Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/19391
標題: 一種在MANet上的存取控制方法之研究
A Study of Access Control on the MANet
作者: 廖璟璜 
Liao, Ching-Huang 
關鍵字: accesss control;存取控制;admission control;MANet;會員資格控制
出版社: 資訊科學系所
引用: [ 1 ] Dan Boneh ,Matthew Franklin “Identity-Based Encryption from the Weil Pairing”Crypto 2001, LNCS 2139 [ 2 ] Muhammad Bohio, Ali Miri “AUTHENTICATED SECURE CMMUNICATIONS IN MOBILE AD HOC NETWORKS” Page 1 CCECE 29-CCGEI 29, Niagara Falls, May/mai 2004 [ 3 ] EM Belding-Royer “Multi-Level Hierarchies for Scalable Ad hoc Routing” Wireless Networks, 28 – Springer [ 4 ] Muhammad Bohio, Ali Miri, “An Authenticated Broadcasting Scheme for Wireless Ad hoc Network” Electrical and Computer Engineering, 2004. Canadian [ 5 ] Balfanz, D. Durfee, G. Shankar, N. Smetters, D. Staddon, J. Hao-Chi Wong “Secret Handshakes from Pairing-Based Key agreements” Security and Privacy, 2003. Proceedings. 2003 Symposium on [ 6 ] Stefano Campadello “Peer-to-Peer Security in Mobile Devices: a User Perspective” Proceedings of the Fourth International Conference on Peer-to-Peer Computing, 2004 [ 7 ] Luiz A. DaSilva, Scott F. Midkiff, Jahng S. Park, George C. Hadjichristofi, and Nathaniel J. Davis, Virginia “Network Mobility and Protocol Interoperability in Ad Hoc Networks” IEEE Communications Magazine • November 2004 [ 8 ] E. Damiani S. De Capitani di Vimercati S. Paraboschi P. Samarati “Managing and Sharing Servents'' Reputations in P2P Systems” IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2003 [ 9 ] H Deng,D P Agrawal.”TIDS:threshold and identity-based security scheme for wireless ad hoc networks”.IEEE Ad Hoc Networks,2004;2 : 291 ~307 [ 10 ] Hongmei Deng, Anindo Mukherjee, and Dharma P. Agrawal “Threshold and Identity-based Key Management and Authentication for Wireless Ad Hoc Networks” Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’04) [ 11 ] Klas Fokine “Key Management in Ad Hoc Networks” Key Management in Ad Hoc Networks, ISRN LITH-ISY-EX-3322-27 [ 12 ] Md. Shariful Islam, Matei Ciobanu Morogan “Efficient Key Management Scheme for Mobile Ad Hoc Network” Efficient Key Management Scheme for Mobile Ad Hoc Network [ 13 ] Aram Khalili, Jonathan Katz, William A. Arbaugh “Toward Secure Key Distribution in Truly Ad-Hoc Networks ” Proceedings of the 2003 Symposium on Applications and the Internet Workshops(SANINT-w’03) [ 14 ] J Kong, P Zerfos, H Luo, S Lu, L Zhang “Providing Robust and Ubiquitous Security Support for Mobile Ad-Hoc Networks” 2001 International Conference on Network Protocols ICNP, 2001 [ 15 ] SL Keoh, E Lupu, M Sloman “PEACE: A Policy-based Establishment of Ad-hoc Communities” Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC''04) - Volume 00 [ 16 ] Kong, J., Zerfos, P.,Luo,H., Lu, S., Zhang, L.”Providing Robust and Ubiquitous Security Support for MANET”, IEEE 9th International Conference on Network Protocols (ICNP).(2001) [ 17 ] Haiyun Luo, Member, IEEE, Jiejun Kong, Student Member, IEEE, Petros Zerfos, Student Member, IEEE, Songwu Lu, Member, IEEE, and Lixia Zhang, Senior Member, IEEE “URSA: Ubiquitous and Robust Access Control for Mobile Ad Hoc Networks” IEEE/ACM TRANSACTIONS ON NETWORKING 2004 [ 18 ] Keun-Ho Lee, Heyi-Sook Sub, Sang-Bum Han, SangKeun Lee, Chong-Sun Hwang “An Authentication Protocol Based on CBRP in Ad Hoc Network” Advanced Communication Technology, 29. The 6th International Conference on [ 19 ] Kristin Lauter, Microsoft Corporation, “THE ADVANTAGES OF ELLIPTIC CURVE CRYPTOGRAPHY FOR WIRELESS SECURITY” IEEE Wireless Communications Feb 2004 [ 20 ] B Lu, UW Pooch “A Lightweight Authentication Protocol for Mobile Ad Hoc Networks” Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC''05) - Volume II - Volume 02 [ 21 ] William D. Neumann “HORSE: An Extension of an r-Time Signature SchemeWith Fast Signing and Verification” Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’04) [ 22 ] A Perrig, R Canetti, JD Tygar, D Song “The TESLA Broadcast Authentication Protocol” RSA CryptoBytes, 2002 [ 23 ] N. Ruangchaijatupon and P. Krishnamurthy “Encryption and Power Consumption in wireless LANs” Third IEEE Workshop on Wireless LANs, Newton, Massachusetts, 2001 [ 24 ] Nitesh Saxena, Gene Tsudik, Jeong Hyun Yi “Admission Control in PeertoPeer: Design and Performance Evaluation ” 2003 ACM [ 25 ] Nitesh Saxena, Gene Tsudik, Jeong Hyun Yi “Experimenting with Admission Control in P2P” Computer Security in the 21st Century, Springer, 2005 [ 26 ] Adi Shamir, SangKeun Lee, Chong-Sun Hwang “How to Share a Secret” 1979 ACM [ 27 ] Maria Striki, John S. Baras “Towards Integrating Key Distribution with Entity Authentication for Efficient, Scalable and Secure Group Communication in MANETs” IEEE Communications Society,2004 [ 28 ] Z Swiderski “Content Control in Multimedia Applications” Conference on Human Factors in Computing Systems, 26 [ 29 ] Nitesh Saxena, Gene Tsudik, Jeong Hyun Yi, “Identity-based Access Control in Ad Hoc Groups”, Proceedings of the 2004International Workshop on Hot Topics in Peer-to-Peer Sysytems (HOT-P2P’04) [ 30 ] Dimitrios Tsesmetzis, Manolis Solidakis, Vassilios Stathopoulos, Nikolaos Mitrou “Distributed Search in P2P Networks through Secure-Authenticated Content Management Systems(CMSs)” Proceedings of the Fourth International Conference on Peer-to-Peer Computing, 2004 [ 31 ] B Wu, J Wu, EB Fernandez, S Magliveras “Secure and Efficient Key Management in Mobile Ad Hoc Networks ” 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS''05) - Workshop 17 p. 288a [ 32 ] Bin Xie ,Anup Kumar “A Framework for Integrated Internet and Ad hoc Network Security ” 2004 IEEE [ 33 ] Bo Xing “Power Consumption of Security Measures in Mobile Devices” ICS243G-Network and Computer Security [ 34 ] Hao Yang, Haiyun Luo, Fan Ye, Songwu Lu, and Lixia Zhang ,“SECURITY IN MOBILE AD HOC NETWORKS: CHALLENGES AND SOLUTIONS ” IEEE Wireless Communications , February 2004 [ 35 ] Eun-Jun Yoon, Eun-Kyung Ryu, and Kee-Young Yoo “Further Improvement of an Efficient Password Based Remote User Authentication Scheme Using Smart Cards” IEEE TRANSACTIONS ON CONSUMER ELECTRONICS, 2004 [ 36 ] Stephen S. Yau and Xinyu Zhang, “A Middleware Service for Secure Group Communication in Mobile Ad Hoc Networks” Computer Software and Applications Conference, 2003. COMPSAC [ 37 ] Yanchao Zhang, Wenjing Lou, Yuguang Fang “SIP: A Secure Incentive Protocol against Selfishness in Mobile Ad Hoc Networks ” WCNC 2004 / IEEE Communications Society [ 38 ] Muxiang ZHANG “Further Analysis of Password Authenticated Key Exchange Protocol Based on RSA for Imbalanced Wireless Networks” Applied Cryptography and Network Security: Second International Conference, ACNS 2004 Yellow Mountain, China, June 8-11, 29. Proceedings [ 39 ] Sencun Zhu, Sanjeev Setia, Shouhuai Xu Sushil Jajodia “GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks” Proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services(MobiQuitous’04) [ 40 ] L Zhou, ZJ Haas “Securing Ad Hoc Networks” IEEE NETWORK, 1999 [ 41 ] F Zhu, M Mutka, L Ni “Facilitating secure ad hoc service discovery in public environment” COMPSAC-NEW YORK-, 28 [ 42 ] 賴溪松、韓亮、張真誠 ,”近代密碼學及其應用” ,近代密碼學及應用 P14-10~14—16 [ 43 ] 劉興華、黃景彰,”執行權管制系統的設計標準—ISO/IEC 1211-3介紹”, http://www.iicm.org.tw/communication/c2_3/page04.doc [ 44 ] ”移動自組織網路:無需基礎設施的點對點通信 ”, http://www.gzit.gov.cn/_webnews/view.asp?id=XW21465143172147 [ 45 ] “The Gnutella Protocol Specification v0.4 Document Revision .2“ , http://www.clip2.com [ 46 ] Dr. Gene Tsudik ,Jeong H. Yi, Nitesh Saxena,”Peer Group Admission Control”http://sconce.ics.uci.edu/gac/ [ 47 ] Robert H''obbes'' Zakon,” Hobbes'' Internet Timeline v4.0”, http://www.zakon.org/robert/internet/timeline/HIT-big5.html
摘要: 
由於行動技術和裝置的日益普及,故動態和行動網路的環境需求也是日益增加,其中一種環境便是MANet,故我們在此MANet環境下,設計我們的協定。然而,MANet是一個動態的群體網路,所以任何節點皆可加入網路進行通訊和分享,但是如此放任節點隨意加入和離開,可能會導致群體網路被瓦解,故我們採用會員資格控制的方法來控管會員。但在我們研讀關於MANet環境下的存取控制(Access Control)安全研究,有些學者提出以會員資格控制(Admission Control)的方法來解決。但依據ISO/IEC 1211-3文件[43]所定義存取控制應符合的條件,我們發現前述的會員資格控制方法針對資訊的洩漏、未被允許的修改動作和惡意的破壞等三項條件並無法達成,以及實例的佐証,皆可以發現會員資格控制和存取控制並非相等同。故在這篇論文中,我們提出應將存取控制分成五個階段來達成,分別為:初始階段(Initialize Phase)、啟動階段(Bootstrap Phase)、會員資格控制階段(Admission Control Phase)、資源搜尋階段(Resource Search Phase)、資源分享階段(Resource Sharing Phase),並在其中解決如何搜尋資源、存取權限控制、資源的立即使用問題和自私節點問題等,以期在MANet環境下達成真正安全的存取控制。

Because motion technology and equipment are daily popularization, demand of the tendency and the motion network environment also is increases day by day. One kind of environment is MANet. Therefore, we design our agreement on the MANet environment. However, MANet is a dynamic community network. Every node is free to join the network, then to carry on the communication and the share. If the free nodes are at will join and leave, the community network can possibly cause to disintegrate. Therefore, we use the method of the admission control to manage the members. Reading the security research about the access control on the MANet environment, some scholars proposed by the method of the admission control to solve. But we refer to the ISO/IEC 1211-3 document [43] to define the conditions which the access control should be observed. We discover the formerly states the admission control method. The three conditions which are disclosure, malicious modification and malicious destruction are unable to achieve. We also give some the example. We can discover that the admission control isn't equally with the access control. Therefore, in this paper, we propose that the access control must be divided into five stages to achieve, respectively is: the Initialize Phase, the Bootstrap Phase, the Admission Control Phase, the Resource Search Phase, the Resource Sharing Phase. We also solve how to search the resources, the access policy, whether the source is available, the question about selfish nodes and so on. Achieves the true secure access control on the MANet environment.
URI: http://hdl.handle.net/11455/19391
其他識別: U0005-2706200614171900
Appears in Collections:資訊科學與工程學系所

Show full item record
 

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.