SIPmsign: a lightweight mobile signature service based on the Session Initiation Protocol

Abstract

SUMMARYThe development of mobile signatures could increase the spread and adoption of mobile services based on electronic signatures, such as mobile payments, mobile business transactions, and mobile government services. A Mobile Signature Service (MSS) means that a user in any of the scenarios mentioned can attach an electronic signature, anywhere, anytime, as with a handwritten signature with a device that is almost always on him or her. Several solutions have appeared, such as using the European Telecommunications Standard Institute MSS, the Mobile Signature Application Unit, and the Mobile Network Operator‐independent MSS. These solutions present two kinds of drawbacks. On the one hand, some of them require the service to be developed by all mobile network operators, whereas others are not based on efficient communications. In this paper, we present a new MSS named SIPmsign that solves these problems. Our proposal is based on the Session Initiation Protocol and defines how to exchange the information in a secure and more efficient way than previously. Thanks to Session Initiation Protocol, we provide the adoption of our proposal as a MSS for the new generation of mobile communications. In this paper, we also present the prototype we have developed as a proof of its feasibility as well as an evaluation of the performance of our solution. Copyright © 2012 John Wiley & Sons, Ltd.