As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the hand...As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.展开更多
Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it b...Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.展开更多
This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web...This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.展开更多
文摘As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.
基金Support by the National High Technology Research and Development Program of China(No.2012AA120802)National Natural Science Foundation of China(No.61771186)+2 种基金Postdoctoral Research Project of Heilongjiang Province(No.LBH-Q15121)University Nursing Program for Young Scholars with Creative Talents in Heilongjiang Province(No.UNPYSCT-2017125)Postgraduate Innovation Research Project of Heilongjiang University(No.YJSCX2018-051HLJU)
文摘Heterogeneous wireless sensor network( HWSN) is composed of different functional nodes and is widely applied. With the deployment in hostile environment,the secure problem of HWSN is of great importance; moreover,it becomes complex due to the mutual characteristics of sensor nodes in HWSN. In order to enhance the network security,an asymmetric key pre-distributed management scheme for HWSN is proposed combining with authentication process to further ensure the network security; meanwhile,an effective authentication method for newly added nodes is presented. Simulation result indicates that the proposed scheme can improve the network security while reducing the storage space requirement efficiently.
文摘This paper discusses an approach to share a smart card in one machine with other machines accessible on the local network or the Internet. This allows a user at a browser to use the shared card remotely and access web applications that requiresmart card authentication. This also enables users to access these applications from browsers and machines that do not have the capability to use a smart card. The approach uses proxies and card reader code to provide this capability to the requesting device.Previous work with remote or shared smart card use either requires continuous access to the smart card machine or specific client software. The approach in this paper works for any device and browser that has proxy settings, creates minimal network traffic and computation on the smart card machine, and allows the client to transfer from one network to another while maintaining connectivity to a server. This paper describes the smart card sharing approach, implementation and validation of the approach using real systems, and security implications for an enterprise using smart cards.
