請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/38586
標題: | SWARM─無線隨意網路的安全憑證系統 SWARM—Secure Wireless Ad-hoc network Reliance Management |
作者: | Lin-Jiun Tsai 蔡林峻 |
指導教授: | 賴飛羆(Feipei Lai) |
關鍵字: | 無線網路安全,憑證管理,隨意網路,群組式架構,max-min網路分群法,PGP,公開金鑰基礎建設, wireless network security,certificate authentication,ad hoc networks,cluster-based framework,max-min clustering,PGP,PKI, |
出版年 : | 2005 |
學位: | 碩士 |
摘要: | 有別於傳統的有線網路可使用特定的成員負責身份認證或金鑰管理等網路安全機制,缺少固有架構的無線隨意網路(ad hoc wireless networks)並無法有效地利用大部份傳統的有線網路安全方案。我們採用了一個網路分群演算法並且修改它以符合安全上的需求,藉此在無線隨意網路中建立一個有彈性的、群組化的安全認證架構。這個新的架構可以讓成員之間彼此驗證身份,建立許多網路安全功能,它不僅僅能適合大型網路,也不像其他分散式的網路安全方案必須依賴高密度、高機動性的網路環境。當設定好一個群組半徑參數並在網路中分別建立起眾多群組之後,這個架構就可以讓各個獨立的群組依不同的實際狀況或安全需求建立各自的憑證管理系統。接著網路中的任何成員都會得知所有群組彼此間的虛擬網路拓樸和每個群組憑證系統的公開金鑰。這個拓樸即為群組之間的虛擬信任網絡,它用來描述各群組之間的交互信任關係也藉以評估各個群組的可信賴度。各個獨立憑證系統的公開金鑰則用來驗證不同群組所發出的成員身份憑證。最後,我們也在不同的網路設定之下做出實驗模擬,以評估這個網路安全機制的表現及效能。 Unlike wired networks that use dedicated nodes to support security functions like authentication and key management. Most of traditional security mechanisms do not work well in ad hoc wireless networks due to the lack of infrastructure. We use a clustering heuristic and adapt it for security requirements to provide a scalable authentication framework in the clustered ad hoc network. This novel approach can be used to achieve a variety of security objectives through the peer-to-peer authentication scheme. It scales well to large network size and does not require high node density and mobility speed like other distributed schemes. After forming clusters with a radius parameter, it allows separate authentication services to be employed for different physical conditions or security requirements into independent clusters, and each node in the network can obtain the topology of the clusters as well as the keys of all authentication services. The topology, which is called the virtual trust backbone of clusters, describes the trust relationship among clusters and is used to evaluate the trustworthiness of clusters, and the keys are used to verify entity certificates from distinct clusters. Finally, we evaluate the security scheme and simulate its performance on various configurations of ad hoc networks. |
URI: | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/38586 |
全文授權: | 有償授權 |
顯示於系所單位: | 資訊工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-94-1.pdf 目前未授權公開取用 | 4.84 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。