HOME > 상세정보

상세정보

(An) authentication and key management mechanism for IoT access networks

(An) authentication and key management mechanism for IoT access networks

자료유형
학위논문
개인저자
김기욱
서명 / 저자사항
(An) authentication and key management mechanism for IoT access networks / Ki Wook Kim
발행사항
Seoul :   Graduate School, Korea University,   2018  
형태사항
xi, 78장 : 삽화, 도표 ; 26 cm
기타형태 저록
An Authentication and Key Management Mechanism for IoT Access Networks   (DCOLL211009)000000080250  
학위논문주기
학위논문(박사)-- 고려대학교 대학원: 컴퓨터·전파통신공학과, 2018. 2
학과코드
0510   6YD36   344  
일반주기
지도교수: 민성기  
서지주기
참고문헌: 장 74-78
이용가능한 다른형태자료
PDF 파일로도 이용가능;   Requires PDF file reader(application/pdf)  
비통제주제어
Internet of Things (IoT) , IEEE 802.11ah , access network security , authentication and key management (AKM),,
000 00000nam c2200205 c 4500
001 000045932652
005 20180417110806
007 ta
008 180102s2018 ulkad bmAC 000c eng
040 ▼a 211009 ▼c 211009 ▼d 211009
085 0 ▼a 0510 ▼2 KDCP
090 ▼a 0510 ▼b 6YD36 ▼c 344
100 1 ▼a 김기욱
245 1 1 ▼a (An) authentication and key management mechanism for IoT access networks / ▼d Ki Wook Kim
260 ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2018
300 ▼a xi, 78장 : ▼b 삽화, 도표 ; ▼c 26 cm
500 ▼a 지도교수: 민성기
502 1 ▼a 학위논문(박사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2018. 2
504 ▼a 참고문헌: 장 74-78
530 ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf)
653 ▼a Internet of Things (IoT) ▼a IEEE 802.11ah ▼a access network security ▼a authentication and key management (AKM)
776 0 ▼t An Authentication and Key Management Mechanism for IoT Access Networks ▼w (DCOLL211009)000000080250
900 1 0 ▼a Kim, Ki Wook, ▼e
900 1 0 ▼a 민성기, ▼e 지도교수
900 1 0 ▼a Min, Sung Gi, ▼e 지도교수
945 ▼a KLPA

전자정보

No. 원문명 서비스
1
(An) authentication and key management mechanism for IoT access networks (39회 열람)
PDF 초록 목차
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 344 등록번호 123058311 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 2 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 344 등록번호 123058312 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 3 소장처 세종학술정보원/5층 학위논문실/ 청구기호 0510 6YD36 344 등록번호 153079033 도서상태 대출가능 반납예정일 예약 서비스 M
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 344 등록번호 123058311 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 2 소장처 과학도서관/학위논문서고/ 청구기호 0510 6YD36 344 등록번호 123058312 도서상태 대출가능 반납예정일 예약 서비스 B M
No. 소장처 청구기호 등록번호 도서상태 반납예정일 예약 서비스
No. 1 소장처 세종학술정보원/5층 학위논문실/ 청구기호 0510 6YD36 344 등록번호 153079033 도서상태 대출가능 반납예정일 예약 서비스 M

컨텐츠정보

초록

Many experts expect the number of IoT devices to exceed 20 billion by 2020. Heterogeneous IoT devices will be deployed around people, vehicles, and buildings to provide various IoT-based services. Multiple IoT service providers will deploy and manage the devices for them. As an example, if a person subscribes to the IoT healthcare service, the service provider will discreetly attach a few sensors to the customer's body. The service provider will then remotely collect data from the sensors and manage the sensors. 

Many IoT services utilize an IoT access network to connect small devices with their remote servers. In order to provide a share-able access network for the heterogeneous IoT devices, a standardized IoT access network technology is needed. In the IEEE 802.11 working group (representing the existing wireless access network technologies), IEEE 802.11ah is being standardized as an amendment considering the IoT environment. It considers low communication speed, wide coverage, and thousands of devices in IoT environment. An IEEE 802.11ah access point can provides Internet connectivity to all small devices in a building. 

Currently, IEEE 802.11ah standardization is in the completion stage of MAC/PHY, but it does not include new authentication and key management (AKM) mechanism considering the IoT environment. It uses existing IEEE 802.11 AKM as it is. In this existing mechanism, an access point (AP) performs mutual authentication with all attaching IoT devices. However, IoT devices are resource-constrained small devices, with very low computation power, limited battery, and small memory size. Therefore, it is difficult for the IoT device to perform the complex mutual authentication process itself. Also, thousands of IoT devices attaches to an AP in the IoT environment, it is inappropriate for the AP to perform mutual authentication with all of the devices, considering the scalability of the AP. A new AKM mechanism is needed for IEEE 802.11ah considering these points.

This thesis therefore proposes a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 AKM with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network and the IoT devices. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. 

Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 AKM mechanism.

목차

Chapter 1 Introduction 
1.1 Background 
1.2 Problem Statement and Objective 
1.3 Approaches 
1.4 Organization of the thesis 

Chapter 2 Related Works 
2.1 Protocol Standards for AKM in Access Network 
2.1.1 Extensible Authentication Protocol 
2.1.2 Protocol for Carrying Authentication for Network Access 
2.1.3 IEEE 802.11 AKM Protocol 
2.2 Existing Studies about AKM Protocol in IoT Access Network 
2.2.1 Bonetto et al. Scheme 
2.2.2 TEPANOM Scheme 

Chapter 3 Proposed Authentication and Key Management Protocol 
3.1 IoT Authentication Architecture
3.2 Protocol Specification 
3.2.1 Phase A: Open Authentication and Association 
3.2.2 Phase B: Mutual Authentication between the SAS and the AAS 
3.2.3 Phase C: Establishing a SA between the SAS and the AP 
3.2.4 Phase D: Establishing a SA between the STA and the AP 

Chapter 4 Protocol Analysis 
4.1 Security Analysis 
4.1.1 Mutual Authentication and Secure Key Agreement 
4.1.2 Protection from Eavesdropping 
4.1.3 Protection from Replay Attacks 
4.1.4 Protection from Man-in-Middle Attacks 
4.1.5 Minimizing the Impact of a Compromised Device 
4.1.6 Resistance of SAS to DDoS Attack 
4.2 Scalability Analysis 
4.2.1 Scalability Considered in IEEE 802.11ah 
4.2.2 Improved Scalability of the Proposed Protocol 
4.3 Comparison with other IoT Access Network AKM Protocols 

Chapter 5 Performance Evaluation 
5.1 Comparison of Computation Costs 
5.1.1 Assumptions for IEEE 802.11 AKM 
5.1.2 Method of Computation Cost Evaluation 
5.1.3 IEEE 802.11 AKM Computation Cost Evaluation 
5.1.4 Proposed AKM Computation Cost Evaluation 
5.1.5 Comparison of the Computation Costs 
5.2 Comparison of Network Costs 
5.2.1 IEEE 802.11ah Network Cost Modelling 
5.2.2 Assumptions for IEEE 802.11ah Network 
5.2.3 IEEE 802.11 AKM Network Cost Evaluation 
5.2.4 The Proposed AKM Network Cost Evaluation 
5.2.5 Comparison of the Network Costs 
5.3 Comparison of Memory Consumption of STA 

Chapter 6 Conclusions 

Bibliography