• Title/Summary/Keyword: wlan security

Search Result 79, Processing Time 0.02 seconds

DIAMETER Strong Security Extension using Kerberos v5 in WLAN (WLAN에서 Kerberos v5를 이용하여 안전성을 강화한 DIAMETER의 확장)

  • Wiroon, Sriborrirux;Kim, Tai-Yun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2002.11b
    • /
    • pp.1023-1026
    • /
    • 2002
  • The demand for Wireless LAN (WLAN) access to use their network and the Internet is surged dramatically over the past year. Since WLAN provides users' access from anywhere in the workplace without having to plug in, it therefore leads the WLAN market to grow steadily. Unfortunately, the first WLAN implementation designed primarily for home networking did little to address these security issues. Moreover, although the 802.11b standard published by IEEE in 1999 improved WLAN connections LAN-equivalent speed and security from the 802.11 standard. However, there still are several flaws such as the weaknesses in the Authentication and WEP encryption schemes in the IEEE 802.11 WLAN standard. In this paper, we propose WLAN architecture for providing the strong centralized authentication, encryption, and dynamic key distribution on a WLAN. Additionally, this proposed architecture is able to support roaming users and is flexible and extensible to future developments in the network security.

  • PDF

WLAN Security Access Protocol for Rapid Initial Link Setup Process (신속한 초기 링크 셋업 과정을 위한 WLAN 보안 접속 프로토콜)

  • Kim, Min-Hee;Park, Chang-Seop
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.6
    • /
    • pp.1515-1523
    • /
    • 2015
  • It has been prevalent to be serviced through WLAN(Wireless Local Area Network) as a variety of mobile devices have been introduced. If the number of mobile devices increases rapidly for the network access in a limited range of ESS(Extended Service Set), a lengthy connection delays are induced due to the initial link setup process of the IEEE 802.11i which is WLAN security standard. In this paper, we propose a new initial link setup protocol which can be executed in the ESS area of WLAN.

Efficient security mechanism in 3GPP-WLAN interworking (3GPP-WLAN interworking에서의 효율적인 보안 메커니즘)

  • 신상욱
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.3
    • /
    • pp.137-144
    • /
    • 2004
  • 3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).

Wireless LAN Security Solutions for Secure Wireless Communications

  • Kim, Su-Yong;Ahn, Duck-Ki;Roh, Jae-Sung;Oh, Chang-Reon;Cho, Sung-Joon
    • Journal of information and communication convergence engineering
    • /
    • v.1 no.4
    • /
    • pp.183-188
    • /
    • 2003
  • The $4^{th}$ generation mobile communications, through several radio access networks such as WLAN, Bluetooth, UMTS, GPRS, CDMA 1X, and IMT-2000 in the same area offering different type of coverage, will support interactive multimedia services in additions to wider bandwidths, higher bit rates, and service portability. Regardless of various radio access networks, they will also support robust security mechanisms, as well as seamless mobility and common authentication. In this paper, we give an overview of WLAN security and examine its security problems. We also explain the enhanced security schemes, such as port-based authentication, EAP, and IEEE 802.1X. For secure wireless communications, several possible security solutions are offered and evaluated in various respects to improve WLAN security. This paper will make a contribution to provide more secure wireless communications to cellular operators embracing WLAN technology as a means to generate new revenues based on data services.

A Secure and Efficient Roaming Mechanism for Centralized WLAN Environment (중앙집중식 WLAN 환경에서의 안전하고 효율적인 로밍 메커니즘)

  • Park, Chang-Seop;Woo, Byung-Duk;Lim, Jeong-Mi
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.1
    • /
    • pp.81-92
    • /
    • 2009
  • Recently, there is a drastic increase in users interested in real-time multimedia services in the WLAN environment, as the demand of IEEE 802.11 WLAN-based services increases. However, the handoff delay based on 802.11i security policy is not acceptable for the seamless real-time multimedia services provided to MS frequently moving in the WLAN environment, and there is a possibility of DoS attacks against session key derivation process and handoff mechanism. In this paper, a secure and efficient handoff mechanism in the centralized WLAN environment is introduced to solve the security problems. The 4-way Handshake for both mutual authentication and session key derivation is replaced by the 2-way Reassociation process.

The design of AAA server for Wireless LAN with 802.1x

  • Ham, Young-Hwan;Chung, Byung-Ho
    • Proceedings of the IEEK Conference
    • /
    • 2002.07c
    • /
    • pp.1944-1947
    • /
    • 2002
  • The importance of security in WLAN(Wireless LAN) service is very critical, so IEEE organization has made the IEEE 802.1x standard. The IEEE 802.1x standard uses the EAP as authentication protocol which requires AAA(Authentication, authorization, and Accounting) server for authentication & accounting. for the reliable and scalable AAA service, the Diameter protocol has more advanced characteristics than existing radius protocol. So the Diameter protocol can be used for WLAN service provider who has large scale WLAN system and a large number of subscriber. This paper proposes the design of Diameter AAA server for the authentication and accounting of WLAN system which is adopting IEEE 802.1x standard.

  • PDF

Design and Implementation of User authentication and Roaming Schemes in public WLAN environments (WLAN 서비스에서 사용자 인증과 로밍방식의 설계)

  • Kim, Dong-Ok;Kang, Dong-Jin
    • 한국정보통신설비학회:학술대회논문집
    • /
    • 2009.08a
    • /
    • pp.208-210
    • /
    • 2009
  • Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG. (Intelligent Wireless Internet Gateway). For the network security and user authenti -cation purposes, a supplicant who wants to access Internet should be authorized to access the AP port using the EAPOL.

  • PDF

Study on key generation in EAP-AKA for 3GPP-WLAN interworking (3GPP-WLAN 연동을 위한 EAP-AKA에서의 키 생성에 관한 연구)

  • 박미애;김용희;김창범;이옥연
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2003.12a
    • /
    • pp.351-355
    • /
    • 2003
  • 본 논문에서는 3GPP-WLAN 연동 보안에 필수인 EAP-AKA를 기반으로 한 인증/재인증의 개요와 인증 진행 부분에서 협상되는 마스터 세션 키 생성과 EAP AKA 패킷을 보호하기 위해 사용되는 키 생성에 관하여 설명하고, EAP-AKA 과정에서 생성되는 키의 안전성을 분석하고, EAP-AKA를 사용하는 3GPP-WLAN 연동의 효율성 및 고려사항에 대하여 고찰하였다.

  • PDF

A Study on Wireless Network Management for Security Enhancement (보안강화를 위한 무선 네트워크 관리 방안에 관한 연구)

  • Lee, Eun-Sub;Kim, Young-Kon
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.20 no.3
    • /
    • pp.195-200
    • /
    • 2020
  • Wireless LANs are being used in many fields due to their ease of use. The biggest advantage of the WLAN can be said above all mobility. Domestic wired internet service has been saturated since 2006, but wireless internet users have been steadily increasing. However, WLAN has many advantages and characteristics of wireless service. It has a number of security vulnerabilities, and various security related technologies have been developed and applied to solve these problems. On the other hand, security awareness of WLAN users is still insufficient, and security accidents such as personal information leakage occur repeatedly every year. We will study the main weaknesses that can occur in WLAN and suggest security measures from the management level.

Inter-AP Security Transition Mechanism and Its FSM in WLAN AP Supporting Fast Roaming (이동 무선랜 접속장치의 접속점 보안 천이 메커니즘과 유한상태머신)

  • Chung ByungHo;Kang You Sung;Oh KyungHee;Kim SangHa
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.6C
    • /
    • pp.601-606
    • /
    • 2005
  • Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.