Abstract
Existing SIP-based mobile payment solutions do not ensure all the security properties. In this paper we propose a Secure Lightweight and Scalable Mobile Payment Framework (SLSMP) using Signcryption scheme with Forward Secrecy (SFS) based on elliptic curve scheme which combines digital signature and encryption functions (Hwang et al., 2005) [5]. It takes lower computation and communication cost to provide security functions. SLSMP is highly scalable which is attributed to SIP for data exchange. This paper uses WPKI, UICC as Secure Element and depicts system architecture and detailed protocol of SIP based mobile payment solution. Our proposed framework is suitable for both micro and macro payments. Our proposed protocol ensures End to End security i.e. ensures Authentication, Integrity, Confidentiality and Non Repudiation properties, achieves Identity protection from merchant and Eavesdropper, achieves Transaction privacy from Eavesdropper and Payment Gateway, achieves Payment Secrecy, Order Secrecy, forward secrecy, prevents Double Spending, Overspending and Money laundering.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhang, G., Cheng, F., Hasso, C.M.: Towards Secure Mobile Payment Based on SIP. In: 15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems 2008, Belfast, Northern Ireland, pp. 96–104 (2008)
Zhang, G., Cheng, F., Meinel, C.: SIMPA: A SIP-based Mobile Payment Architecture. In: Seventh IEEE/ACIS International Conference on Computer and Information Science 2008, pp. 287–292 (2008)
Hao, J., Zou, J., Dai, Y.: A Real-Time Payment Scheme for SIP Service Based on Hash Chain. In: IEEE International Conference on e-Business Engineering 2008, pp. 279–286 (2008)
Kungpisdan, S., Thai-Udom, T.: Securing Micropayment Transactions Over Session Initiation Protocol. In: 9th International Symposium on Communications and Information Technology (ISCIT 2009), pp. 187–192 (2009)
Hwang, R.-J., Lai, C.-H., Su, F.-F.: An efficient signcryption scheme with forward secrecy based on elliptic curve. Applied Mathematics and Computation 167, 870–881 (2005), doi:10.1016/j.amc.2004.06.124
Muhammad, S., Furqan, Z., Guha, R.K.: Understanding the intruder through attacks on cryptographic protocols. In: Proceedings of the 44th ACM Southeast Conference (ACMS 2006), pp. 667–672 (March 2006)
Ahamad, S.S., Sastry, V.N., Udgata, S.K.: Secure Mobile Payment Framework based on UICC with Formal Verification. Special Issue on ‘Future Trends in Security Issues in Internet and Web Applications’. Int. J. Computational Science and Engineering (2012) (in press) (accepted)
Ahamad, S.S., Sastry, V.N., Udgata, S.K.: A secure and optimized mobile payment framework with formal verification. In: SECURIT 2012, pp. 27–35 (2012)
Rosenberg, et al.: RFC 3261: SIP Session Initiation Protocol (June 2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Ahamad, S.S., Udgata, S.K., Nair, M. (2014). A Secure Lightweight and Scalable Mobile Payment Framework. In: Satapathy, S., Udgata, S., Biswal, B. (eds) Proceedings of the International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA) 2013. Advances in Intelligent Systems and Computing, vol 247. Springer, Cham. https://doi.org/10.1007/978-3-319-02931-3_62
Download citation
DOI: https://doi.org/10.1007/978-3-319-02931-3_62
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02930-6
Online ISBN: 978-3-319-02931-3
eBook Packages: EngineeringEngineering (R0)