Security analysis on public wireless internet service models

Ohira, Kenji; Huang, Ying; Okabe, Yasuo; Fujikawa, Kazutoshi; Nakamura, Motonori

doi:10.1145/1080730.1080751

Cited by 5 publications

(7 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…NET: Ohira et al discussed how secure public wireless Internet access service models can be provided. There are two models mentioned in [4]. One is whether to relay or to pass through authentication transactions at access points.…”

Section: A Conventional Network Servicesmentioning

confidence: 99%

“…The other is whether to establish tunnel between the host and its home server or to communicate directly between users using some end-to-end security protocol. Komura [4]. In MIAKO.…”

Section: A Conventional Network Servicesmentioning

confidence: 99%

“…The model we propose in this paper is based on the second model mentioned in [4], which is to communicate directly between users using an end-to-end security protocol. Our model ensures the traceability of users and the nonrepudiation.…”

Section: A Proposal Modelmentioning

confidence: 99%

See 2 more Smart Citations

Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol

Takahashi

Maeda

Okabe

2012

2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet

Self Cite

View full text Add to dashboard Cite

In an ideal ubiquitous network, everyone can access the Internet when some connectivity exists there. A network administrator is supposed to provide a connection to public visitors securely. In this paper, we propose a secure public wireless Internet service model using Host identity Protocol (HIP). Services based on the model allow everyone to provide a connection. We give some consideration to its risks. Our goal is to implement and evaluate the model. The network administrator is responsible for tracing malicious users who attempt to access a global network. We call this traceability ensurance. In conventional Internet access services, a malicious user who has attacked someone can make excuses and may put the blame on the network administrator. The network administrator wants to prove that he himself has not committed malicious accesses, and to make sure that the malicious user cannot put the blame on others, that is, nonrepudiation should be ensured. To authenticate users, the network administrator needs to manage many accounts and take logs. If a malicious user attacks a correspondent, he or she may raise a complaint to the administrator. They are the burden for the network administrator. Our model ensures the traceability of users and the nonrepudiation. Our model also reduces the management work of network administrators. Installation cost of our model is low because we apply HIP without any modification, thus the network administrator can provide and the users can use the network securely without adopting a complex system. To protect from some attacks, we implement a gateway system. As a qualitative evaluation, we confirm that the system works in the real environment.

show abstract

Section: A Conventional Network Servicesmentioning

confidence: 99%

“…The other is whether to establish tunnel between the host and its home server or to communicate directly between users using some end-to-end security protocol. Komura [4]. In MIAKO.…”

Section: A Conventional Network Servicesmentioning

confidence: 99%

See 1 more Smart Citation

Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol

Takahashi

Maeda

Okabe

2012

2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet

Self Cite

View full text Add to dashboard Cite

show abstract

“…Unlike the traditional GSM (Global System for Mobile Communications) systems for cellular carriers, a typical Wi-Fi hotspot has a much smaller coverage and more restricted scalability, which have addressed much different design requirements in the efforts of interworking for Wi-Fi hotspots in terms of interoperability, scalability, and costeffectiveness. Imagine how complicated it could be when interworking is performed on thousands of self-managed hotspots [1] by numerous different WISPs for jointly providing a wide Internet access coverage in a metropolitan area.…”

Section: Introductionmentioning

confidence: 99%

Two-Factor Localized Authentication Scheme for WLAN Roaming

Lin

Zhu

et al. 2007

2007 IEEE International Conference on Communications

View full text Add to dashboard Cite

In the paper, we propose an efficient two-factor localized authentication scheme suitable for WLAN roaming. The proposed authentication scheme can greatly improve the security compared with the previously reported counterparts, where two independent factors, such as "what you know" and "what you have", are utilized in the authentication process for a mobile user (MU). Some important issues specific to the wireless environment are considered in the design of the scheme, such as limited computation power, memory space, and battery capacity of mobile stations (MSs), and ping-pong movement problem when roaming across WLANs. The detailed implementation of the proposed scheme is presented, where some of the key performance measures and security are analyzed. Numerical results demonstrate that the proposed scheme can significantly outperform the legacy authentication schemes in terms of signaling overhead, power consumption, and authentication latency without losing the capability of preserving the system security.

show abstract

“…Unlike the traditional Global System for Mobile (GSM Communications) or CDMA cellular networks, a typical Wi-Fi hotspot has a much smaller coverage and more restricted scalability, by which many different design requirements have been imposed in the efforts of interworking in such a heterogeneous network environment for achieving interoperability, security and cost-effectiveness without impairing the performance of throughput. This problem is getting more intractable when thousands of self-managed hotspots (Ohira et al, 2005) are operated by numerous different WISPs jointly provision broadband wireless access in a metropolitan area, and each hotspot may contain one or a number of APs which are physically accessed by the MUs.…”

mentioning

confidence: 99%

A novel localised authentication scheme in IEEE 802.11 based Wireless Mesh Networks

Lin

Ling

Zhu

et al. 2008

IJSN

View full text Add to dashboard Cite

Abstract:In the paper, we propose an efficient two-factor localised authentication scheme for inter-domain handover and roaming in IEEE 802.11 based service-oriented wireless mesh networks (WMNs). Some important aspects, such as resource-constraint Mobile Stations (MSs) and the ping-pong movement phenomenon when handover roaming across different hotspots occurs, are considered. An analytic model is developed to investigate the efficiency of the proposed scheme. Numerical results are given to demonstrate the superiority of the proposed scheme in terms of the resultant signalling overhead, power consumption, and authentication latency, compared with the legacy authentication schemes without losing the capability of preserving the system security.

show abstract

Security analysis on public wireless internet service models

Cited by 5 publications

References 4 publications

Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol

Design and Implementation of a Secure Public Wireless Internet Service Model Using Host Identity Protocol

Two-Factor Localized Authentication Scheme for WLAN Roaming

A novel localised authentication scheme in IEEE 802.11 based Wireless Mesh Networks

Contact Info

Product

Resources

About