Security Analysis and Quality of Protection for Wireless Networks
- 주제(키워드) security , wireless network , Quality of Protection (QoP)
- 발행기관 고려대학교 정보경영공학전문대학원
- 지도교수 Jongin Lim
- 발행년도 2010
- 학위수여년월 2010. 8
- 학위구분 박사
- 학과 정보경영공학전문대학원 정보경영공학과
- 원문페이지 115 p
- 실제URI http://www.dcollection.net/handler/korea/000000023307
- 본문언어 영어
- 제출원본 000045608134
초록/요약
A diversity of wireless networks, with rapidly evolving wireless technology, are currently in service. Due to their innate physical layer vulnerability, wireless networks require enhanced security components. WLAN, WiBro, and UMTS have defined proper security components that meet standard security requirements. Extensive research has been conducted to enhance the security of individual wireless platforms, and we now have meaningful results at hand. However, with the advent of ubiquitous service, new horizontal platform service models with vertical cross-layer security are expected to be proposed. Research on synchronized security service and interoperability in a heterogeneous environment must be conducted. Security Interworking for Seamless Wireless Service - This thesis analyzes security mechanisms in wireless networks, and designs a secure and efficient protocol for a handover reusing the key materials generated before the handover phase. Especially, we describe in this thesis a handover scenario between WLAN and a WiBro network and propose a fast and efficient authentication scheme for the handover. In the scheme, a Serving Network (SN) plays a key distribution center role so that the Mobile Node (MN) can be quickly associated to a Target Network (TN) before starting a full authentication scheme where a remote Authentication Center (AC) is involved. In order to be sure that our handover protocol does not have any security flaws, we formally validated it using automatic protocol analyzer AVIPSA. Evaluation Model for Balanced Wireless Service - As wireless network cannot dispense with a proper security measure due to its inborn vulnerability, a new security measure has been developed with an advent of new wireless network technology. Each security measure properly serves the security needs of its associated wireless network as it was intended to. In heterogeneous environments, to design the balanced security components, quantitative evaluation model of security policy in wireless networks is required. Quality of Protection (QoP) estimates the stability of individual network system by quantifying security intensity. So, it can work as an evaluation standard for the security of network. Firstly, this thesis considers Historical Vulnerability Measure (HVM) and relative weight in total reward function for the improved QoP model. HVM is objectively organized by Flow-based Abnormal Traffic Detection Algorithm for utility function. Secondly, to design appropriate evaluation method of security policies in heterogeneous wireless networks, we formalize the security properties in wireless networks. As the benefit of security protocols is indicated by the QoP, we improve the QoP model and evaluate hybrid security policy in heterogeneous wireless networks by applying to the QoP model. Deriving relative indicators from the positive impact of security points, and using these indicators to quantify a total reward function, this thesis will help to assure the appropriate benchmark for combined security components in wireless networks.
more목차
Contents
1 Introduction 1
2 Wireless Security 6
2.1 WLAN Security . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.1 Authentication . . . . . . . . . . . . . . . . . . . . . 8
2.1.2 Key Derivation . . . . . . . . . . . . . . . . . . . . . 12
2.1.3 Encapsulation . . . . . . . . . . . . . . . . . . . . . . 12
2.1.4 Comparison of Pre-RSN and RSN Service . . . . . . 15
2.2 WiBro Security . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.2.1 PKMv1 . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.2.2 PKMv2 . . . . . . . . . . . . . . . . . . . . . . . . . 19
2.2.3 Key Derivation . . . . . . . . . . . . . . . . . . . . . 21
2.3 UMTS Security . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.1 AKA . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
2.3.2 EAP-AKA for Interworking . . . . . . . . . . . . . . 26
2.3.3 Encapsulation . . . . . . . . . . . . . . . . . . . . . . 28
2.4 EAP Method . . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.5 Brief Review of Comparison . . . . . . . . . . . . . . . . . . 31
3 Security Interworking for Seamless Wireless Service 33
3.1 Security Interworking . . . . . . . . . . . . . . . . . . . . . 33
3.1.1 Handover Architecture . . . . . . . . . . . . . . . . . 33
3.1.2 Handover definition and Classification . . . . . . . . 34
3.1.3 Handover Security Trust Relations . . . . . . . . . . 36
3.2 Secure Handover Protocol Design . . . . . . . . . . . . . . . 37
3.3 Handover Security Requirements and Fulfillments . . . . . . 41
3.3.1 Requirements . . . . . . . . . . . . . . . . . . . . . . 41
3.3.2 Fulfillments . . . . . . . . . . . . . . . . . . . . . . . 41
3.4 Formal Specification and Validation of Secure Handover Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.4.1 AVISPA . . . . . . . . . . . . . . . . . . . . . . . . . 44
3.4.2 Specification . . . . . . . . . . . . . . . . . . . . . . 44
3.4.3 Validation . . . . . . . . . . . . . . . . . . . . . . . . 45
3.5 Contribution . . . . . . . . . . . . . . . . . . . . . . . . . . 46
4 Evaluation Model for Balanced Wireless Service 49
4.1 Definition of QoP Model . . . . . . . . . . . . . . . . . . . . 50
4.1.1 Utility function . . . . . . . . . . . . . . . . . . . . . 50
4.1.2 Additive reward function . . . . . . . . . . . . . . . 50
4.2 Proposal 1: Improved QoP based on HVM . . . . . . . . . 52
4.2.1 Utility Function . . . . . . . . . . . . . . . . . . . . 52
4.2.2 Total Reward Function . . . . . . . . . . . . . . . . 57
4.2.3 Contribution . . . . . . . . . . . . . . . . . . . . . . 59
4.3 Proposal 2: Formalizing the design, evaluation, and analysis
of QoP in Wireless Networks . . . . . . . . . . . . . . . 61
4.3.1 Utility Function . . . . . . . . . . . . . . . . . . . . 61
4.3.2 Total Reward Function . . . . . . . . . . . . . . . . 73
4.3.3 Experiment for QoP Evaluation . . . . . . . . . . . . 75
4.3.4 Evaluation Analysis of New QoP Model . . . . . . . 80
5 Conclusion & Further Works 85
A Result of Total Reward 89
Bibliography 94
