A secure mobile social network
Mobile social networks are a new trend to improve the quality of our life, so they should not bring any extra burden to users. The users should not anymore be worried how to set up a secure complex password and memorize it to prove their identities. The Generic Bootstrapping Architecture is used in this thesis as a novel way of authentication. The GBA protocol allows to generate and share cryptographic keys between a mobile phone and third party service providers using the operator as intermediary. These keys are generated transparently without any user interaction. In a traditional mobile social network, an Internet connection is compulsory but we believe this should not be a barrier in the future. An ad-hoc network may be used to communicate in a private group of friends. Thus, users need to be capable of verifying membership assertions and generating offline invitations for new friends without a connection to the social network server. Our implementation uses SAML assertions to certify group memberships and offline invitations. Beside these security solutions, a real mobile social network has been implemented, using the REST framework for communication and databases for storing information both on the client and the social network server.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)