대한전자공학회논문지TC (Journal of the Institute of Electronics Engineers of Korea TC)

대한전자공학회 (The Institute of Electronics and Information Engineers)
권호 표지

이기종 무선 이동망간 통합 인증 및 키관리 기법

Integrated Authentication and Key Management Method among Heterogeneous Wireless Mobile Networks

  • 박형수 (고려대학교 정보보호대학원) ;
  • 이형우 (한신대학교 컴퓨터 정보 소프트웨어학부) ;
  • 이동훈 (고려대학교 정보보호대학원)
  • Park Hyung-Soo (Graduate School of Information Security, Korea University) ;
  • Lee Hyung-Woo (Div. of Computer Information and Software, Hanshin University) ;
  • Lee Dong-Hoon (Graduate School of Information Security, Korea University)
  • 발행 : 2006.07.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

서비스 사업자와 통신 제조업체에 의해 선도되는 새로운 통신 패러다임은 무선 이동 통신망을 AII-IP(Internet Protocol) 망으로 빠르게 전환하도록 하고 있다. 이러한 패러다임에서 이기종망간 IP의 개방 접근성으로 인해, 가입자에 대한 인증과 세션 키를 제공하는 것이 중요한 연구 과제들 중의 하나가 되었다. 본 논문에서는 이기종 무선 이동망들의 인증 처리 절차를 소개하고, 모든 이동 망간 연동을 안전하게 지원하면서, 기존 망에 대한 인증 호환성(Backward Compatibility)을 제공하는 통합 이동 인증 서버(IMAS; Integrated Mobile Authentication Server)를 제안한다. 특별히, IMAS의 디자인에 있어서 무선 인증 상호 연동 기법, 키 관리 기법 및 극복되어야 할 쟁점 사항들을 제시한다. 세션 키를 생성하는 인증 알고리즘의 성능 결과를 분석하고 평가한다. 또한, IMAS의 실험 환경을 구축하여 성능(TPS; Transaction Per Second) 결과를 분석하며 평가한다. IMAS는 기존망의 기능과 효율에 대한 보상없이 이기종 무선 이동망 간 연동이 가능하도록 하였고, 분산된 DB(Data Base) 통합으로 인해 망간 데이터 중복성과 불일치성을 줄였다.

The new communication paradigm is rapidly shifted from wireless mobile networks to an All-IP(Internet Protocol) network, led by service industry leaders and communication manufacturers. In this paradigm, providing authentication and session keys of a subscriber becomes one of the critical tasks because of IP open accessibility among heterogeneous networks. In this paper, we introduce authentication process procedure of heterogeneous wireless mobile networks and develop so-called IMAS(Integrated Mobile Authentication Server) which can securely inter-work among all mobile networks and support the legacy networks with backward compatibility. Especially, in designing IMAS, mobile authentication inter-working mechanism, key management technique, and other issues to be overcome are presented. We analyze and evaluate the performance of authentication algorithm which creates session key. A simulation environment of IMAS is established, and a performance(TPS; Transaction Per Second) result is analyzed and evaluated. It turned out that IMAS works among heterogeneous wireless mobile networks without compensating efficiency and functionalities of the legacy networks and decrease the entropy of data redundancy and data inconsistency among networks because of the integrity of the distributed Data Base(DB).

키워드

참고문헌

  1. Dong-Hoon Yang; Seongcheol Kim; Changi Nam; Ji-Sook Moon, 'Fixed and mobile service convergence and reconfiguration of telecommunications value chains,' Wireless Communications, IEEE, Volume 11, Issue 5, Oct. 2004 https://doi.org/10.1109/MWC.2004.1351680
  2. Vijay K. Garg and Joseph E. Wilkes, 'Interworking and lnteroperability Issues for North American PCS,' IEEE Communications Magazine, Volume 34, Issue 3, PP. 94-99, March 1996 https://doi.org/10.1109/35.486808
  3. 3GPP TS 33.102, '3rd Generation Partnership Project; Technical Specification Group Services and System Aspects;3G Security; Security architecture (Release 6)' V6.3.0, Dec 2004
  4. 3GPP2 X.S0006, 'MAP Support of Authenti-cation and Key Agreement (AKA),' v1.0, October 2005
  5. Amh Mahapatra, R. Uma, 'Authentication in an Integrated 802..1X based WLAN AND CDMA 2 0 0 0-1 X network,' IEEE Communications Magazine, November 2003
  6. Kalle Ahmavaara, Henry Haverinen, and Roman Pichna, 'Interworking Architecture Between 3GPP and WLAN Systems,' IEEE Communi-cations Magazine, Volume 41, Issue 11, PP. 74-81, November 2003 https://doi.org/10.1109/MCOM.2003.1244926
  7. 3GPP TS 33.105, '3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Crypto-graphic algorithm requirements (Release 6),' V6.0.0, June 2004
  8. WiMAX Forum, 'WiMAX Stage 2 EAP Architecture: Three-party Authentication Model,' June 2005
  9. Miikka Poikselk, Georg Mayer, Hisham Khartabil and Aki Niemi, 'The IMS IP Multimedia Concepts and Services in the Mobile Domain,' John Wiley & Sons, Ltd, 2004
  10. 3GPP2 X.S0013, 'All-IP Core Network Multimedia Domain,' July, 2005
  11. WiMAX Forum, 'WiMAX End-to-End Network Systems Architecture' June 2005
  12. R. Stewart et al. 'Stream Control Transmission Protocol,' RFC-2960, IETF, October 2000
  13. P. Calhoun et al. 'Diameter Base Protocol,' RFC-3588, IETF, September 2003
  14. B. Aboba et al. 'Extensible Authentication Protocol (EAP),' RFC-3748, IETF, June 2004
  15. J. Arkko and H. Haverinen, 'Extensible Authen-tication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA),' RFC-4187, IETF, January 200
  16. 3GPP TS 35.20~208, '3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set.' An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 1: General,' V6.0.0, December 2004
  17. W. Y. Lee, 'Authentication Inter-working Methods between Wireless LAN Systems,' Proceeding (464) Networks and Communication Systems, March. 2005
  18. Snyder, Randall A., 'Wireless Telecommunica-tions Networking with ANSI-41,' McGraw-Hill, 2/E, January 2000