Please use this identifier to cite or link to this item:
標題: 無所不在運算之匿名存取服務認證機制研究
The Study on Access Service Authentication Schemes with Anonymity for Ubiquitous Computing
作者: 李靖雯 
Li, Jing-Wen 
關鍵字: ubiquitous computing;無所不在運算;anonymity;access service;authentication;authorization;Mobile IP;匿名性;存取服務;認證;授權;行動IP
出版社: 資訊科學系所
引用: [1] A. Gregory D., M. Elizabeth D., “Charting Past, Present and Future Research in Ubiquitous Computing,” ACM Transactions on Computer-Human Interaction, Vol. 7, No. 17, March 2000, pp. 29-58. [2] A. Jari, C. Pat R., G. Erik, N. Dave, W. Barney, “AAA Solutions,” draft-ietf-aaa-solutions-01.txt, November 2000 [3] A. Shamir, “How to Share a Secret,” Communications of the ACM, Vol.22, 1979, pages 612-613. [4] A. Shamir, “Identity-based Cryptosystems and Signature Schemes,” Proceedings of CRYPTO'84, LNCS 196, pages 47-53, Springer-Verlag, 1984. [5] Byung-Gil Lee, Doo-Ho Choi, Hyun-Gon Kim, Seung-Won Sohn, and Kil-Houm Park, “Mobile IP and WLAN with AAA authentication protocol using identitybased cryptography,” 10th International Conference on Telecommunications, March 2003 Page(s):597 - 603 [6] B. G. Lee, H. G. Kim, S. W. Sohn, and K. H. Park, “Concatenated wireless roaming security association and authentication protocol using ID-based cryptography,” in IEEE International Conference on Vehicular Technology, vol. 3, pp. 1507-1511, April 2003. [7] Chan Yeob Yeun, Eng Keong Lua, Crowcroft, J., “Security for Emerging Ubiquitous Networks,” Proceeding of Vehicular Technology Conference, 2005. VTC-2005-Fall. 2005 IEEE 62nd, 25-28 Sept. 2005, pp. 1242-1248. [8] Ching-Te Wang, Chin-Chen Cheng, and Chu-Hsing Lin, “Generalization of threshold signature and authenticated encryption for group communications,” IEICE Transaction on Fundamentals, Vol. E83-A, No. 6, pp. 1228-1237, 2000. [9] Chou-Chen Yang, Jian-Wei Li, Ting-Yi Chang, “A novel mobile IP registration scheme for hierarchical mobility management,” International Conference on Parallel Processing Workshops, 6-9 Oct. 2003 Page(s):367 - 374 [10] Chou-Chen Yang, Min-Shiang Hwang and Ting-Yi Chang, “A new anonymous conference key distribution system based on the elliptic curve discrete logarithm problem,” Computer Standards & Interfaces, Vol. 25, pp. 141-145, 2003. [11] Chou Chen Yang, Ming Chin Chuang, Wei Ting Liu, and Ya Wen Yang, “An Efficient Local Authentication Scheme for Mobile IP,” 1st IEEE Conference of International Conference on Systems and Signals, April, 2005. [12] C. de Laat, G. Gross, L. Gommans, and J. Vollbrecht, D. Spence, “Generic AAA Architecture,” RFC 2903, IETF, Aug 2000. [13] C.E. Perkins, “IP Mobility Support,” RFC 2002, October 1996. [14] C.E. Perkins, “Mobile IP Joins Forces with AAA,” IEEE Wireless Communications, Aug. 2000, Vol. 7, Issue. 4, pp. 59 - 61. [15] C.E. Perkins, “Mobile IP,” IEEE Communications Magazine, May 2002, Vol. 40, pp.66- 82 [16] C. Hung-Yu and C. Che-Hao, “A Remote Authentication Scheme Preserving User Anonymity,” Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA'05), IEEE, 28-30 March 2005, pp. 245-248. [17] C. L. Hsu and T. C. Wu, “Authenticated encryption scheme with (t,n) shared verification,” IEE Proceeding Computer and Digital Techniques, Vol. 145, No. 2, pp. 117-120, 1998. [18] D. B. Johnson and C. Perkins, “Mobility Support in IPv6,” draft-ietf-mobileip-ipv6-15.txt, July 2001 [19] D.Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,” Proceedings of CRYPTO 2001, LNCS 2139, pages 213-229, Springer-Verlag, 2001. [20] D. Chaum, “Blind Signatures for Untraceable Payments,” Advances in Cryptology Proceedings of Crypto 82, D.Chaum, R.L. Rivest, & A.T.Sherman (Eds.), Plenum, pp. 199-203, 1982. [21] Doo Ho Choi, Hyungon Kim, Kyoil Jung, “A secure mobile IP authentication based on identification protocol,” Intelligent Signal Processing and Communication Systems, 2004. ISPACS 2004. Nov. 18-19, 2004, Page(s):709-712. [22] Farrell, S., Vollbrecht, J., Calhoun, P., Gommans, L., Gross, G., de Bruijn, B., de Laat, C., Holdrege, M. and D. Spence, “AAA Authorization Requirements,” RFC 2906, August 2000. [23] F. Almenarez, et al., “Design of an Enhanced PKI for Ubiquitous Networks,” Proceeding of Sixteenth International Workshop on Database and Expert Systems Applications, IEEE, 22-26 Aug. 2005, pp. 262-266. [24] F. Hess, “Efficient identity based signature schemes based on pairings”, Proc. 9th Workshop in Selected Areas in Cryptography-SAC 2002, LNCS, Springer-Verlag, pp. 310-324, 2002. [25] F. Stajano, R. Anderson, “The Resurrecting Duckling: security issues for ubiquitous computing,” IEEE Computer, Vol. 35, No. 4, April 2002, pp. 22-26. [26] F. Zhang and K. Kim, “ID-based blind signature and ring signature from pairings,” Proc. of Asiacrpt2002, LNCS 2501, pp. 533-547, Springer-Verlag, 2002. [27] F. Zhang and K. Kim, “Efficient ID-based blind signature and proxy signature from pairings,” to appear at ACISP 2003, Springer-Verlag, 2003. [28] Glass, S., Hiller, T., Jacobs, S. and C. Perkins, “Mobile IP Authentication, Authorization, and Accounting Requirements”, RFC 2977, October 2000. [29] Gene Tsudik, “Message authentication with one-way hash functions,” INFOCOM''92, Eleventh Annual Joint Conference of the IEEE Computer and Communications Societies, Vol. 3, pp. 2055-2059, 1992. [30] G. Jaeseung and K. Kwangjo, “Wireless Authentication Protocol Preserving User Anonymity,” SCIS2001, Japan, January, pp. 23-26, 2001 [31] G. Ya-Jun, H. Fan, Z. Qing-Guo, L. Rong, “An Access Control Model for Ubiquitous Computing Application,” Proceeding of 2005 2nd International Conference on Mobile Technology, Applications and Systems, IEEE, 15-17 Nov. 2005, pp.1-6. [32] Horn G., Preneel B., “Authentication and Payment in Future Mobile Systems.” ComputerSecurity - ESORICS'98, Lecture Notes in Computer Science, 1485, 1998, pp. 277-293. [33] I. B. Damgard, “A design principle for hash functions,” Advances in Cryptology-CRYPTO''89 Proceedings, Springer-Verlag, pp. 416-427, 1990. [34] I. Satoh, “Mobile Applications in Ubiquitous Computing Environments,” IEICE Trans. Commun., Vol.E88-B, NO.3 March 2005, pp. 1026-1033. [35] J. C. Cha and J. H. Cheon, “An identity-based signature from gap Diffie-Hellman groups,” Public Key Cryptography-PKC 2003, LNCS 2139, Springer-Verlag, pp. 18-30, 2003. [36] J. Kohl and C. Neuman, “The Kerberos network authentication service,” Network Working Group Request for Comments: 1510, Tech. Rep., September 1993. [37] K, Divyan M., D. Dang N. and K. Kwangjo, “A Capability-based Privacy-preserving Scheme for Pervasive Computing Environments,” Proc. of IEEE PerSec2005, Hawaii, USA, 8-12 Mar. 2005, pp.136-140. [38] K.G. Paterson, “ID-based signatures from pairings on elliptic curves,” Electron. Lett., Vol.38, No.18, pp.1025-1026, 2002. [39] K. Hwang and C. Chang, “A selfencryption mechanism for authentication of roaming and teleconference services,” IEEE Trans. Wireless Communications, Vol. 2, no. 2, 2003, pp. 400-407. [40] Lin, C.Y. and Wu, T.C., “An identity-based ring signature scheme from bilinear pairings,” Cryptology ePrint Archive, Report 2003/117 Available at, 2003, pp. 1-4. [41] L. Xuan Hung et al., “Security for Ubiquitous Computing: Problems and Proposed Solution,” Proceeding of 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, 16-18 Aug. 2006, pp. 110-116. [42] M. Weiser, “Some computer science issue in ubiquitous computing,” Communication of the ACM, Vol. 36, No. 7, July 1993, pp.75-84. [43] M. Weiser, “Hot Topics: Ubiquitous Computing,” IEEE Computer, October 1993. [44] M. Merabti, D. Llewellyn-Jones, “Digital rights management in ubiquitous computing,” Multimedia, IEEE, Vol. 13, No. 2, April-June 2006, pp. 32-42. [45] Mitton et al, “Authentication, Authorization, and Accounting: Protocol Evaluation,” IETF work in progress, draft-ietf-aaa- proto-eval-00.txt, July 2000. [46] P. Gutmann. “PKI. It''s Not Dead, Just Resting,” IEEE Computer, pp 41-49, August 2002. [47] Q. He, D. Wu, and P. Khosla, (2004a.) “A Mechanism for Personal Control over Mobile Location Privacy,” Proceedings of IEEE/ACM First International Workshop on Broadband Wireless Services and Applications, BroadWISE 2004. [48] Q. He, D. Wu, and P. Khosla, (2004b.) “The Quest for Personal Control over Mobile Location Privacy,” IEEE Communication Magazine, Vol. 42, No. 5, 2004, pp. 130-136. [49] Ralph C. Merkle, “A Digital Signature Based on a Conventional Encryption Function,” Advances in Cryptology, CRYPTO''89, Lecture Notes in Computer Science, Vol. 435, pp. 218-238, 1989. [50] R. Hill, et al., “A Middleware Architecture for Securing Ubiquitous Computing Cyber Infrastructures,” Distributed Systems Online, IEEE, Vol. 5, No. 9, Sept. 2004, pp. 1-14. [51] R. Koodli, “Fast handovers for mobile IPv6,” mipv6-02.txt, Jan 2004. [52] R. Merkle, “One-way hash functions and DES,” Advances in Cryptology, CRYPTO''89, Lecture Note in Computer Science, Vol. 435, pp. 428-446, 1989. [53] R. Rivest, “The MD4 Message digest algorithm,” Advances in Cryptology-CRYPTO''90 Proceedings, Springer-Verlag, pp. 303-311, 1991. [54] S. Miller “Kerberos authentication and authorization system,” Technical report, Project Athena, Massachusetts Institute of Technology, 1987. [55] Smart, N.P., “An identity based authenticated key agreement protocol based on the Weil pairing,” Electronics Letters, 38 (13), 2002, pp. 630-632. [56] S. Wesley Changchien, Min-Shiang Hwang and Kuo-Feng Hwang, “A Batch Verifying and Detecting Multiple RSA Digital Signatures,” International Journal of Computational and Numerical Analysis and Applications, Vol. 2, No. 3, pp. 303-307, 2002. [57] Tzong-Chen Wu and Ru-Lan Su, “ID-based group-oriented cryptosystem and its digital signature scheme,” Computer Communications, Vol. 20, No. 11, pp. 1019-1026, 1997. [58] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., Gross, G., de Bruijn, B., de Laat, C., Holdrege, M. and D. Spence, “AAA Authorization Framework,” RFC 2904, August 2000 [59] Vollbrecht, J., Calhoun, P., Farrell, S., Gommans, L., Gross, G., de Bruijn, B., de Laat, C., Holdrege, M. and D. Spence, “AAA Authorization Application Examples,” RFC 2905, August 2000. [60] Wei-Bin Lee and Chin-Chen Chang, “User identification and key distribution maintaining anonymity for distributed computer network,” Comput. Syst. Sci. Eng., Vol. 15(4), pp. 211-214, 2000.
近年來隨著網際網路、行動與無線通信的蓬勃發展,人們有越來越多的機會去存取不同網路上的資源,因此使得無所不在運算(Ubiquitous Computing)受到愈來愈多的注意。無所不在運算環境中結合多種不同網路,包括無線區域網路(WLAN)、無線個人網路(WPAN)、隨意網路(Ad Hoc Network)以及第三代行動通訊(3G)等。在這樣的環境中,使用者能不受任何時間與地點的限制隨心所欲存取多樣不同的資源與服務。然而無所不在運算的環境是詭譎多變的,訊息是很容易被人截取和複製的,特別是使用者存取服務的情況,如何認證使用者能否存取服務,成為了一件十分重要的議題。現今,在存取服務時,仍然有一些認證及安全方面的問題存在,例如:認證機制的效率問題、使用者的匿名性問題及受限於行動裝置的運算問題。
在本論文中,我們的研究方向以無所不在運算環境為主,首先我們將會探討在無所不在運算環境存取服務的認證、授權的機制與IETF訂定的Mobile IP協定,接下來我們將會提出在無所不在運算環境下具有匿名性intra-domain及inter-domain兩種存取服務認證機制。具有匿名性的意義在於使用者在存取服務時能避免洩露個人隱私資訊或服務內容以及其它的額外資訊(例如:位置、使用時間、或是服務要求的種類等等)。另一方面,inter-domain存取服務認證機制能提供快速重認證的功能,可以有效的改進原本每一次認證都需回到本地網路所產生的時間延遲。此外,我們運用赫序函數與互斥或運算來減少行動裝置的負擔也解決了原本繁複的認證過程。

With the explosion of the Internet as well as the wireless and mobile communications in recent years, users have been presented with ever increasing opportunities to access network resources. Consequently, more and more attention is being paid to what can be termed ‘ubiquitous computing.' Ubiquitous computing environment may consist of multiple networks either alone or in conjunction, such as WLANs, WPANs, Ad Hoc Networks, and 3Gs. In such environment, users have freedom to access resources and services anytime and anywhere. However, ubiquitous computing environment can be treacherous, and transferred messages can be easily copied and forged. In this situation user authentication becomes especially crucial. For users accessing services in ubiquitous computing environment, there are several problems concerning authentication and security that must be addressed. These include authentication efficiency, maintaining user anonymity, and the limited computational capacity of most mobile devices.
In this thesis, we focus on issues surrounding ubiquitous computing environment. First, we review previously authentication and authorization schemes and the IETF proposed Mobile IP protocol. We propose intra-domain and inter-domain access service authentication schemes, both of which maintain user anonymity in ubiquitous computing environment. Anonymity allows users to access services while avoiding revealing private individual information or exposing service contents and other information such as location, access time, types of services used. On the other hand, the inter-domain access service authentication scheme can provide fast re-authentication functionality that can shorten the delay in authentication. Furthermore, we employ hash functions and XOR operations to reduce the mobile devices' overhead and to improve the authentication procedure.
其他識別: U0005-0207200723191600
Appears in Collections:資訊科學與工程學系所

Show full item record

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.