかかることもございます。
    重要ご説明事項
    1. 納期遅延や、ご入手不能となる場合がございます。
    2. 複数冊ご注文の場合、分割発送となる場合がございます。
    3. 美品のご指定は承りかねます。
  • ≪洋書のご注文につきまして≫ 「海外取次在庫あり」および「国内仕入れ先からお取り寄せいたします」表示の商品でも、納期の目安期間内にお届けできないことがございます。あらかじめご了承ください。

  • 製本 Hardcover:ハードカバー版/ページ数 204 p.
  • 言語 ENG
  • 商品コード 9780470723173
  • DDC分類 005.8

Full Description


An invaluable reference discussing the Generic Authentication Architecture (GAA), its infrastructure, usage and integration into existing networks Cellular Authentication for Mobile and Internet Services introduces the reader into the field of secure communication for mobile applications, including secure web browsing with a phone or PC, Single Sign-On (SSO), mobile broadcast content protection, secure location services, etc. The book discusses the Generic Authentication Architecture (GAA) of the mobile standardization body 3 rd Generation Partnership Project (3GPP) and its American counterpart 3GPP2 in full detail and with all variants. It explains the usage of GAA by various standardization bodies and standardized applications, and also looks at a number of non-standardized ones, such as secure remote login to enterprise environment and card personalization. Cellular Authentication for Mobile and Internet Services: Describes the usage of the generic authentication architecture (GAA) by various standardization bodies and standardized applications, covering mobile broadcast / multicast service security, Single Sign-On, HTTPS (i.e. secure web browsing), secure data access, secure location services, etc Provides guidance on how to integrate the generic authentication into existing and future terminals, networks and applications Explains the functionality of the application security in general as well as on application developer level Describes various business scenarios and related security solutions, and covers secure application implementation and integration Brings together essential information (currently scattered across different standardization bodies) on standards in one comprehensive volume This excellent all-in-one reference will provide system and protocol designers, application developers, senior software project managers, telecommunication managers and ISP managers with a sound introduction into the field of secure communication for mobile applications.System integrators, advanced students, Ph.D. candidates, and professors of computer science or telecommunications will also find this text very useful.

Table of Contents

Preface                                            ix
Acknowledgements xi
Introduction 1 (6)
Authenticated Key Agreement 1 (1)
The Challenge in Authenticated Key 2 (3)
Agreement
How to Read this Book? 5 (2)
Reference 6 (1)
Classical Approaches to Authentication and 7 (16)
Key Agreement
Existing Mobile Security Solutions 7 (9)
UMTS Security Infrastructure 7 (7)
Issues in Securing Services with Radio 14 (2)
Layer Security
General-Purpose Approaches to 16 (4)
Authentication and Key Management
Public Key Infrastructure (PKI) 16 (2)
Passwords 18 (1)
Kerberos 19 (1)
Radio Layer and General Purpose 19 (1)
Security Mechanisms
Requirements for GAA 20 (3)
References 21 (2)
Generic Authentication Architecture 23 (82)
Overview of Generic Authentication 23 (7)
Architecture
Rationales for Design Decisions 23 (2)
A Bird's Eye View of GAA 25 (5)
Foundations of GAA 30 (11)
Architectural Elements of GAA 30 (3)
Bootstrapping 33 (6)
Authentication 39 (2)
Variations of the Generic Bootstrapping 41 (25)
Architecture
GBA_ME 42 (1)
GBA_U 42 (5)
2G GBA 47 (1)
Detection of Bootstrapping Variants by 48 (6)
the NAF
3GPP2 GBA 54 (12)
Building Blocks of GAA 66 (13)
Introduction 66 (6)
PKI Portal 72 (2)
HTTPS Support 74 (1)
Key Distribution Service 74 (1)
Key Distribution for Terminal to Remote 74 (3)
Device Usage
Key Distribution for UICC to Terminal 77 (2)
Usage
Other Architectural Issues 79 (17)
Access Control Mechanisms in GAA 79 (1)
Local Policy Enforcement in the BSF 80 (1)
USS usage for NAFs 81 (1)
Identities in GAA 82 (2)
Identity Privacy and Unlinkability 84 (1)
Usability and GAA 84 (3)
Split Terminal 87 (2)
Interoperator GAA: Using GAA Across 89 (2)
Operator Boundaries
Security Considerations of GAA 91 (5)
Overview of 3GPP GAA Specifications 96 (9)
References 100(5)
Applications Using Generic Authentication 105(48)
Architecture
Standardized Usage Scenarios 105(30)
Authentication Using GAA 105(2)
HTTP Digest Authentication 107(4)
Pre-Shared Key TLS 111(1)
Proxy Mode Authentication 112(4)
Referrer Mode Authentication 116(3)
Broadcast Mobile TV Service 119(4)
Security Goals 123(1)
Service Architecture 123(3)
Message Flow Example 126(4)
Tracing Source of Leaked Keys 130(1)
Further Standardized Usage Scenarios 131(4)
Additional Usage Scenarios 135(18)
Secure Enterprise Login 136(2)
Personalization for Payments and 138(2)
Securing Public Transport Tickets
Secure Messaging in Delay and 140(1)
Disruption-prone Environments
Terminal to Terminal Security 141(3)
Transitive Trust in IP Multimedia 144(4)
Subsystems (IMS)
References 148(5)
Guidance for Deploying GAA 153(30)
Integration with Application Servers 153(6)
Introduction 153(1)
Username/Password Replacement 154(1)
NAF Library 155(1)
Apache Web Server 156(1)
J2EE Servers 157(1)
Direct Usage of NAF Library 158(1)
Web Services Direct Usage 159(1)
Integration with OS Security 159(7)
Threats for GAA Implementations in Open 160(1)
Platform UEs
Access Control Requirements 161(1)
Basic Access Control in Practice: 162(1)
Integration in the Series 60 Platform
Extended Access Control: Design Options 163(2)
Other Platforms 165(1)
Integration with Identity Management 166(4)
Systems
Introduction 166(1)
GAA Interworking with Liberty ID-FF 167(3)
Integration of GAA into Mobile Networks 170(13)
Integration of HLR into GAA 170(3)
Key Lifetime Setting in BSF 173(2)
Usage of SIM Cards in GAA (2G GBA) 175(2)
Charging and GAA 177(1)
GAA Integration into Large Networks 178(2)
References 180(3)
Future Trends 183(10)
Standardization Outlook 183(6)
GBA Push 183(2)
GAA User Privacy 185(2)
GAA in Evolved Packet Systems (EPSs) 187(2)
and Mobile IP (MIP)
Outlook for GAA 189(4)
References 192(1)
Terminology and Abbreviations 193(8)
Index 201