Skip to main content

Towards Authentication Using Mobile Devices

An Investigation of the Prerequisites

  • Chapter
  • 447 Accesses

Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT,volume 100)


In this paper we show how mobile devices can be used as authentication tokens. We highlight the prerequisites such as mobile device security and mobile communication security. We elaborate on already existing solutions and on what issues in the context of security remain to be addressed. Beside the comprehensive overview, our main contribution is to explain how the different characteristics of wireless communication can be abstracted. Based on this abstraction an implementation of mobile authentication is transparent both to the application programmer and to the end users.

Key words

  • security
  • mobility
  • authentication

The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35612-9_23


  1. Bluetooth SIG Home page,, last accessed on March 6, 2002.

  2. Borisov, Goldberg, Wagner, Intercepting Mobile Communications: The Insecurity of 802.11,, last accessed on March 6, 2002.

  3. Eckert, Mobile Devices in E-Business — New Opportunities and New Risks, Proceedings of SIS 2000, Zurich, 2000.

    Google Scholar 

  4. Ghosh, K.A., and Swaminatha, T.M. Software security and privacy risks in mobile e-commerce, Communications of the ACM, Volume 44 (2), Feb 2001, pp 51–57

    Google Scholar 

  5. Hansmann, Merk, Nicklous, Stober, Pervasive Computing-Handbook, Springer Verlag, 2001.

    Google Scholar 

  6. The Infrared Data Association,, accessed March 6, 2002.

  7. Kelly, Chair of IEEE 802.11 Responds to WEP Security Flaws, February 15, 2001,, last accessed on March 6, 2002.

  8. Securing the handheld environment — An enterprise Perspective, White Paper, Microsoft, 2001, (last visited Feb 19, 2002);

  9. Pocket PC Security, White Paper, Palm, 2001, (last visited Feb 19, 2002);

  10. Mc Daid, Bluetooth Security, Parts 1, 2, and 3, asp, asp,, last accessed on March 6, 2002.

  11. Pesonen L., GSM Interception, Helsinki University of Technology, Dpt. Of Computer Science and Engineering, November 21, 1999, last accessed on March 6, 2002.

    Google Scholar 

  12. RSA Security Inc.,, last accessed on March 6, 2002.

  13. Robert E. Mahan, Security in Wireless Networks, SANS Institue,, last visited:March 6, 2002.

  14. Sandhu R.S., Samarati P. Authentication, Access Control, and Audit. ACM Computing Surveys, Vol. 28, No. 1, March 1996.

    Google Scholar 

  15. Gruber, Wolfmaier, State of the Art in Wireless Communication, Technical Report SCCH-TR-0171, Software Competence Center Hagenberg,, 2001.

  16. Sutherland, Bluetooth Security: An Oxymoren?,, last accessed on March 6, 2002.

  17. Vainio J., Bluetooth Security, May 25, 2000, http://www.niksula.cs.hutfil~jiitv/bluesec.html, last accessed on March 6, 2002.

    Google Scholar 

  18. Walke, Mobilfunknetze und ihre Protokolle — Band 1, B. G. Teubner Verlag, Stuttgart, 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations


Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2002 IFIP International Federation for Information Processing

About this chapter

Cite this chapter

Weippl, E., Essmayr, W., Gruber, F., Stockner, W., Trenker, T. (2002). Towards Authentication Using Mobile Devices. In: Jerman-Blažič, B., Klobučar, T. (eds) Advanced Communications and Multimedia Security. IFIP — The International Federation for Information Processing, vol 100. Springer, Boston, MA.

Download citation

  • DOI:

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4757-4405-7

  • Online ISBN: 978-0-387-35612-9

  • eBook Packages: Springer Book Archive