Skip to Main Content
The movement of many business domains towards offering services via the Internet demands for convergent and extensible AAA (authentication, authorization and accounting) concepts. This paper introduces a convergent access and application level AAA framework that ports the concepts of IEEE 802.1x and EAP to the application layer and utilizes SOAP as the transport medium for EAP messages. The requirements for the mobile network operator domain have been analyzed and as a proof of concept, an Internet shop application has also been implemented. It supports secure payment via EAP-SIM by utilizing the developed AAA framework. In addition, the integration into an IEEE 802.11i reference environment is described and EAP-SIM AAA characteristics on the WLAN access level have been investigated.