基本信息·出版社:高等教育出版社 ·页码:429 页 ·出版日期:2009年04月 ·ISBN:7040262100 ·条形码:9787040262100 ·版本:第1版 ·装帧:平装 · ...
| 商家名称 |
信用等级 |
购买信息 |
订购本书 |
|
|
 |
无线局域网安全接入 |
 |
|
|
无线局域网安全接入 |
|
基本信息·出版社:高等教育出版社
·页码:429 页
·出版日期:2009年04月
·ISBN:7040262100
·条形码:9787040262100
·版本:第1版
·装帧:平装
·开本:16
·正文语种:英语
内容简介 《无线局域网安全接入》内容为:Security Access in Wireless Local Area Networks From Architecture andProtocols to Realization deals with the method and technology of the WLANsecurity architecture, design and analysis of security protocols for WLAN,and WLAN security management.The book is intended for researchers in wireless communication, electricaland computer engineering, and for graduate students.The authors are with Xidian University, P. R. China, where Dr. Jianfeng Mais a professor of computer science and the director of the Key Laboratory of Computer Networks and Information Security (Ministry of Education).
编辑推荐 《无线局域网安全接入》由高等教育出版社出版。
目录 1 Introduction
1.1 Overview
1.1.1 Architecture of WLAN
1.1.2 Transmission Technologies and Specifications
1.1.3 Series Specifications of IEEE 802.11
1.1.4 Applications
1.1.5 Development Trends
1.2 Key Issues of WLAN Security
1.2.1 Security Access
1.2.2 Fast roaming and handoff
1.2.3 Secure Integration of Heterogeneous Wireless Networks
1.2.4 Privacy Protection
1.2.5 WLAN Security Management
1.2.6 TPM-based Security Access
1.3 Realization
Questions and discussion
References
2 Security Architecture Framework
2.1 Security Attacks and Requirements
2.1.1 Logical Attacks
2.1.2 Physical Attacks
2.1.3 Security Requirements
2.2 Management-Based WLAN Security Architecture
2.2.1 The Design Methods of Security Architecture
2.2.2 Framework
2.2.3 Logical Realization of Key Components
2.2.4 Analysis
2.3 Evolution of Security Architecture for WLAN Access
2.3.1 WEP
2.3.2 IEEE 802.1X
2.3.3 WPA
2.3.4 IEEE 802.1 li Security Framework
2.3.5 WAPI
2.3.6 Others
2.4 The Integrated Security Access Authentication Architecture for
WLAN Terminals
2.4.1 Design Concepts
2.4.2 The Architecture Scheme
2.4.3 Flow of Integrated Authentication Operations
2.4.4 Prototype Implementation
Questions and Discussions
References
3 Security Access Protocol
3.1 Security Analysis of WAPI
3.1.1 WAPI Specification
3.1.2 WAPI Implementation Plan
3.1.3 Security Analysis of WAI in WAPI Implementation Plan...
3.1.4 Implementation Plan Overcomes the Weaknesses of the
Original WAPI
3.2 Analysis and Improvement of WAPI
3.2.1 Universally Composable Security
3.2.2 Improvement of WAPI
3.2.3 Analysis of Improved Protocol
3.3 Authentication Scheme that Compatible with 802.1 li and WAPI
3.3.1 Compatible Scheme
3.3.2 Security Analysis of Compatible Scheme
3.3.3 Compatibility Analysis of New Scheme
3.4 WAPI-XG1 Access Authentication and Fast Handoff Protocol
3.4.1 Overview
3.4.2 Authentication Protocol
3.4.3 Unicast Key Agreement Protocol
3.4.4 Group key notification protocol
3.4.5 Security Analysis
3.4.6 Improved Authentication and Fast Handoff Protocols
Based on WAPI-XG1
3.5 Self-Certified Public Key based WAPI Authentication and Key
Agreement Protocol
3.5.1 Authentication and Key Agreement Protocol
3.5.2 Authentication of Self-Certified Certificate and Key
Agreement at STA
3.5.3 Security Analysis
3.5.4 Protocol Features and Performance Analysis
Questions and discussion
Reference
4 Security Protocols for Fast BSS Transition
4.1 IEEE 802.11r
4.1.1 Introduction
4.1.2 Fast BSS Transition Protocol
4.1.3 Fast BSS Transition Flow
4.1.4 Security Consideration
4.2 Security Solution for IEEE 802.1 lr Drafts
4.2.1 MIC Authentication Based Solutions
4.2.2 Hash Chain Based FT Mechanism
4.2.3 Mechanism Analysis
4.3 FT Security Solution Based on Location
4.3.1 Proactive Neighbor Caching Mechanism Based on Moving
Direction and QoS Guarantee
4.3.2 Active Probing Algorithm Assisted by Location
4.3.3 Secure FT Solution Based on Location
Questions and discussion
References
5 Security Protocols in WLAN Mesh
5.1 Overview of WLAN Mesh
5.1.1 SnowMesh
5.1.2 SEE-Mesh
5.1.3 IEEE 802.11s Draft
5.1.4 Classification of Wireless Mesh Networks
5.1.5 Security Requirements of WLAN Mesh
5.2 WLAN Mesh Authentication Schemes
5.2.1 Centralized Authentication
5.2.2 Distributed Authentication
5.2.3 Pre-Shared Key Authentication
5.2.4 MSA
5.2.5 4-way Mesh Handshake
5.2.6 Identity-based Mesh Authentication Protocol
5.3 Protocols for Access Authentication, Secure Fast Handoff and
Roaming
5.3.1 Access Authentication Protocol
5.3.2 Security Analysis
5.3.3 Performance Analysis
5.4 Design and Implementation of Mesh Access Authentication System
5.4.1 Technological Foundations
5.4.2 Design and Implementation
Questions and discussion
Reference
6 Authenticated Key Exchange Protocol
7 Privacy Protection for WLAN
8 Adaptive Security Policy
9 Evaluation Method of Security Performance
10 Architecture of Trusted Terminal
11 Architecture of Trusted Network Connect
Index
……
序言 Networks have entered a wireless era. As a wireless communication technology,Wireless Local Area Network (WLAN) has been widely adopted in our dailylife. Mobility and easy-deployment make WLAN devices commonplace in edu-cational institutions, hospitals, manufacturing, inventory control, and the mili-tary, etc.
In this context, we have witnessed an evolution of our society towardsmobile e-commerce, e-business and e-government and towards an increasingdependence on wireless communication systems. Unfortunately, such a evolu-tion brings new vulnerabilities and risks, especially in WLAN. It is now clearthat the security access is essential to protect the networks. Therefore, effectivesolutions for the security access in WLAN should be studied from the architec-ture and protocols to realization.
Recently, a substantial body of work on security access in WLAN hasappeared in the literature of security. This has provided impetus for the deploy-ment of WLAN. As the investigators of many scientific research projects of theWLAN security, the authors realize that it is a difficult job to design and analyzesecurity access protocols or systems in WLAN. This book is born under such abackground. The aim of this book is to deal with the various aspects of the secu-rity access in WLAN, among which, the security access architecture, securityprotocols, security management and evaluation, etc., are studied in detail.
The book is organized into the following 11 chapters.
Chapter 1 starts with an overview of the architecture and transmission tech-nology of WLAN. Discussion of the IEEE 802.11 series standards, and theapplication and development trends of WLAN follow. The key issues of theWLAN security are analyzed and summarized next. Finally, to solve these prob-lems, three kinds of architectures which we designed and implemented in thefollowing chapters are overviewed.
文摘 插图:
To satisfy the continuity of multimedia data streams, FT based on IEEE 802.11becomes one of the key technologies needed to be solved urgently [1114].The current FT scheme adopts the Proactive Neighbor Caching (PNC) [15]mechanism based on dynamic neighbor graphs, which prepositions the relatedinformation of STA to the neighbors of the associated APs and accomplishesthe related procedures ahead of time. Because it reduces the rounds of the information exchange and the amount of information between STA and AP in thehandoff process, thus the handoff latency is reduced. At present, the PNCscheme has been adopted by the IEEE standard and integrated into the specification of IAPP. However, in the PNC scheme, the STA's context is propagatedto all neighboring APs. Therefore, the PNC scheme may result in high signaling overhead. Meanwhile, in the case of frequent handoffs, the scheme maylead to the cache overflow in AP and augment the delay. Then, it has been oneof the issues urgently needed to be solved that how to not only effectivelydecrease the number of candidate APs, but also guarantee the fast completionof a handoff.
Therefore, [15] proposed a selective neighbor caching (SNC) scheme. Thescheme introduced a comparison between AP's handoff weights in neighborgraphs and an optimized threshold. Only those APs whose weights are higherthan the threshold will be the targets to which the context of STA will be propagated. But there are still some redundancies in this scheme, since there is noconsideration about the STA's mobility direction and QoS of services. In addition, the candidate AP sets chosen by weights cannot guarantee the completionof FT.
In this section, we present a proactive neighbor caching scheme based onthe STA's mobility direction and QoS guarantee. Firstly, we extends the datastructure of neighbor AP in PNC scheme and piggybacks the location information and QoS levels into every AP's i
……
