論文使用權限 Thesis access permission:校內校外均不公開 not available
開放時間 Available:
校內 Campus:永不公開 not available
校外 Off-campus:永不公開 not available
博碩士論文 etd-0715109-170428 詳細資訊
Title page for etd-0715109-170428
論文名稱 Title |
在IEEE802.16 Mesh Networks下安全的認證及有效傳輸之研究 Secure Authentication and Efficient Communication in IEEE802.16 Mesh Networks |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
50 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2009-06-18 |
繳交日期 Date of Submission |
2009-07-15 |
關鍵字 Keywords |
認證、安全 Security, Mesh Networks, PKM, Wimax, Authentication |
||
統計 Statistics |
本論文已被瀏覽 5649 次,被下載 0 次 The thesis/dissertation has been browsed 5649 times, has been downloaded 0 times. |
中文摘要 |
Wimax(全球微波存取互通介面)是一個都會型無線區域網路的標準,是由「電子電機工程師協會」 802.16群組所設計的。因為涵蓋的範圍廣,很適合發展在大型網路,以提供定點式用戶端或移動性用戶端更穩定、快速、安全的資料傳輸。因此,Wimax被設計來解決最後一哩網段頻寬不足與鋪設成本過高等問題。在IEEE 802.16(Wimax)中定義了兩種資料傳輸的拓樸技術:點對多點模式(PMP mode)和網狀網路模式(Mesh mode)。在網狀網路下,因為資料可以透過其它用戶端(Subscriber Station)來幫忙繞送資料,所以不僅可以讓網路有更高的覆蓋率還可以讓網路有更高的吞吐量。儘管Wimax在媒體存取控制層有另外定義一個安全子層透過基地台 (BS)和用戶端 (SS)之間的加密連線以提供安全的隱私,但依然會面臨許多安全上的問題。網狀網路模式下,流量 (traffic)不像點對多點模式只發生在基地台與用戶端之間,流量或許會經過透過別的用戶端,也因此在網狀網路模式下更容易衍生許多問題,例如:共享金鑰暴露、中間攻擊、竊聽…等等。在繞送節點上(本文稱之為贊助節點),也容易發生多餘的加解密運算負擔。然而,在現有機制中仍然有一些缺點,所以本篇論文會著重在媒體存取層 (MAC layer)上面的問題,並且會提出一些方式來修改現有的金鑰管理協定(PKM)與傳輸資料所用到的傳輸金鑰 (TEK),並將證明修改後的機制所得到的效果會比現有的方法還要好,並且得到有效率的資料傳輸。 |
Abstract |
Wimax (Worldwide Interoperability for Microwave Access) is a standard of wireless metropolitan area networks (WMAN), designed by IEEE 802.16 standards group. The coverage of Wimax is wide, so it is suited for developing in large networks and provides more steady, high-speed, and secure data transmission for fixed and mobile subscribers. As the result, Wimax is designed for solving last mile problem because of the bandwidth is limit and the expensive building cost in the traditional networks. IEEE 802.16 (Wimax) defines two modes of data communication topology: PMP (Point-to-multipoint) mode and Mesh mode. In Mesh mode, the data can route through another subscriber station (SS), so it not only improves coverage range but also raises the throughput. Although IEEE 802.16 defined a secure sub layer in the MAC (Media Access Control) layer to provide privacy by encrypting connections between base station (BS) and subscriber station (SS), but it still face many security problems. In the mesh mode, it is not like PMP mode that the traffic is only between BS and SS, the traffic sometime will pass through another SS, for this reason, it is prone to bring many problems, such as shared secret key exposing, man-in-the-middle attack, eavesdropping threat…etc. On the relay node (we termed sponsor node here), it also involved more unnecessary loads of encryption and decryption. In this thesis, we focus on the MAC layer , and we propose some schemes to modify the present of PKM and the traffic encryption key used for transmitting data, and we will show that these schemes can achieve better security than previous ones, also achieve efficient in data transmission. |
目次 Table of Contents |
中文摘要........................................................................................................................................i Abstract……………………………………………………………………………………ii List of Figures………………………………………………………………………………iii List of Tables…………………………………………………………………………………v Chapter 1 Introduction………………………………………………………………………1 1-1 Wimax overview…………………………………………………………………1 1-2 The security of Wimax mesh networks……………………………………………4 1-3 Motivation………………………………………………………………………6 1-4 Thesis Framework………………………………………………………………7 Chapter 2 Related Work……………………………………………………………………8 2-1 Background………………………………………………………………………8 2-1-1 Network Entry in Mesh Mode……………………………………………8 2-1-2 Security Association (SA) ………………………………………………16 2-1-3 X.509 certificate profile…………………………………………………17 2-2 Privacy and Key Management (PKM) …………………………………………19 2-2-1 AK exchange……………………………………………………………20 2-2-2 TEK exchange……………………………………………………………21 2-3 Wimax mesh mode revised method in PKM……………………………………21 2-3-1 Using the timestamp………………………………………………………22 2-3-2 Using the nonce …………………………………………………………..23 Chapter 3 Proposal Scheme………………………………………………………………25 3-1 Environment…………………………………………………………………25 3-1-1 Network model……………………………………………………………26 3-1-2 Relation in Mesh mode……………………………………………………27 3-2 Proposed scheme on AK exchanged……………………………………………29 3-2-1 Proposed Scheme………………………………………………………….30 3-2-2 Advantage of Propose Scheme……………………………………………35 3-3 Proposed scheme on TEK exchanged……………………………………………36 3-3-1 Proposed Scheme…………………………………………………………36 3-3-2 Advantage of Proposed Scheme…………………………………………37 Chapter 4 Conclusion…………………………………………………………………39 References…………………………………………………………………………………40 |
參考文獻 References |
[1] IEEE 802.16-2004, “IEEE Standard for Local and Metropolitan Area Networks Part 16:Air Interface for Fixed Broadband Wireless Access Systems,”IEEE Press, 2004. [2] WiMAX Forum, http://www.wimaxforum.org/, May 2009. [3] A. Mishra, Nick. L. Petroni, William.A. Arbaugh, and T. Fraser,“Security issues in IEEE 802.11 wireless local area networks: a survey,”Wiley Wireless Communications and Mobile Computing, 4:821-833, 2004 [4] Michael Barbeau, “Wimax/802.16 Threat Analysis,”Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks. New York, NY, USA: ACM Press, 2005, pp. 8-15. [5] Michael Barbeau, “Wimax/802.16 Security in Mesh Mode,”Carleton University Dec, 2008 [6] Kwon, Bongkyoung; Lee, Christopher P.; Chang, Yusun; Copeland, John A., "A Security Scheme for Centralized Scheduling in IEEE 802.16 Mesh Networks," Military Communications Conference, pp.1-5, 29-31 Oct. 2007 [7] Sen Xu, Manton Matthews, Chin-Tser Huang “Security Issues in Privacy and key Management Protocols of IEEE 802.16,”Proceedings of the 44th ACM Southeast Conference (ACMSE 2006), March 2006. [8] Yun Zhou; Yuguang Fang, "Security of IEEE 802.16 in Mesh Mode," Military Communications Conference, pp.1-6, 23-25, 2006 [9] Sen Xu; Chin-Tser Huang, "Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions," Wireless Communication Systems. 3rd International Symposium on, pp.185-189, 6-8 Sept. 2006 [10] David Hohnston, Jesse Walker, “Overview of IEEE 802.16 Security,”IEEE Security&Privacy Magazine, 2004. [11] F.Akyildiz, X. Wang and W. Wang,“Wireless mesh networks: a survey”Computer networks, 2005. [12] Fan Yang; Huaibei Zhou; Lan Zhang; Jin Feng, "An improved security scheme in WMAN based on IEEE standard 802.16," Wireless Communications, Networking and Mobile Computing, 2005. Proceedings. International Conference on , vol.2, 1191-1194, 23-26 Sept. 2005 |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 您的 IP(校外) 位址是 3.145.23.123 論文開放下載的時間是 校外不公開 Your IP address is 3.145.23.123 This thesis will be available to you on Indicate off-campus access is not available. |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS