Showing papers by "Nadarajah Asokan published in 2000"

SIM BASED AUTHENTICATION MECHANISM FOR DHCRv4/v6 MESSAGES

Abstract: The invention is a method of providing a user ( 12 ) a terminal network address ( 14 ) in a first network ( 16 ) through which the user communicates with a data network ( 18 ) and authenticating connection of the user to the first network. The invention includes transmitting to at least one server in the first network a request to obtain the terminal network address in the first network to provide connection of the user to the data network and an identification of the user in a second network ( 20 ) through which the user communicates to the first network; transmitting the identification of the user to the second network; transmitting from the second network to the first network authentication information of the user stored in the second network associated with the identification of the user; transmitting from the first network to the user at least one advertisement of the terminal network address and information within the authentication information; and processing the received at least one advertisement and the received information within the authentication information and determining if the authentication information is correct.

Ip mobility in a communication system

Abstract: A method for routing data packets to a mobile node (MN) in a communication system which includes at least a first subnetwork of a first type supporting a first IP version and a second subnetwork of a second type supporting a second IP version. The mobile node (MN) is provided with a set of protocol stacks for handling data packets at least according to the first and the second IP version and with a home address at least according to the first and the second IP version. The home agent (HA) is provided with means for intercepting at least data packets addressed to the mobile node's home address according to the first or the second IP version and for encapsulating a data packet addressed to the mobile node (MN) in a packet according to the IP version of the foreign network (16) to which said mobile node (MN) is attached, for routing the data packet to the mobile node (MN).

State of the art in electronic payment systems

Abstract: Electronic funds transfer over financial networks is reasonably secure, but securing payments over open networks like the Internet poses challenges of a new dimension. This paper lays out the security requirements for electronic payment systems, surveys the state of the art in electronic payment technologies and sketches emerging developments.

Personal device, terminal, server and methods for establishing a trustworthy connection between a user and a terminal

Abstract: A personal device is to be connected to a terminal and being equipped with a computerized method for establishing a trustworthy connection between a user via said device and the terminal which is connected to and authenticatable by at least one server which is authenticatable by the device. In the case the device is coupled to the terminal, a first authentication step is initiatable during which the terminal authenticates itself to the server, upon success of which, between the server and the terminal, a first authenticated trusted connection is established. Subsequently a second authentication step is initiatable during which via the established first authenticated trusted connection the server authenticates itself to the device, upon success of which, between the server and the device, a second authenticated trusted connection is established. Subsequently at the device during a first messaging step, from the server via the established second authenticated trusted connection, a terminal authenticity message is receivable confirming the established authenticity of the terminal. Subsequently during a second messaging step an authenticity output message is communicatable from the device to the user via a device output of the device and/or via a terminal output of the terminal.

Individual device, terminal, server, and method for establishing reliable connection between user and terminal

Abstract: PROBLEM TO BE SOLVED: To authenticate a public terminal before a user processes information requiring security by using the public terminal. SOLUTION: When a device 2 for an individual is connected to a terminal 6, a 1st authentication step is started; and the terminal authenticates its server 5 and when the authentication is successful, a 1st secure authenticated connection is established between the server and terminal. Then a 2nd authentication step is started; and the server authenticates itself to the device through the 1st authenticated connection which is already established and when the authentication is successful, a 2nd secure authenticated connection is established between the server and device. Then the device for the individual receives a terminal authentication message confirming the establishment of the authentication of the terminal from the server through the 2nd authenticated connection in a 1st messaging step. Then an authentication output message is transmitted to the user 1 in a 2nd messaging step from the device through the output of the device or the output 3 of the terminal.