912 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
The Design of Efficient Internetwork Authentication for Ubiquitous Wireless Communications
A variety of wireless technologies have been
standardized and commercialized, but no single solution is
considered the best to satisfy all communication needs due
to different coverage and bandwidth limitations. Therefore,
internetworking between heterogeneous wireless networks
is extremely important for ubiquitous and high performance
wireless communications. The security problem is
one of the major challenges in internetworking. To date,
most research on internetwork authentication has focused
on centralized authentication approaches, where the home
network participates in each authentication process. For
high latency between the home and visiting networks, such
approaches tend to be inefficient. In this paper, we describe
chained authentication, which requires collaboration between
adjacent networks without involvement of the home
network. After categorizing chained protocols, we propose
a novel design of chained authentication methods under
3G-WLAN internetworking. The experiments show that
proactive context transfer and ticket forwarding reduce the
3G authentication latency to 36.8% and WLAN EAP-TLS
latency to 23.1% when RTT between visiting and home
networks is 200 ms
Network layer access control for context-aware IPv6 applications
As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements
HUC-HISF: A Hybrid Intelligent Security Framework for Human-centric Ubiquitous Computing
ć¶ćșŠ:æ° ; ć ±ćçȘć·:äč2336ć· ; ćŠäœăźçšźéĄ:ć棫(äșșéç§ćŠ) ; æäžćčŽææ„:2012/1/18 ; æ©ć€§ćŠäœèšçȘć·:æ°584
Advanced Signaling Support for IP-based Networks
This work develops a set of advanced signaling concepts for IP-based networks. It proposes a design for secure and authentic signaling and provides QoS signaling support for mobile users. Furthermore, this work develops methods which allow for scalable QoS signaling by realizing QoS-based group communication mechanisms and through aggregation of resource reservations
Anonymity and untraceability assessment of authentication protocols in proxy mobile IPv6
The Proxy Mobile IPv6 or the PMIPv6 is a protocol for mobile management as established by the Internet Engineering Task Force or IETF to assist in the intense usage of mobile devices and to lower the overhead of signaling. As the inclusion of the mobile node in the signaling related to mobility is not necessary, this type of solutions based on networks optimize the performance of the handover based on signaling overhead and handover latency. Nevertheless, the PMIPv6 has several disadvantages such as issues of privacy and security. The process of authentication of users is usually needed at the time of connecting to a wireless network. The mobile users might wander away from their home networks and be approached by other network services. These network services would usually require the users' credentials to authorize the usage of the service. In order to retain a level of anonymity, various degrees of information are required to be safe guarded including the Local Mobility Anchor ID, Media Access Gateway, and Mobile Node. Nevertheless, a few methods of authentication have been suggested to enhance the PMIPv6's performance since 2008 when this protocol was first established [1]; however, the issues of privacy are often ignored. This study attempts to evaluate the authentication methods of the PMIPv6 according to the anonymity of several network mechanisms. The findings of this study reveal that it is important to suggest an appropriate method of enhancing the protection and privacy of network mechanisms
Improving and distributing key management on mobile networks
We address the problem of mobile network key management and authentication that negatively affects the handoff performance, adds overhead to the system in terms of key exchange signaling, authentication, and key distribution. We aim to improve the efficiency of the key management subsystem and to reduce investment pressure on core network elements. We address all these problems successfully. Our novel SKC key management mechanism is the best key management mechanism among the ones we found in reducing signaling load from the KD and making the mobility system independent of the AP-KD link delay. It is a significant contribution to the mobile network key management with fast handoffs when separate keys for APs are required and has many useful applications.
Our novel receiver and sender ID binding protocol with symmetric keys is new and shows analogy with Identity Based Cryptography. It is a generalization of the identity binding that SKC is using. Furthermore, our distributed AAA architecture with SKC, certificates, and hardware-based security is a disruptive proposal and show how the mobile network KD can be distributed to the edge nodes.
Our quantitative analysis and comparison of SKC and LTE key management is new and not seen before. Our research affected the LTE Security standardization and contributes to the research and development of home base stations, community and municipal Wi-Fi access points
Study and development of a remote biometric authentication protocol
This paper reports the phases of study and implementation of a remote biometric authentication protocol developed during my internship at the I.i.t. of the C.n.r. in Pisa. Starting from the study of authentication history we had a look from the first system used since the 60ies to the latest technology; this helped us understand how we could realize a demonstration working protocol that could achieve a web remote authentication granting good reliability: to do this we choosed to modify the SSL handshake with biometric tests and we decided to use smart-cards a secure vault for the sensible biometric data involved. In the first chapter you will find a brief definition of authentication and an introduction on how we can achieve it, with a particular focus on new biometric techniques. In the second chapter there\u27s the history of authentication from the very first password system to actual ones: new token and smart card technolgies are longer stressed in order to introduce the reader to the last chapter. In the third chapter you will find the project framework, the development of our implementation choiches and the source code of the demo project
- âŠ