안전한 유비쿼터스 서비스를 위한 MANET의 인증서 관리 및 보안 시스템에 관한 연구
- Author(s)
- 이대영
- Issued Date
- 2006
- Abstract
- MANET(Mobile Ad-Hoc Network) consists of mobile nodes that transfer packet data using wireless interface. MANET is a network that can transmit and receive data through routing mechanism between nodes without infrastructure, rather than communicating under the environment equipped with infrastructures. Therefore, each node participating in network should perform as router and servers without help from base stations or AP and can transmit packets instead of other nodes and perform user applications. The most attractive thing of MANET is that users can have more freedom and flexibility in use of networks, completely out of central control. In the beginning, MANET was a military communication system and recently, it has been expanded to various areas such as WPAN(Wireless- Personal Area Network), Ubiquitous, Bluetooth, RFID(Radio Frequency IDentification), and sensor networks. Mark Weiser working for Palo Alto Research Center in Xerox of U.S.A. considers Ubiquitous part of our life, rather than serious technology. Through ubiquitous computing for which computers are invisibly planted in daily life and things, information can be exchanged and we can use ubiquitous computers anytime and anywhere. That is, ubiquitous computing is our daily environment in which we can not recognize the existence of computers they are incorporated into our daily life though computers are installed in our physical space consisting of things and environments. For existing security, information digitalized in cyber space or physical space and stored in computers was a problem. In consideration of properties of ubiquitous networks, a problem that personal information may be exposed exists in ubiquitous network. For existing networks, the place attacked was confined to personal computers, but in ubiquitous networks, all the personal space may be revealed. Therefore, cyber terror in ubiquitous network includes terror given to physical space, things and physical bodies and extensive space protection is required beyond protection of personal, business and national information
In respect to security at MANET, a central technology in ubiquitous network, nodes move frequently or through mobile transfer between nodes, MANET is independently managed. So it is thought that management of its security is more difficult than that of existing networks.
Many routing protocols and security mechanisms of MANET were suggested, but it is judged that existing design methods can not meet the needs of MANET security completely, and a new concept about it should be prepared. At present, many institutions and organizations are studying on it.
As MANET has dynamic composition in which nodes are frequently changing, when a node is damaged, reliability between nodes may be changed and they may join in other administrative domains quickly they can rely on or secede. However, MANET has been studied for military or natural disaster communication system because of its property that it can perform communication without infrastructures. Such communication networks are appropriate because it is quickly-developed base structure and allows only optional and confined access.
Mobile networks can use various user certificate mechanisms such as EAP-TLS, LEAP and PEAP. As such user authorization mechanisms use public key infrastructure, PKI in mobile network should be prepared. The PKI mechanism is due to safety of PKI and through this mechanism, safety of electronic signature ca be secured. The most serious problem in using PKI in mobile personal network is that it can not have reliable certificate because of no trusted Certificate Authority. In general, key management on networks is performed through CA ( Certification Authority) or Key Distribution Server. However, due to absence of trusted certificate authority on mobile networks, direct application of PKI has some problems and actually, certificate on mobile networks is device certificate, not user certificate. Also, for safe use of devices, symmetric key system in MAC is used according to security needs, but safe exchanges of keys are not mentioned.
This study suggests security requirements for MANET which can be a base of ubiquitous system and models that can prevent security threat through application of PKI without trusted certificate authority in MANET. It is also solve excessive loading found in centralized control model by dispersing CA for adjustment to dynamic changes of nodes of MANET quickly and suggests a system model which supports expansion so that existing nodes performing communication within clusters can provide active certificate service without being affected by input of new nodes. In addition, it is to evaluate its stability, effectiveness and strength through simulation of the suggested model.
- Alternative Title
- Security System and Certificate Management of MANET for Stable Ubiquitous Service
- Alternative Author(s)
- Lee, Dae-Young
- Affiliation
- 조선대학교 대학원
- Department
- 일반대학원 전산통계학과
- Advisor
- 배상현
- Awarded Date
- 2006-02
- Table Of Contents
- 목차 = ⅰ
표목차 = ⅳ
그림 목차 = ⅴ
ABSTRACT = ⅷ
Ⅰ. 서론 = 1
A. 연구배경 = 1
B. 연구목적 = 2
Ⅱ. Mobile Ad-Hoc Network = 5
A. MANET = 5
1. MANET의 특징 = 5
2. Ad-Hoc 라우팅 프로토콜 = 6
3. MANET의 형태 = 8
4. MANET의 보안 메커니즘 = 9
Ⅲ. Cryptosystem = 13
A. Secret Sharing = 13
B. Threshold Cryptography = 14
1. Threshold Cryptography = 14
C. Share Refreshing = 17
D. Self-initializaion = 19
E. Cross Certification = 22
Ⅳ. 시스템의 구성 및 설계 = 25
A. 시스템의 구성 = 25
1. 시스템의 구성 = 25
2. 가정 및 접근 = 26
B. 시스템의 설계 = 27
1. 도메인 공개키와 비밀키 생성 및 구축 = 27
2. Secret Share의 분배 = 32
3. 인증서 생성 및 관리 = 33
4. 인증서 갱신 = 37
Ⅴ. 실험 및 평가 = 40
A. 실험환경 및 실험도구 = 40
1. 실험환경 = 40
2. 실험도구 NS2 = 41
B. 시스템 평가 = 44
1. 시스템 효율성 및 안정성 평가 = 44
2. 견고성 평가 = 54
Ⅴ. 결론 = 57
참고문헌 = 59
부록 Ⅰ = 63
부록 Ⅱ = 68
- Degree
- Doctor
- Publisher
- 조선대학교 대학원
- Citation
- 이대영. (2006). 안전한 유비쿼터스 서비스를 위한 MANET의 인증서 관리 및 보안 시스템에 관한 연구.
- Type
- Dissertation
- URI
- https://oak.chosun.ac.kr/handle/2020.oak/6188
http://chosun.dcollection.net/common/orgView/200000233019
-
Appears in Collections:
- General Graduate School > 4. Theses(Ph.D)
- Authorize & License
-
- AuthorizeOpen
- Embargo2008-05-23
- Files in This Item:
-
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.