• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.1023-1026
• /
• 2002

The demand for Wireless LAN (WLAN) access to use their network and the Internet is surged dramatically over the past year. Since WLAN provides users' access from anywhere in the workplace without having to plug in, it therefore leads the WLAN market to grow steadily. Unfortunately, the first WLAN implementation designed primarily for home networking did little to address these security issues. Moreover, although the 802.11b standard published by IEEE in 1999 improved WLAN connections LAN-equivalent speed and security from the 802.11 standard. However, there still are several flaws such as the weaknesses in the Authentication and WEP encryption schemes in the IEEE 802.11 WLAN standard. In this paper, we propose WLAN architecture for providing the strong centralized authentication, encryption, and dynamic key distribution on a WLAN. Additionally, this proposed architecture is able to support roaming users and is flexible and extensible to future developments in the network security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.6
• /
• pp.1515-1523
• /
• 2015

It has been prevalent to be serviced through WLAN(Wireless Local Area Network) as a variety of mobile devices have been introduced. If the number of mobile devices increases rapidly for the network access in a limited range of ESS(Extended Service Set), a lengthy connection delays are induced due to the initial link setup process of the IEEE 802.11i which is WLAN security standard. In this paper, we propose a new initial link setup protocol which can be executed in the ESS area of WLAN.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.137-144
• /
• 2004

3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).

• Journal of information and communication convergence engineering
• /
• v.1 no.4
• /
• pp.183-188
• /
• 2003

The $4^{th}$ generation mobile communications, through several radio access networks such as WLAN, Bluetooth, UMTS, GPRS, CDMA 1X, and IMT-2000 in the same area offering different type of coverage, will support interactive multimedia services in additions to wider bandwidths, higher bit rates, and service portability. Regardless of various radio access networks, they will also support robust security mechanisms, as well as seamless mobility and common authentication. In this paper, we give an overview of WLAN security and examine its security problems. We also explain the enhanced security schemes, such as port-based authentication, EAP, and IEEE 802.1X. For secure wireless communications, several possible security solutions are offered and evaluated in various respects to improve WLAN security. This paper will make a contribution to provide more secure wireless communications to cellular operators embracing WLAN technology as a means to generate new revenues based on data services.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.81-92
• /
• 2009

Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

• Proceedings of the IEEK Conference
• /
• 2002.07c
• /
• pp.1944-1947
• /
• 2002

The importance of security in WLAN(Wireless LAN) service is very critical, so IEEE organization has made the IEEE 802.1x standard. The IEEE 802.1x standard uses the EAP as authentication protocol which requires AAA(Authentication, authorization, and Accounting) server for authentication & accounting. for the reliable and scalable AAA service, the Diameter protocol has more advanced characteristics than existing radius protocol. So the Diameter protocol can be used for WLAN service provider who has large scale WLAN system and a large number of subscriber. This paper proposes the design of Diameter AAA server for the authentication and accounting of WLAN system which is adopting IEEE 802.1x standard.

• 한국정보통신설비학회:학술대회논문집
• /
• 2009.08a
• /
• pp.208-210
• /
• 2009

Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG. (Intelligent Wireless Internet Gateway). For the network security and user authenti -cation purposes, a supplicant who wants to access Internet should be authorized to access the AP port using the EAPOL.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.351-355
• /
• 2003

본 논문에서는 3GPP-WLAN 연동 보안에 필수인 EAP-AKA를 기반으로 한 인증/재인증의 개요와 인증 진행 부분에서 협상되는 마스터 세션 키 생성과 EAP AKA 패킷을 보호하기 위해 사용되는 키 생성에 관하여 설명하고, EAP-AKA 과정에서 생성되는 키의 안전성을 분석하고, EAP-AKA를 사용하는 3GPP-WLAN 연동의 효율성 및 고려사항에 대하여 고찰하였다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.3
• /
• pp.195-200
• /
• 2020

Wireless LANs are being used in many fields due to their ease of use. The biggest advantage of the WLAN can be said above all mobility. Domestic wired internet service has been saturated since 2006, but wireless internet users have been steadily increasing. However, WLAN has many advantages and characteristics of wireless service. It has a number of security vulnerabilities, and various security related technologies have been developed and applied to solve these problems. On the other hand, security awareness of WLAN users is still insufficient, and security accidents such as personal information leakage occur repeatedly every year. We will study the main weaknesses that can occur in WLAN and suggest security measures from the management level.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.601-606
• /
• 2005

Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.