Keywords : PKINIT
Engineering and Technology Journal,
2009, Volume 27, Issue 6, Pages 1127-1133
Because the network is an open environment, a lot of care must be taken when
transferring sensitive information especially when related with financial data. This depends
on the principals to be trusted which is a problematic and since the first step in network
security is the authentication, this paper presents a proposed modal for secure mobile
banking (m-banking) applications using Kerberos (the network authentication protocol).
The aim of this paper is to establish a secure communication between the clients and
mobile-bank application server in which they can use their mobile phone to securely access
their bank accounts, make and receive payments, and check their balances.
The integration of smart card into classic Kerberos enhances the security for client
authentication by storing the cryptographic keys and perform dual factor authentication.
Other enhancement to Kerberos is the PKINIT in which the shared key is mapped with
public- private key. To build a robust client authentication the client uses his/her mobile
phone to author Kerberos's messages, process the replay and establish secure
communication with the application server.