• 제목/요약/키워드: Node Authentication

검색결과 224건 처리시간 0.037초

ID-based Sensor Node Authentication for Multi-Layer Sensor Networks

  • Sung, Soonhwa;Ryou, Jaecheol
    • Journal of Communications and Networks
    • /
    • 제16권4호
    • /
    • pp.363-370
    • /
    • 2014
  • Despite several years of intense research, the security and cryptography in wireless sensor networks still have a number of ongoing problems. This paper describes how identification (ID)-based node authentication can be used to solve the key agreement problem in a three-layer interaction. The scheme uses a novel security mechanism that considers the characteristics, architecture, and vulnerability of the sensors, and provides an ID-based node authentication that does not require expensive certificates. The scheme describes the routing process using a simple ID suitable for low power and ID exposure, and proposes an ID-based node authentication. This method achieves low-cost communications with an efficient protocol. Results from this study demonstrates that it improves routing performance under different node densities, and reduces the computational cost of key encryption and decryption.

MAC Layer Based Certificate Authentication for Multiple Certification Authority in MANET

  • Sekhar, J. Chandra;Prasad, Ramineni Sivarama
    • IEIE Transactions on Smart Processing and Computing
    • /
    • 제3권5호
    • /
    • pp.298-305
    • /
    • 2014
  • In this study, a novel Randomly Shifted Certification Authority Authentication protocol was used in ad hoc networks to provide authentication by considering the MAC layer characteristics. The nodes achieve authentication through the use of public key certificates issued by a CA, which assures the certificate's ownership. As a part of providing key management, the active CA node transfers the image of the stored public keys to other idle CA nodes. Finally the current active CA randomly selects the ID of the available idle CA and shifts the CA ownership by transferring it. Revoking is done if any counterfeit or duplicate non CA node ID is found. Authentication and integrity is provided by preventing MAC control packets, and Enhanced Hash Message Authentication Code (EHMAC) can be used. Here EHMAC with various outputs is introduced in all control packets. When a node transmits a packet to a node with EHMAC, verification is conducted and the node replies with the transmitter address and EHMAC in the acknowledgement.

자원 공유 커뮤니티를 위한 인증 기술과 신뢰관계사슬 (Authentication and Trust Relationship Chaining for Resource Sharing Community)

  • 김정곤;김신곤
    • 디지털산업정보학회논문지
    • /
    • 제6권2호
    • /
    • pp.55-69
    • /
    • 2010
  • This article proposed the authentication protocol for peer-to-peer resource sharing community. The proposed protocol does not require a priori information for generating and exchanging authentication key. Also this protocol can provide the delicate access control by allowing the user(authenticator) to assign the trust level to the authentication supplicant, which can be used to decide if the resource providing node will accept the resource sharing request from a resource requesting node. Trust Relationship Chaining provides the environment where trust levels (included in the trust table) of nodes in the resource sharing community are propagated among nodes when trust tables are exchanged between two nodes engaged in mutual authentication process and authentication refresh so that any two nodes which are not directly mutual-authenticated can assign the trust level each other for the access control for resource sharing. In the proposed protocol a node can implements the authentication refresh continuously to verify the effectiveness of authentication after mutual authentication so that the authentication of new node or authentication revocation(effectiveness cancellation) of the departed node can be propagated to the all the nodes in RSC and eventually safe resource sharing community is configured.

Mutual Authentication Protocol Using a Low Power in the Ubiquitous Computing Environment

  • Cho Young-bok;Kim Dong-myung;Lee Sang-ho
    • 대한원격탐사학회:학술대회논문집
    • /
    • 대한원격탐사학회 2004년도 Proceedings of ISRS 2004
    • /
    • pp.91-94
    • /
    • 2004
  • Ubiquitous sensor network is to manage and collect information autonomously by communicating user around device. Security requirements in Ubiquitous based on sensor network are as follows: a location of sensor, a restriction of performance by low electric power, communication by broadcasting, etc. We propose new mutual authentication protocol using a low power of sensor node. This protocol solved a low power problem by reducing calculation overload of sensor node using two steps, RM(Register Manager) and AM(Authentication Manager). Many operations performing the sensor node itself have a big overload in low power node. Our protocol reduces the operation number from sensor node. Also it is mutual authentication protocol in Ubiquitous network, which satisfies mutual authentication, session key establishment, user and device authentication, MITM attack, confidentiality, integrity, and is safe the security enemy with solving low electric power problem.

  • PDF

무선 모바일 멀티 홉 네트워크에서의 인증 기법 고찰 및 개선 (Authentication Scheme in Wireless Mobile Multi-hop Networks)

  • 이용;이구연
    • 산업기술연구
    • /
    • 제27권B호
    • /
    • pp.43-51
    • /
    • 2007
  • In mobile multi-hop wireless networks, the authentication between a base station and a mobile multi-hop node, between multi-hop nodes, and between user a station and a multi-hop node is needed for the reliable and secure network operation. In this paper, we survey various authentication schemes which can be considered to be adopted in mobile multi-hop wireless networks and propose a concept of novel mutual authentication scheme applicable to mobile multi-hop network architecture. The scheme should resolve the initial trust gain problem of a multi-hop node at its entry to the network, the problem of rogue mobile multi-hop node and the problem of hop-by-hop authentication between multi-hop nodes. Effectively, the scheme is a hybrid scheme of the distributed authentication method and the centralized authentication method which are considered to be deployed in the wireless ad-hoc network and the wireless network connected to wired authentication servers, respectively.

  • PDF

A Heterogeneous IoT Node Authentication Scheme Based on Hybrid Blockchain and Trust Value

  • Zhang, Shiqiang;Cao, Yang;Ning, Zhenhu;Xue, Fei;Cao, Dongzhi;Yang, Yongli
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제14권9호
    • /
    • pp.3615-3638
    • /
    • 2020
  • Node identity authentication is an essential means to ensure the security of the Internet of Things. Existing blockchain-based IoT node authentication schemes have many problems. A heterogeneous IoT node authentication scheme based on an improved hybrid blockchain is proposed. Firstly, the hybrid blockchain model is designed to make the blockchain and IoT environment more compatible. Then the proxy node selection mechanism is intended to establish a bridge between the ordinary IoT node and the blockchain, building by calculating the trust value between nodes. Finally, based on the improved hybrid blockchain, the node authentication scheme of the model and proxy node selection mechanism establishes a secure connection for communication between nodes. Safety and performance analysis shows proper safety and performance.

해시 체인 기반 일회용 키를 이용한 하둡 보안 프로토콜 설계 (A Design of Hadoop Security Protocol using One Time Key based on Hash-chain)

  • 정은희;이병관
    • 한국정보전자통신기술학회논문지
    • /
    • 제10권4호
    • /
    • pp.340-349
    • /
    • 2017
  • 본 논문에서는 재전송공격과 가장 공격을 방지할 수 있는 하둡 보안 프로토콜을 제안한다. 제안하는 하둡 보안 프로토콜은 사용자 인증 모듈, 공개키 기반 데이터노드 관리 모듈, 네임노드 인증 모듈, 그리고 데이터노드 인증 모듈로 구성된다. 사용자 인증모듈은 인증서버에서 사용자의 신분을 확인한 후에 TGS로부터 임시접속 ID를 발급받고, 공개키 기반 데이터 노드 관리 모듈은 네임노드와 데이터 노드간의 비밀키를 생성하고, 해시체인기법으로 OKTL(One-Time Key List)를 생성한다. 네임노드 인증 모듈은 임시접속 ID로 사용자의 신분을 확인하고 DT(Delegation Token)와 BAT(Block Access Token)를 사용자에게 발급해주고, 데이터 노드 인증 모듈은 BAT의 OwnerID을 검증하여 사용자의 신분을 확인하고 데이터를 암호화시켜 사용자에게 제공한다. 즉, 제안하는 하둡 보안 프로토콜에서는 OTKL, timestamp, OwnerID을 이용하여 데이터 노드의 비밀키 노출을 대비할 뿐만 아니라 재전송 공격과 가장 공격을 탐지하고, 데이터 노드의 데이터 접근을 강화시키고 데이터를 암호화하여 전달함으로써 데이터 보안을 강화시켰다.

A LOW-COST PROTOCOL IN SENSOR NETWORK UBIQUITOUS ENVIRONMENT

  • Lee Dong-heui;Cho Young-bok;Kim Dong-myung;Lee Sang-ho
    • 대한원격탐사학회:학술대회논문집
    • /
    • 대한원격탐사학회 2005년도 Proceedings of ISRS 2005
    • /
    • pp.766-769
    • /
    • 2005
  • In a ubiquitous environment made up of multiple sensors, most sensors participate in communications with limited battery, and the sensor node isn't able to participate in communications when all the battery is used up. When an existing authentication method is used for the sensor node which has to participate in a long term communication with limited battery, it creates a problem by making the length of network maintenance or sensor node's operation time relatively shorte. Therefore, a network structure where RM (Register Manager) node and AM (Authentication Manager) node are imported to solve the energy consumption problem during a communication process is presented in this thesis. This offers a low power protocol based on safety through a mutual authentication during communications. Through registration and authentication manager nodes, each sensor nodes are ensured of safety and the algorithm of key's generation, encryption/descramble and authentication is processed with faster operation speed. So the amount of electricity used up during the communications between sensor nodes has been evaluated. In case of the amount of electrical usage, an average of $34.783\%$ for the same subnet and 36.855 for communications with two different subnets, are reduced. The proposed method is a protocol which maintains the limited battery for a long time to increase the effectiveness of energy usage in sensor nodes and can also increase the participation rate of communication by sensor nodes.

  • PDF

A Study on Finding Emergency Conditions for Automatic Authentication Applying Big Data Processing and AI Mechanism on Medical Information Platform

  • Ham, Gyu-Sung;Kang, Mingoo;Joo, Su-Chong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제16권8호
    • /
    • pp.2772-2786
    • /
    • 2022
  • We had researched an automatic authentication-supported medical information platform[6]. The proposed automatic authentication consists of user authentication and mobile terminal authentication, and the authentications are performed simultaneously in patients' emergency conditions. In this paper, we studied on finding emergency conditions for the automatic authentication by applying big data processing and AI mechanism on the extended medical information platform with an added edge computing system. We used big data processing, SVM, and 1-Dimension CNN of AI mechanism to find emergency conditions as authentication means considering patients' underlying diseases such as hypertension, diabetes mellitus, and arrhythmia. To quickly determine a patient's emergency conditions, we placed edge computing at the end of the platform. The medical information server derives patients' emergency conditions decision values using big data processing and AI mechanism and transmits the values to an edge node. If the edge node determines the patient emergency conditions, the edge node notifies the emergency conditions to the medical information server. The medical server transmits an emergency message to the patient's charge medical staff. The medical staff performs the automatic authentication using a mobile terminal. After the automatic authentication is completed, the medical staff can access the patient's upper medical information that was not seen in the normal condition.

MANET에서 노드들의 신뢰 검증 향상을 위한 3-tiers 인증 기법 연구 (A Study on 3-tiers Authentication Scheme for Improving the Confidence Verification of Nodes in the MANET)

  • 양환석
    • 디지털산업정보학회논문지
    • /
    • 제9권1호
    • /
    • pp.87-93
    • /
    • 2013
  • MANET has the advantage of having the flexibility to build easily a network in a difficult situation that builds a wired network. But, data transmission errors by movement of nodes and eavesdropping by wireless communications have become a problem of security. Authentication service is the most essential in order to overcome these problems and operate network stably. In this paper, we propose 3-tiers authentication structure to exclude of malicious node and operate stable network through more systematic and thorough node authentication. After network is composed into a cluster, cluster head which play CA role is elected. Among these, the highest-CA is elected. The highest-CA receives certificates to cluster head and the cluster head evaluates trust value of their member nodes. Authentication technique which issues member node key is used. We compared PSS and experimented to evaluate performance of proposed scheme in this paper and efficiency of the proposed technique through experience was confirmed.