A Lightweight Privacy-Preserving OAuth2-Based Protocol for Smart City Mobile Apps
Sucasas, Victor, Mantas, Georgios ORCID: https://orcid.org/0000-0002-8074-0417, Radwan, Ayman and Rodriguez, Jonathan (2017) A Lightweight Privacy-Preserving OAuth2-Based Protocol for Smart City Mobile Apps. In: 2016 IEEE Globecom Workshops (GC Wkshps). IEEE, pp. 1-6. ISBN 978-1509024834 (doi:10.1109/GLOCOMW.2016.7848816)
Preview |
PDF (Author Accepted Manuscript)
27728 MANTAS_A_Lightweight_Privacy-Preserving_OAuth2-Based_Protocol_2017.pdf - Accepted Version Download (315kB) | Preview |
Abstract
In the forthcoming Smart City scenario, users' mobile applications will be of fundamental role towards supporting the envisioned functionalities and services. Mobile users, provided with a smartphone, will be capable of ubiquitously connecting to service providers through their installed mobile applications. However, this connection must be authenticated, which threatens the citizen privacy rights. Privacy-preserving mechanisms have already been proposed in the past; nevertheless, they are based on RSA groups or groups with bilinear pairings, which are inefficient in mobile devices due to its computational complexity. Thus, in this paper, we integrate a lightweight anonymous credential mechanism, suitable for computationally-limited mobile devices, into the user authentication phase of the OAuth2 protocol, which has become a de facto solution for user authentication in mobile applications. The proposed protocol enables citizen's authentication towards service providers, while preserving their privacy. Additionally, the protocol is compliant with the OAuth2 specification, which enables an easy integration in current mobile application implementations.
Item Type: | Conference Proceedings |
---|---|
Title of Proceedings: | 2016 IEEE Globecom Workshops (GC Wkshps) |
Additional Information: | The 2016 Globecom Workshop was held from 4th-8th December 2016 at Washington, DC, USA. |
Uncontrolled Keywords: | Mobile communication, Protocols, Browsers, Authentication, Servers, Mobile handsets, Authorization |
Subjects: | T Technology > TA Engineering (General). Civil engineering (General) |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Engineering (ENG) |
Last Modified: | 02 Nov 2020 13:40 |
URI: | http://gala.gre.ac.uk/id/eprint/27728 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year