SIM-enabled Mobile Phone provides Strong Authentication
Almost a year ago, on December 22, 2005, I reported that Sun’s CTO Greg Papadopoulos proposed a strong authentication method using a mobile phone as a physical security token.
I recently learned that an application using a mobile phone equipped with a SIM card for strong authentication won the SESAMES IT Security award at the CARTES exhibition in Paris last month.
“SIM Strong Authentication, winner of the SESAMES IT Security category, leverages the ubiquity of SIM-equipped mobile devices to provide secure access to online content and services. A user with a valid Identity Provider account and SIM-enabled mobile phone can easily and securely log on to a host of online services such as e-commerce, online banking, corporate network access, or IP Telephony. The service can also provide SIM authentication via SMS messages, simplifying the end user experience and broadening the potential market.
“The architecture is based on a multi-vendor environment featuring SMS-enabled SIM cards from Gemalto. Authentication is performed through a Telenor Identity Provider (IDP) server based on Sun Microsystems Access Manager in collaboration with a Lucent Technologies VitalAAA server communicating with a Home Location Register (HLR) via an Ulticom Signalware SS7/IP MAP Authentication Gateway.”
The SIM Strong Authentication application was featured in the Gemalto booth at the CARTES 2006 exhibition in Paris, 7-9 November, 2006.
I don’t know if Greg influenced the Gemalto project, but Sun’s Access Manager product played a key role in making it all work. Isn’t it great to see creative ideas in action?
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Sun Microsystems,
Access Manager,
SIM,
Gemalto,
SESAMES,
Telenor