Information Systems Frontiers

, Volume 6, Issue 1, pp 35–46 | Cite as

A Global Ticket-Based Access Scheme for Mobile Users

  • Hua Wang
  • Yanchun Zhang
  • Jinli Cao
  • Yahiko Kambayahsi


This article presents a ticket-based access model for mobile services. The model supports efficient authentication of users, services and service providers over different domains. Tickets are used to verify correctness of the requested service as well as to direct billing information to the appropriate user. The service providers can avoid roaming to multiple service domains, only contacting a Credential Centre to certify the user's ticket since tickets carry all authorization information needed for the requested services. The user can preserve anonymity and read a clear record of charges in the Credential Centre at anytime. Furthermore, the identity of misbehaving users can be revealed by a Trusted Centre.

mobile service signature ticket e-commerce 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Beimel A, Ishai Y, Kushilevitz E, Malkin T. One-way functions are essential for single server private information retrieval. In: Proc. of the 31st Annu. ACM Symp. on the Theory of Computing (STOC), 1999:89-98.Google Scholar
  2. Bellare M, Canetti R, Krawczyk H. Pseudorandom functions revisited: The cascade construction and its concrete security. Extended abstract. In: 37th Annual Symposium on the Foundations of Computer Science, IEEE, 1996.Google Scholar
  3. Buttyan L, Hubaux J. Accountable anonymous access to services in mobile communication systems. In: Symposium on Reliable Distributed Systems, 1999:384-389.Google Scholar
  4. Chaum D. Untraceable electronic mail, return addresses, and digital pseudonyms. Communication of the ACM, 1981; 24(2):84–88.Google Scholar
  5. Excellent E-service., 2002.Google Scholar
  6. Frankel Y, Herzberg A, Karger P, Krawczyk H, Kunzinger C, Yung M. Security issues in a CDPD wireless network. IEEE Personal Communication, 1995.Google Scholar
  7. Horn G, Preneel B. Authentication and payment in future mobile systems. In: Quisquater J. et al. eds. Proceedings European Symposium on Research in Computer Security, Lecture Notes in Computer Science, Springer-Verlag, 1998;1485:277-293.Google Scholar
  8. Housley R, Ford W, Polk W, Solo D. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. rfc/rfc2459.txt, 1999.Google Scholar
  9. Lubinski A. Security issues in mobile database access. In: Proceedings of the IFIP WG 11.3 Twelfth Int. Conf. on Database Security, 1998.Google Scholar
  10. Lubinski A. Database security meets mobile requirements. In: Proceedings International Symposium on Database Technology Software Engineering, WEB and Cooperative Systems, Baden, 2000.Google Scholar
  11. Lubinski A, Heuer A. Configured replication for mobile applications. Rostocker Informatik Berichte, 2000; 24:101–112.Google Scholar
  12. Martin K, Preneel B, Mitchell C, Hitz H, Poliakova A, Howard P. Secure billing for mobile information services in UMTS. In: Proceedings 5th International Conference on Intelligence in Services and Networks'98, Lecture Notes in Computer Science, Springer-Verlag, 1998;1430:535-548.Google Scholar
  13. Mehrotra A. GSM System Engineering. Norwood, Artech House, 1997.Google Scholar
  14. Mehrotra A, Golding L. Mobility and security management in the GSM system and some proposed future improvements. In: Proceedings of IEEE, 1998; 86(7).Google Scholar
  15. Park J, Sandhu S. RBAC on the Web by Smart Certificates. In: ACMWorkshop on Role-Based Access Control, Fairfax,VA, USA, 1999:1-9.Google Scholar
  16. Patel B, Crowcroft J. Ticket based service access for the mobile user. In: Proceedings of MobiCom: International Conference on Mobile Computing and Networking, Budapest, Hungary, 1997:223-232.Google Scholar
  17. Paul C. Migrate with Red Hat Linux Advanced Server.Google Scholar
  18. pc.htmlGoogle Scholar
  19. Rivest RL, Shamir A, Adleman LM. A method for obtaining digital signatures and public-Key cryptosystems. Communication of the ACM, 1978;21(2):120–126.Google Scholar
  20. Schechter S, Parnell T, Hartemink A. Anonymous Authentication of Membership in Dynamic Groups. In: Financial Cryptography '99, Anguilla: British West Indies, February 1999.Google Scholar
  21. Stinson DR. Cryptography: Theory and Practice. Boca Raton: CRC Press, 1995.Google Scholar
  22. Waleffe DD, Quisquater JJ. Better login protocols for computer networks. In: Vandewalle J. ed., Proceedings European Symposium on Research in Computer Security, Lecture Notes in Computer Science, Toulouse, France, Springer-Verlag, 1990.Google Scholar
  23. Wang H, Cao J, Kambayashi Y. Building a consumer anonymity scalable payment protocol for the Internet purchases. In: 12th InternationalWorkshop on Research Issues on Data Engineering: Engineering E-Commerce/E-Business Systems, San Jose, USA, 2002.Google Scholar
  24. Wang H, Zhang Y. Untraceable off-line electronic cash flow in e-Commerce. In: Proceedings of the 24th Australian Computer Science Conference ACSC2001, GoldCoast, Australia, IEEE Computer Society, 2001:191–198.Google Scholar
  25. Wilhelm U, Staamann S, Buttyan L. On the problem of trust in mobile agent systems. In: IEEE Network and Distributed Systems Security Symposium, San Diego, CA, 1998:11-13.Google Scholar

Copyright information

© Kluwer Academic Publishers 2004

Authors and Affiliations

  • Hua Wang
    • 1
  • Yanchun Zhang
    • 2
  • Jinli Cao
    • 3
  • Yahiko Kambayahsi
    • 4
  1. 1.Department of Maths & ComputingUniversity of Southern QueenslandToowoombaAustralia
  2. 2.School of Computer Science and MathematicsVictoria UniversityMelbourneAustralia
  3. 3.Department of Computer Science & Computer EngineeringLa Trobe UniversityMelbourneAustralia
  4. 4.Graduate School of InformaticsKyoto UniversityKyotoJapan

Personalised recommendations