Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

Open Identity Summit 2013 P-223, 130-141 (2013).

Gesellschaft für Informatik, Bonn

Copyright © Gesellschaft für Informatik, Bonn


How to authenticate mobile devices in a web environment -- the SIM-ID approach

Florian Feldmann and Jörg Schwenk


With the advent of the iPhone AppStore and Google Play, the 'walled garden' approach of telecommunication companies to supply content to their customers using standard GSM/UMTS/LTE authentication has failed: Neither Google nor Apple, nor any other content provider on the mobile internet, uses the SIM card for authentication. This is mainly due to the fact that mobile telecommunication and internet architectures differ substantially. In this paper, we propose several bridging technologies to fill this gap. We exemplarily show how to use SIM authentication for web-based Single-Sign-On protocols. Starting from simple password replacement in the authentication between User Agent (UA) and Identity Provider (IdP), we show how we can achieve strong channel bindings between all TLS channels and SIM based authentication.

Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-617-6

Last changed 12.03.2014 15:23:16