A criteria-based evaluation framework for authentication schemes in IMS

Document type: Conference Papers
Peer reviewed: Yes
Author(s): Charlott Eliasson, Markus Fiedler, Ivar Jørstad
Title: A criteria-based evaluation framework for authentication schemes in IMS
Translated title: Ett kriteriebaserat utvärderingsramverk för autentiseringsmodeller i IMS
Conference name: The Fourth International Conference on Availability, Reliability and Security (ARES 2009)
Year: 2009
Pagination: 865-869
ISBN: 978-1-4244-3572-2
Publisher: IEEE
City: Fukuoka, Japan
ISI number: 000270612000131
Organization: Blekinge Institute of Technology
Department: School of Computing (Sektionen för datavetenskap och kommunikation)
School of Computing S-371 79 Karlskrona
+46 455 38 50 00
Authors e-mail: charlott.eliasson@bth.se, markus.fiedler@bth.se, ivar@ubisafe.no
Language: English
Abstract: The IP Multimedia Subsystem (IMS) is regarded as one of the most prominent enablers for successful service provisioning across different access network technologies and devices. While new paradigms, e.g. seamless communication, enter the IMS, existing solutions, e.g. for authentication, need to be redefined, which is one of the major activities within the EUREKA!-funded Mobicome project, involving operators, manufacturers and academia. As there exist several candidate solutions for providing seamless authentication, there is a need for a set of criteria that helps to select the candidate that fulfils those criteria in a bestpossible way.

Given this background, this position paper proposes a framework of criteria for the evaluation of authentication schemes in IMS. The primary criteria are security, user-friendliness and simplicity. Inbetween these criteria, the secondary criteria can be found. These are awareness, usability and algorithms. Each criterion, both primary and secondary, is then also divided into one or several substantiating sub-criteria. The discussion of the criteria is followed by a description of the evaluation methodology, which comprises both qualitative and quantitative evaluations such as SWOT analysis, use of NIST and ISO guidelines, user rankings, and measurements of authentication times. The paper is concluded with an outlook on future work, including studies and experiments.
Subject: Telecommunications\Network Security
Human Work Science\Human Computer Interaction
Keywords: IMS security, seamless authentication, evaluation criteria