What is a TEAPM ?
TEAPMs are tamper resistant devices (smartcards) that run EAP client
and/or server applications.
A public javacard implementation, based on the
platform is available on the WEB.
Multiple client and server entities may simultaneously work in a 64
What are the TEAPMs benefits ?
Other details can be found in this
- Security modules dedicated to IP devices.
- They are used for access controls and users'
authentication in Wi-Fi or WiMAX networks and VPN infrastructures
- Independent of any operating system (Windows,
- TEAPM applications run in tamper resistant devices,
such as smartcards. They may be designed for javacards, and therefore are
independent of any manufacturers.
- Highly secure Authentication Servers.
- Smartcards enabled RADIUS servers are docking hosts
that work in collaboration with multiple TEAPMs. This architecture is scalable,
and may be used in existing Wi-Fi infrastructure, supporting a great number
- Privacy and Tracability .
- IP tracability is generally understanding as the record
of data traffic associated to a particular IP address. This address is linked
to an human user by means of the authentication procedure. Privacy, in
the tracability context, means that the network client remains anonymous,
its identity is never exposed to an untrusted party. The TEAPM architecture
enables highly secure authentication but guaranties user's anonymity.
- We currenty propose an efficient mechanism for identity
protection over EAP-TLS, a
was made at the IETF 66th in Montreal
- Remote administration.
- TEAPMs may be remotely and securely managed, and support
the following services
- Cancellation of credentials, such as X509 certificates
and associated private keys. Smartcards cloning is extremely difficult,
in consequence there is only one physical instance of these entities. The
ability to remotely block their use, is an important security requirement,
in a distributed PKI environment.
- Updating of credentials. There is a need to guaranty
continuity or extension of customer subscriptions. This demand is fulfilled
by replacing or adding information elements that control services availability.
- Downloading of new applications. Authentication
protocols may evolve and include new functionalities. In that case, the
software is transparently updated, e.g. without TEAPM bearers interaction.
- Urien, P, Dandjinou, M, “Introducing Smartcard
Enabled RADIUS Server”, The 2006 International Symposium on Collaborative
Technologies and Systems (CTS 2006) May 14-17, 2006, Las Vegas, Nevada, USA
- Pascal Urien and Mohamad Badra, Secure Access Modules
for Identity Protection over EAP-TLS - Smartcard Benefits for User Anonymity
in Wireless Infrastructures. SECRYPT 2006, International Conference on Security
and Cryptography., 7-10 August 2006, Setubal Portugal
- Urien, P, Pujolle ,G, “TEAPM Trusted EAP Module” ,
e-Smart2006, 21-23 septembre 2005, Sophia Antipolis, France
- Pascal Urien, Mesmin Dandjinou, Mohamad Badra, Introducing
Trusted EAP Module for Security Enhancement in WLANs and VPNs, IASTED International
Conference on Communication, Network, and Information Security, CNIS 2006,
October 9-11, 2006, MIT Faculty Club, Cambridge, Massachusetts, USA