Securing Virtual Private Networks with SIM Authentication

With the ever increasing amount of systems requiring user authentication, users are experiencing a substantial inconvenience. A huge amount of passwords needs to be remembered, which in many cases decrease system security, as users choose to write them down or use the same password for several systems. The number of username/password pairs has simply become unmanageable. Other, stronger authentication mechanisms are added to some systems, which increase administration costs for the enterprises/service providers. There is an immediate need for a stronger, yet at the same time simpler and cost-efficient authentication mechanism which can be reused across many different types of services. This paper proposes a novel VPN solution which employs the GSM SIM authentication mechanism for authenticating users towards VPN networks and for setting up the encrypted tunnel between the VPN client and server. The solution ensures strong security, is user-friendly and cost-efficient.