대한전자공학회논문지TC (Journal of the Institute of Electronics Engineers of Korea TC)

대한전자공학회 (The Institute of Electronics and Information Engineers)
권호 표지

안전한 모바일 와이맥스 네트워크를 위한 보안 구조 연구

An Approach for Improving Mobile WiMAX Security - ROSMEX Architecture

  • 손태식 (삼성전자 Digital Media & Communication 연구소) ;
  • 구본현 (삼성전자 Digital Media & Communication 연구소) ;
  • 최효현 (인하공업전문대학 컴퓨터정보과)
  • 발행 : 2010.01.25
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

IEEE 802.16-2004 표준은 MAC 계층 안에 PKM(Privacy Key Management)라 불리는 보안 부계층을 가지고 있다. 하지만, 몇몇 연구에서 IEEE 802.16-2004 표준의 취약성이 대두되었으며 IEEE 802.16 WG은 로밍과 핸드오프 기능을 가진 Mobile WiMAX라고 불리는 IEEE 802.16 개정 표준안을 발표하였다. 보안기능으로서 Mobile WiMAX는 PKMv2를 가지며 EAP 인증, AES 기반 암호화, CMAC/HMAC을 사용한 메시지 인증 등을 제공한다. 그러나 Mobile WiMAX 표준안의 보안 기능은 SS와 BS간 통신 보안에 초점을 맞추어서 네트워크 도메인간의 보안 문제나 핸드오버시 보안과 같은 네트워크 구조적 취약성을 여전히 가지고 있다. 따라서 본 논문에서는 현재 Mobile WiMAX 네트워크 환경의 보안 취약성을 네트워크 엔트리 과정, 네트워크 도메인간 통신 과정, 그리고 핸드 오프 과정으로 나누어 분석하였고, 이렇게 분석된 내용을 바탕으로 본 논문에서는 RObust and Secure MobilE WiMAX (ROSMEX)라 불리는 새로운 Mobile WiMAX 보안 구조를 제시하였다.

The IEEE 802.16-2004 standard has a security sub-layer in the MAC layer called, Privacy Key Management (PKM). However, several researches have been published to address the security vulnerabilities of IEEE 802.16-2004. After the IEEE 802.16-2004 standard, a new advanced and revised standard was released as the IEEE 802.16e-2005 amendment which is foundation of Mobile WiMAX network supporting handoffs and roaming capabilities. PKMv2 in Mobile WiMAX includes EAP authentication, AES-based authenticated encryption, and CMAC or HMAC message protection. However, Mobile WiMAX still has a problem of security architecture such as a disclosure of security context in network entry, a lack of secure communication in network domain, and a necessity of efficient handover supporting mutual authentication because Mobile WiMAX security has mainly concentrated on between SS and BS communication. Based on the investigation results, we propose a novel mobile WiMAX security architecture, called RObust and Secure MobilE WiMAX (ROSMEX), to prevent the new security vulnerabilities.

키워드

참고문헌

  1. IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems, IEEE Std 802.16-2004. IEEE, 2004.
  2. IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems, Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum, IEEE Std 802.16e-2005. IEEE, 2005.
  3. WiMAX Forum (2006): Mobile WiMAX: The Best Personal Broadband Experience.
  4. WiMAX Forum (2005): Fixed, nomadic, portable ad mobile applications for 802.16-2004 and 802.16e WiMAX networks.
  5. W. Diffie, M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976), 644–8654. https://doi.org/10.1109/TIT.1976.1055638
  6. WiMAX Forum (2006): WiMAX End-to-End Network Systems Architecture - Stage 2
  7. WiMAX Forum (2006): WiMAX End-to-End Network Systems Architecture - Stage 3
  8. J. Bellardo, S. Savage, 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions, Presented at 11th USENIX Security Symposium, 2003.
  9. C. Wullems, K. Tham, J. Smith, M. Looi, A Trivial Denial of Service Attack on IEEE 802.11 Direct Sequence Spread Spectrum Wireless LANs, Proceedings of the 2004 Wireless Communications Symposium. IEEE, 2004.
  10. R. Boshonek,Advanced Denial of Service Techniques in IEEE 802.11b Wireless Local Area Networks, Naval Postgraduate School Master's Thesis, June 2002.
  11. W. Meyers, Exploitation of an IEEE 802.11 Standard Wireless Local Area Network through the Medium Access Control (MAC) Layer, Naval Postgraduate School, Master's Thesis, June 2001.
  12. D. D. Boom, Denial of Service Vulnerabilities in IEEE 802.16 Wireless Networks, Master's thesis, Naval Postgraduate School, CA, 2004
  13. D. Johnston, J. Walker, Overview of the 802.16 Security. IEEE computer society, May/June 2004
  14. M. Barbeau, WiMax/802.16 threat analysis, Source International Workshop on Modeling Analysis and Simulation of Wireless and Mobile Systems archive, Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks, Montreal, Quebec, Canada, pp 8-15, 2005.
  15. C.H. Park, Y.H. Oh, "와이브로기반의 서비스영역 확대와 핸드오프 보장에 관한 연구", 대한전자공학회, 전자공학회논문지, 제43권 TC편 제5호, 2006. 5, pp. 113-120
  16. W. Choi, T. S. Shon, H. H. Choi, Y. Lee, "IEEE 802.16 기반의 무선 액세스 망에서 Unlicensed 대역 액세스 릴레이에 대한 설계", 대한전자공학회, 전자공학회논문지, 제44권, TC편 제10호, 2007. 10, pp. 169-177