The Mobile Identity Authentication Scheme Based On Java-SIM Card And Key Technology Research

Currently PKI, OTP and other technologies are widely used in e-commerce to meet the security needs of network identification. However, common devices like USB KEY, dynamic password token have potential security risks, and the deficiencies of portability and scalability. For example, USB KEY PIN code is entered on PC which can be easily hijacked; Dynamic password token cannot solve the problem of asynchronism well; Specific device can only be used for specific application, and so on. In this paper, a mobile authentication scheme based on Java-SIM card is proposed to overcome the deficiencies of existing solutions about security, portability and scalability, etc.According to the study and analysis of currently popular authentication schemes'advantages and disadvantages, Java-SIM card's characteristics of support for multiple applications and good safety features, a mobile authentication solution based on Java-SIM card is proposed. The solution combines Java-SIM card technology with dynamic password authentication and the PKI authentication, to protect the login security and transaction security of e-business applications, solve most security problems such as static password leak, data integrity and Non-repudiation, and the generation, preservation and delivery of secret key. The solution achieves unified security management of cross-industry multi-applications on the card by GP standard-based security framework, supports for ientity authentication sevice of multiple e-commerce applications. This paper designs the overall structure of the system according to the solution, and describes the operation process by putting the solution into a specific e-commerce application case. Finally the design and coding of the authentication system on server and the authentication application programes on Java-SIM card are completed.By using Java-SIM card in mobile phone as an authentication device, we do not need to carry USB Key, Token any more, and can dynamically download and update authentication application programes. It is much easier to use.