HOME > Detail View

Detail View

(An) authentication and key management mechanism for IoT access networks

(An) authentication and key management mechanism for IoT access networks

Material type
학위논문
Personal Author
김기욱
Title Statement
(An) authentication and key management mechanism for IoT access networks / Ki Wook Kim
Publication, Distribution, etc
Seoul :   Graduate School, Korea University,   2018  
Physical Medium
xi, 78장 : 삽화, 도표 ; 26 cm
기타형태 저록
An Authentication and Key Management Mechanism for IoT Access Networks   (DCOLL211009)000000080250  
학위논문주기
학위논문(박사)-- 고려대학교 대학원: 컴퓨터·전파통신공학과, 2018. 2
학과코드
0510   6YD36   344  
General Note
지도교수: 민성기  
Bibliography, Etc. Note
참고문헌: 장 74-78
이용가능한 다른형태자료
PDF 파일로도 이용가능;   Requires PDF file reader(application/pdf)  
비통제주제어
Internet of Things (IoT) , IEEE 802.11ah , access network security , authentication and key management (AKM),,
000 00000nam c2200205 c 4500
001 000045932652
005 20180417110806
007 ta
008 180102s2018 ulkad bmAC 000c eng
040 ▼a 211009 ▼c 211009 ▼d 211009
085 0 ▼a 0510 ▼2 KDCP
090 ▼a 0510 ▼b 6YD36 ▼c 344
100 1 ▼a 김기욱
245 1 1 ▼a (An) authentication and key management mechanism for IoT access networks / ▼d Ki Wook Kim
260 ▼a Seoul : ▼b Graduate School, Korea University, ▼c 2018
300 ▼a xi, 78장 : ▼b 삽화, 도표 ; ▼c 26 cm
500 ▼a 지도교수: 민성기
502 1 ▼a 학위논문(박사)-- ▼b 고려대학교 대학원: ▼c 컴퓨터·전파통신공학과, ▼d 2018. 2
504 ▼a 참고문헌: 장 74-78
530 ▼a PDF 파일로도 이용가능; ▼c Requires PDF file reader(application/pdf)
653 ▼a Internet of Things (IoT) ▼a IEEE 802.11ah ▼a access network security ▼a authentication and key management (AKM)
776 0 ▼t An Authentication and Key Management Mechanism for IoT Access Networks ▼w (DCOLL211009)000000080250
900 1 0 ▼a Kim, Ki Wook, ▼e
900 1 0 ▼a 민성기, ▼e 지도교수
900 1 0 ▼a Min, Sung Gi, ▼e 지도교수
945 ▼a KLPA

Electronic Information

No. Title Service
1
(An) authentication and key management mechanism for IoT access networks (39회 열람)
View PDF Abstract Table of Contents

Holdings Information

No. Location Call Number Accession No. Availability Due Date Make a Reservation Service
No. 1 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 344 Accession No. 123058311 Availability Available Due Date Make a Reservation Service B M
No. 2 Location Science & Engineering Library/Stacks(Thesis)/ Call Number 0510 6YD36 344 Accession No. 123058312 Availability Available Due Date Make a Reservation Service B M

Contents information

Abstract

Many experts expect the number of IoT devices to exceed 20 billion by 2020. Heterogeneous IoT devices will be deployed around people, vehicles, and buildings to provide various IoT-based services. Multiple IoT service providers will deploy and manage the devices for them. As an example, if a person subscribes to the IoT healthcare service, the service provider will discreetly attach a few sensors to the customer's body. The service provider will then remotely collect data from the sensors and manage the sensors. 

Many IoT services utilize an IoT access network to connect small devices with their remote servers. In order to provide a share-able access network for the heterogeneous IoT devices, a standardized IoT access network technology is needed. In the IEEE 802.11 working group (representing the existing wireless access network technologies), IEEE 802.11ah is being standardized as an amendment considering the IoT environment. It considers low communication speed, wide coverage, and thousands of devices in IoT environment. An IEEE 802.11ah access point can provides Internet connectivity to all small devices in a building. 

Currently, IEEE 802.11ah standardization is in the completion stage of MAC/PHY, but it does not include new authentication and key management (AKM) mechanism considering the IoT environment. It uses existing IEEE 802.11 AKM as it is. In this existing mechanism, an access point (AP) performs mutual authentication with all attaching IoT devices. However, IoT devices are resource-constrained small devices, with very low computation power, limited battery, and small memory size. Therefore, it is difficult for the IoT device to perform the complex mutual authentication process itself. Also, thousands of IoT devices attaches to an AP in the IoT environment, it is inappropriate for the AP to perform mutual authentication with all of the devices, considering the scalability of the AP. A new AKM mechanism is needed for IEEE 802.11ah considering these points.

This thesis therefore proposes a new AKM mechanism for an IoT access network, which is based on IEEE 802.11 AKM with the IEEE 802.1X authentication mechanism. The proposed AKM mechanism does not require any pre-configured security information between the access network and the IoT devices. It considers the resource constraints of IoT devices, allowing IoT devices to delegate the burden of AKM processes to a powerful agent. The agent has sufficient power to support various authentication methods for the access point, and it performs cryptographic functions for the IoT devices. 

Performance analysis shows that the proposed mechanism greatly reduces computation costs, network costs, and memory usage of the resource-constrained IoT device as compared to the existing IEEE 802.11 AKM mechanism.

Table of Contents

Chapter 1 Introduction 
1.1 Background 
1.2 Problem Statement and Objective 
1.3 Approaches 
1.4 Organization of the thesis 

Chapter 2 Related Works 
2.1 Protocol Standards for AKM in Access Network 
2.1.1 Extensible Authentication Protocol 
2.1.2 Protocol for Carrying Authentication for Network Access 
2.1.3 IEEE 802.11 AKM Protocol 
2.2 Existing Studies about AKM Protocol in IoT Access Network 
2.2.1 Bonetto et al. Scheme 
2.2.2 TEPANOM Scheme 

Chapter 3 Proposed Authentication and Key Management Protocol 
3.1 IoT Authentication Architecture
3.2 Protocol Specification 
3.2.1 Phase A: Open Authentication and Association 
3.2.2 Phase B: Mutual Authentication between the SAS and the AAS 
3.2.3 Phase C: Establishing a SA between the SAS and the AP 
3.2.4 Phase D: Establishing a SA between the STA and the AP 

Chapter 4 Protocol Analysis 
4.1 Security Analysis 
4.1.1 Mutual Authentication and Secure Key Agreement 
4.1.2 Protection from Eavesdropping 
4.1.3 Protection from Replay Attacks 
4.1.4 Protection from Man-in-Middle Attacks 
4.1.5 Minimizing the Impact of a Compromised Device 
4.1.6 Resistance of SAS to DDoS Attack 
4.2 Scalability Analysis 
4.2.1 Scalability Considered in IEEE 802.11ah 
4.2.2 Improved Scalability of the Proposed Protocol 
4.3 Comparison with other IoT Access Network AKM Protocols 

Chapter 5 Performance Evaluation 
5.1 Comparison of Computation Costs 
5.1.1 Assumptions for IEEE 802.11 AKM 
5.1.2 Method of Computation Cost Evaluation 
5.1.3 IEEE 802.11 AKM Computation Cost Evaluation 
5.1.4 Proposed AKM Computation Cost Evaluation 
5.1.5 Comparison of the Computation Costs 
5.2 Comparison of Network Costs 
5.2.1 IEEE 802.11ah Network Cost Modelling 
5.2.2 Assumptions for IEEE 802.11ah Network 
5.2.3 IEEE 802.11 AKM Network Cost Evaluation 
5.2.4 The Proposed AKM Network Cost Evaluation 
5.2.5 Comparison of the Network Costs 
5.3 Comparison of Memory Consumption of STA 

Chapter 6 Conclusions 

Bibliography