Showing papers by "Shinsaku Kiyomoto published in 2004"

Secure Service and Network Framework for Mobile Ethernet

Abstract: Secure cellular data services have become more popular in the Japanese market. These services are based on 2G/3G cellular networks and are expected to move into the next-generation wireless networks, called Beyond 3G. In the Beyond 3G, wireless communication available at a user's location is selected based on the type of the service. The user downloads an application from one wireless network and executes it on another. Beyond 3G expects core and wireless operators and allows to plug-in new wireless access. A security model that can accommodate these requirements needs to be sufficiently flexible for end users to utilize with ease. In this paper, we explain the Mobile Ethernet architecture for all IP networks in terms of the Beyond 3G. We discuss usage scenario/operator models and identify entities for the security model. We separate a mobile device into a personal identity card (PIC) containing cryptographic information and a wireless communications device that offers security and flexibility. We propose a self-delegation protocol for device authentication and use a delegated credential for unified network- and service-level authentication. We also propose proactive handover authentication using the security context between different types of wireless access, such as Third Generation Partnership Project (3GPP) and WLAN, so that the secure end-to-end communication channels established by service software on the TCP/IP are not terminated. Lastly, we raise security issues regarding the next-generation platform.

New time-stamping scheme using mutual communications with pseudonymous clients

Abstract: Linking schemes have been proposed assuming the model where the time-stamp issuer need not be trusted. However, in that environment, a fake chain attack and forward or backward dating attacks are still a residual risk in TimeStamping services (TSS). In this paper, we propose a new timestamping scheme that focuses on these problems. In our scheme, we use pseudonyms to prevent the time-stamp issuer from dating the time that the specific entity requests. Our scheme doesn’t rely on only one trustworthy entity, and uses mutual communication between each entity. Two types of entities, server and clients without any trustworthy entities are configured in our system. The server provides an anonymous communication channel, but doesn’t provide TSS, and the clients are not only time-stamp requesters but also issuers. So, when a client requests a time-stamp from the system, it is issued by one of the other clients. key words: Time-stamp, linking scheme, forward or backward dating attack, pseudonymous, mutual communication.