| 000 | 00000nam c2200205 c 4500 | |
| 001 | 000045932652 | |
| 005 | 20180417110806 | |
| 007 | ta | |
| 008 | 180102s2018 ulkad bmAC 000c eng | |
| 040 | ▼a 211009 ▼c 211009 ▼d 211009 | |
| 085 | 0 | ▼a 0510 ▼2 KDCP |
| 090 | ▼a 0510 ▼b 6YD36 ▼c 344 | |
| 100 | 1 | ▼a 김기욱 |
| 245 | 1 1 | ▼a (An) authentication and key management mechanism for IoT access networks / ▼d Ki Wook Kim |
| 260 | ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2018 | |
| 300 | ▼a xi, 78장 : ▼b 삽화, 도표 ; ▼c 26 cm | |
| 500 | ▼a 지도교수: 민성기 | |
| 502 | 1 | ▼a 학위논문(박사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2018. 2 |
| 504 | ▼a 참고문헌: 장 74-78 | |
| 530 | ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf) | |
| 653 | ▼a Internet of Things (IoT) ▼a IEEE 802.11ah ▼a access network security ▼a authentication and key management (AKM) | |
| 776 | 0 | ▼t An Authentication and Key Management Mechanism for IoT Access Networks ▼w (DCOLL211009)000000080250 |
| 900 | 1 0 | ▼a Kim, Ki Wook, ▼e 저 |
| 900 | 1 0 | ▼a 민성기, ▼e 지도교수 |
| 900 | 1 0 | ▼a Min, Sung Gi, ▼e 지도교수 |
| 945 | ▼a KLPA |
전자정보
소장정보
| No. | 소장처 | 청구기호 | 등록번호 | 도서상태 | 반납예정일 | 예약 | 서비스 |
|---|---|---|---|---|---|---|---|
| No. 1 | 소장처 과학도서관/학위논문서고/ | 청구기호 0510 6YD36 344 | 등록번호 123058311 | 도서상태 대출가능 | 반납예정일 | 예약 | 서비스 |
| No. 2 | 소장처 과학도서관/학위논문서고/ | 청구기호 0510 6YD36 344 | 등록번호 123058312 | 도서상태 대출가능 | 반납예정일 | 예약 | 서비스 |
컨텐츠정보
초록
Many experts expect the number of IoT devices to exceed 20 billion by 2020. Heterogeneous IoT devices will be deployed around people, vehicles, and buildings to provide various IoT-based services. Multiple IoT service providers will deploy and manage the devices for them. As an example, if a person subscribes to the IoT healthcare service, the service provider will discreetly attach a few sensors to the customer's body. The service provider will then remotely collect data from the sensors and manage the sensors. Many IoT services utilize an IoT access network to connect small devices with their remote servers. In order to provide a share-able access network for the heterogeneous IoT devices, a standardized IoT access network technology is needed. In the IEEE 802.11 working group (representing the existing wireless access network technologies), IEEE 802.11ah is being standardized as an amendment considering the IoT environment. It considers low communication speed, wide coverage, and thousands of devices in IoT environment. An IEEE 802.11ah access point can provides Internet connectivity to all small devices in a building. Currently, IEEE 802.11ah standardization is in the completion stage of MAC/PHY, but it does not include new authentication and key management (AKM) mechanism considering the IoT environment. It uses existing IEEE 802.11 AKM as it is. In this existing mechanism, an access point (AP) performs mutual authentication with all attaching IoT devices. However, IoT devices are resource-constrained small devices, with very low computation power, limited battery, and small memory size. Therefore, it is difficult for the IoT device to perform the complex mutual authentication process itself. Also, thousands of IoT devices attaches to an AP in the IoT environment, it is inappropriate for the AP to perform mutual authentication with all of the devices, considering the scalability of the AP. A new AKM mechanism is needed for IEEE 802.11ah considering these points. This thesis therefore proposes a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 AKM with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network and the IoT devices. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 AKM mechanism.
목차
Chapter 1 Introduction 1.1 Background 1.2 Problem Statement and Objective 1.3 Approaches 1.4 Organization of the thesis Chapter 2 Related Works 2.1 Protocol Standards for AKM in Access Network 2.1.1 Extensible Authentication Protocol 2.1.2 Protocol for Carrying Authentication for Network Access 2.1.3 IEEE 802.11 AKM Protocol 2.2 Existing Studies about AKM Protocol in IoT Access Network 2.2.1 Bonetto et al. Scheme 2.2.2 TEPANOM Scheme Chapter 3 Proposed Authentication and Key Management Protocol 3.1 IoT Authentication Architecture 3.2 Protocol Specification 3.2.1 Phase A: Open Authentication and Association 3.2.2 Phase B: Mutual Authentication between the SAS and the AAS 3.2.3 Phase C: Establishing a SA between the SAS and the AP 3.2.4 Phase D: Establishing a SA between the STA and the AP Chapter 4 Protocol Analysis 4.1 Security Analysis 4.1.1 Mutual Authentication and Secure Key Agreement 4.1.2 Protection from Eavesdropping 4.1.3 Protection from Replay Attacks 4.1.4 Protection from Man-in-Middle Attacks 4.1.5 Minimizing the Impact of a Compromised Device 4.1.6 Resistance of SAS to DDoS Attack 4.2 Scalability Analysis 4.2.1 Scalability Considered in IEEE 802.11ah 4.2.2 Improved Scalability of the Proposed Protocol 4.3 Comparison with other IoT Access Network AKM Protocols Chapter 5 Performance Evaluation 5.1 Comparison of Computation Costs 5.1.1 Assumptions for IEEE 802.11 AKM 5.1.2 Method of Computation Cost Evaluation 5.1.3 IEEE 802.11 AKM Computation Cost Evaluation 5.1.4 Proposed AKM Computation Cost Evaluation 5.1.5 Comparison of the Computation Costs 5.2 Comparison of Network Costs 5.2.1 IEEE 802.11ah Network Cost Modelling 5.2.2 Assumptions for IEEE 802.11ah Network 5.2.3 IEEE 802.11 AKM Network Cost Evaluation 5.2.4 The Proposed AKM Network Cost Evaluation 5.2.5 Comparison of the Network Costs 5.3 Comparison of Memory Consumption of STA Chapter 6 Conclusions Bibliography
