City Research Online

Mobile Web services authentication using SAML and 3GPP generic bootstrapping architecture

Elmufti, K., Weerasinghe, D., Rajarajan, M. , Rakocevic, V., Khan, S. & MacDonald, J. (2008). Mobile Web services authentication using SAML and 3GPP generic bootstrapping architecture. International Journal of Information Security, 8(2), pp. 77-87. doi: 10.1007/s10207-008-0065-y


In this paper we present a platform for the direct consumption of web services by a Mobile Station. We give an architectural solution where Mobile Operators play the role of Trusted Third Parties supplying service credentials that allow a co-located 3GPP Network Application Function and Liberty-enabled Identity Provider entity to implement a controlled Shopping Mall service to Mobile Stations from multiple trust domains. We consider both the protocol and the structure and syntax of the various tokens required to minimise service latency over the bandwidth and performance constrained mobile system, whilst providing adequate security services to protect against the perceived threat model. To validate our proposal we have developed code to create a Web Service test scenario using SAML authentication tokens utilising readily available J2ME, Java Card, J2SE and J2EE platforms, Web Services tools from Apache, the KToolBar emulator from Sun, and the JCOPS suite of tools for Java Card applet development.

Publication Type: Article
Additional Information: The final publication is available at Springer via
Publisher Keywords: Mobile Web Services; Authentication; GAA; SAML; 3GPP generic bootstrapping architecture; Mobile Authentication Protocol
Subjects: T Technology > TK Electrical engineering. Electronics Nuclear engineering
Departments: School of Science & Technology > Engineering
SWORD Depositor:
[thumbnail of 70.pdf]
Text - Accepted Version
Download (241kB) | Preview


Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email


Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login