In order to spread the scale of the mobile device market rapidly, mobile office applications have been introduced that can be process office work anytime, anywhere. However, the mobile office is vulnerable to several security threats that can occur over wireless networks, which can result in illegal enterprise information access and disclosure because of the openness and portability of the mobile device. Therefore, the mobile office environment must prevent unauthorized service and resource access, and a user authentication scheme is needed to mitigate the potential security vulnerabilities. In this paper, we propose a USIM-based secure user authentication scheme for a mobile office environment. The proposed scheme uses the USIM to securely share secret information for authentication between the mobile user and the server, and the mobile device can perform re-authentication to the server through the re-authentication phase in the event of handover. Moreover, the proposed authentication scheme is specified using Casper and is verified the security using the CasperFDR and FDR tool.

• 出版日期2016-11