4,858 research outputs found
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Security of 5G-V2X: Technologies, Standardization and Research Directions
Cellular-Vehicle to Everything (C-V2X) aims at resolving issues pertaining to
the traditional usability of Vehicle to Infrastructure (V2I) and Vehicle to
Vehicle (V2V) networking. Specifically, C-V2X lowers the number of entities
involved in vehicular communications and allows the inclusion of
cellular-security solutions to be applied to V2X. For this, the evolvement of
LTE-V2X is revolutionary, but it fails to handle the demands of high
throughput, ultra-high reliability, and ultra-low latency alongside its
security mechanisms. To counter this, 5G-V2X is considered as an integral
solution, which not only resolves the issues related to LTE-V2X but also
provides a function-based network setup. Several reports have been given for
the security of 5G, but none of them primarily focuses on the security of
5G-V2X. This article provides a detailed overview of 5G-V2X with a
security-based comparison to LTE-V2X. A novel Security Reflex Function
(SRF)-based architecture is proposed and several research challenges are
presented related to the security of 5G-V2X. Furthermore, the article lays out
requirements of Ultra-Dense and Ultra-Secure (UD-US) transmissions necessary
for 5G-V2X.Comment: 9 pages, 6 figures, Preprin
Context-Awareness Enhances 5G Multi-Access Edge Computing Reliability
The fifth generation (5G) mobile telecommunication network is expected to
support Multi- Access Edge Computing (MEC), which intends to distribute
computation tasks and services from the central cloud to the edge clouds.
Towards ultra-responsive, ultra-reliable and ultra-low-latency MEC services,
the current mobile network security architecture should enable a more
decentralized approach for authentication and authorization processes. This
paper proposes a novel decentralized authentication architecture that supports
flexible and low-cost local authentication with the awareness of context
information of network elements such as user equipment and virtual network
functions. Based on a Markov model for backhaul link quality, as well as a
random walk mobility model with mixed mobility classes and traffic scenarios,
numerical simulations have demonstrated that the proposed approach is able to
achieve a flexible balance between the network operating cost and the MEC
reliability.Comment: Accepted by IEEE Access on Feb. 02, 201
Flat Cellular (UMTS) Networks
Traditionally, cellular systems have been built in a hierarchical manner: many specialized cellular access network elements that collectively form a hierarchical cellular system. When 2G and later 3G systems were designed there was a good reason to make system hierarchical: from a cost-perspective it was better to concentrate traffic and to share the cost of processing equipment over a large set of users while keeping the base stations relatively cheap. However, we believe the economic reasons for designing cellular systems in a hierarchical manner have disappeared: in fact, hierarchical architectures hinder future efficient deployments. In this paper, we argue for completely flat cellular wireless systems, which need just one type of specialized network element to provide radio access network (RAN) functionality, supplemented by standard IP-based network elements to form a cellular network. While the reason for building a cellular system in a hierarchical fashion has disappeared, there are other good reasons to make the system architecture flat: (1) as wireless transmission techniques evolve into hybrid ARQ systems, there is less need for a hierarchical cellular system to support spatial diversity; (2) we foresee that future cellular networks are part of the Internet, while hierarchical systems typically use interfaces between network elements that are specific to cellular standards or proprietary. At best such systems use IP as a transport medium, not as a core component; (3) a flat cellular system can be self scaling while a hierarchical system has inherent scaling issues; (4) moving all access technologies to the edge of the network enables ease of converging access technologies into a common packet core; and (5) using an IP common core makes the cellular network part of the Internet
Secure and Privacy-Preserving Authentication Protocols for Wireless Mesh Networks
Wireless mesh networks (WMNs) have emerged as a promising concept to meet the
challenges in next-generation wireless networks such as providing flexible,
adaptive, and reconfigurable architecture while offering cost-effective
solutions to service providers. As WMNs become an increasingly popular
replacement technology for last-mile connectivity to the home networking,
community and neighborhood networking, it is imperative to design efficient and
secure communication protocols for these networks. However, several
vulnerabilities exist in currently existing protocols for WMNs. These security
loopholes can be exploited by potential attackers to launch attack on WMNs. The
absence of a central point of administration makes securing WMNs even more
challenging. The broadcast nature of transmission and the dependency on the
intermediate nodes for multi-hop communications lead to several security
vulnerabilities in WMNs. The attacks can be external as well as internal in
nature. External attacks are launched by intruders who are not authorized users
of the network. For example, an intruding node may eavesdrop on the packets and
replay those packets at a later point of time to gain access to the network
resources. On the other hand, the internal attacks are launched by the nodes
that are part of the WMN. On example of such attack is an intermediate node
dropping packets which it was supposed to forward. This chapter presents a
comprehensive discussion on the current authentication and privacy protection
schemes for WMN. In addition, it proposes a novel security protocol for node
authentication and message confidentiality and an anonymization scheme for
privacy protection of users in WMNs.Comment: 32 pages, 10 figures. The work is an extended version of the author's
previous works submitted in CoRR: arXiv:1107.5538v1 and arXiv:1102.1226v
Context transfer support for mobility management in all-IP networks.
This thesis is a description of the research undertaken in the course of the PhD and evolves around a context transfer protocol which aims to complement and support mobility management in next generation mobile networks. Based on the literature review, it was identified that there is more to mobility management than handover management and the successful change of routing paths. Supportive mechanisms like fast handover, candidate access router discovery and context transfer can significantly contribute towards achieving seamless handover which is especially important in the case of real time services. The work focused on context transfer motivated by the fact that it could offer great benefits to session re-establishment during the handover operation of a mobile user and preliminary testbed observations illustrated the need for achieving this. Context transfer aims to minimize the impact of certain transport, routing, security-related services on the handover performance. When a mobile node (MN) moves to a new subnet it needs to continue such services that have already been established at the previous subnet. Examples of such services include AAA profile, IPsec state, header compression, QoS policy etc. Re-establishing these services at the new subnet will require a considerable amount of time for the protocol exchanges and as a result time- sensitive real-time traffic will suffer during this time. By transferring state to the new domain candidate services will be quickly re-established. This would also contribute to the seamless operation of application streams and could reduce susceptibility to errors. Furthermore, re-initiation to and from the mobile node will be avoided hence wireless bandwidth efficiency will be conserved. In this research an extension to mobility protocols was proposed for supporting state forwarding capabilities. The idea of forwarding states was also explored for remotely reconfiguring middleboxes to avoid any interruption of a mobile users' sessions or services. Finally a context transfer module was proposed to facilitate the integration of such a mechanism in next generation architectures. The proposals were evaluated analytically, via simulations or via testbed implementation depending on the scenario investigated. The results demonstrated that the proposed solutions can minimize the impact of security services like authentication, authorization and firewalls on a mobile user's multimedia sessions and thus improving the overall handover performance
- ā¦