• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE transactions on industrial informatics >Authentic Caller: Self-Enforcing Authentication in a Next-Generation Network
【24h】

Authentic Caller: Self-Enforcing Authentication in a Next-Generation Network

机译:正品来电者:下一代网络中的自我执行身份验证

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The Internet of Things (IoT) or the cyber-physical system (CPS) is the network of connected devices, things, and people that collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destination, informing the control system about the outage in the electrical grid, or providing information about the emergency at the national express highway. This sensitive information requires authorization and authentication of source and destination involved in the communication. To protect the network from unauthorized access and to provide authentication, the telecommunication operators have to adopt the mechanism for seamless verification and authorization of parties involved in the communication. Currently, the next-generation telecommunication networks use a digest-based authentication mechanism, where the call-processing engine of the telecommunication operator initiates the challenge to the request-initiating client or caller, which is being solved by the client to prove his credentials. However, the digest-based authentication mechanisms are vulnerable to many forms of known attacks, e.g., the man-in-the-middle (MITM) attack and the password guessing attack. Furthermore, the digest-based systems require extensive processing overheads. Several public-key infrastructure (PKI)-based and identity-based schemes have been proposed for the authentication and key agreements. However, these schemes generally require a smart card to hold long-term private keys and authentication credentials. In this article, we propose a novel self-enforcing authentication protocol for the session-initiation-protocol-based next-generation network, based on a low-entropy shared password without relying on any PKI or the trusted third party system. The proposed system shows effective resistance against various attacks, e.g., MITM, replay attack, password guessing attack, etc. We analyze the security properties of the proposed scheme in comparison to the state of the art.
机译:物联网(IOT)或网络物理系统(CPS)是使用新兴电信网络(4G,5G基于IP的LTE)收集和交换信息的连接设备,事物和人员网络。这些新兴电信网络也可用于在源和目的地之间传输关键信息,向控制系统通知电网中的中断,或提供有关国家快乐高速公路的紧急情况的信息。这种敏感信息需要涉及通信中涉及的源和目的地的授权和认证。为了保护网络免受未经授权的访问和提供认证,电信运营商必须采用沟通中涉及的各方的无缝验证和授权机制。目前,下一代电信网络使用基于摘要的身份验证机制,其中电信运算符的呼叫处理引擎向请求启动客户端或呼叫者启动挑战,该客户端正在由客户端解决以证明他的凭据。然而,基于摘要的认证机制容易受到许多形式的已知攻击,例如,中间人(MITM)攻击和密码猜测攻击。此外,基于摘要的系统需要广泛的处理开销。已经提出了若干公共关键基础设施(PKI)和基于身份的方案,用于身份验证和关键协议。然而,这些方案通常需要智能卡来保持长期私钥和身份验证凭据。在本文中,我们提出了一种基于低熵共享密码的基于会话启动协议的下一代网络的新型自我执行认证协议,而不依赖于任何PKI或可信第三方系统。所提出的系统显示出对各种攻击的有效性,例如,MITM,重放攻击,密码猜测攻击等。我们分析了与现有技术相比所提出方案的安全性质。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号