• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1983-1989
• /
• 2012

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.999-1002
• /
• 2005

IEEE 802.11b의 사용자 인증 취약성을 보완한 프레임워크인 IEEE 802.1x는 EAP를 통해 다양한 사용자 인증 메커니즘을 지원한다. 그러나 IEEE 802.1x 역시 인증 프로토콜의 구조적 원인에 의한 서비스 거부 공격과 AP에 대한 인증 및 암호 메커니즘의 부재로 세션 하이재킹 및 중간자 공격 등에 취약하다. 본 논문에서는 IEEE 802.1x 프레임워크의 서비스 거부, 세션 하이재킹 및 중간자 공격에 대한 취약성을 보완하여 강화된 사용자 인증 및 안전한 암호통신 서비스를 제공할 수 있는 무선랜 보안시스템을 제안한다.

• The KIPS Transactions:PartC
• /
• v.12C no.3 s.99
• /
• pp.387-394
• /
• 2005

Every MAC (Medium Access Control) sub-layers of IEEE 802.11x, including IEEE 802.11e, defines Connection-based and CF (Contention Free)-based service functions in common. In this paper, a New-CF method is proposed. In the proposed method, conventional Round Robin method, which is used as a polling method by IEEE 802.11x PCF (Point Coordination Function) or IEE 802.11e HCCA, is modified to give weights to channels with heavier traffic load and to provide those weighted channels with more services. Based on NS-2 simulations, it is verified the proposed method shows better throughput in general, particularly under unbalanced traffic load conditions.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.6
• /
• pp.93-103
• /
• 2009

Recently, there is an increase in demand of real-time multimedia service in the WLAN environment, with a commercialization of IEEE 802.11n standard. However, the 802.1x authentication protocol is too slow to provide seamless real-time multimedia service, which defined in an IEEE 802.11i security standard. In this paper, a Ticket-based authentication mechanism in the CAPWAP(Control And Provisioning Wireless Access Point) architecture is introduced to support for the fast handoff.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.601-606
• /
• 2005

Recently with the high expectation of voice over WLAN service, to supped fast inter-AP security transition in WLAN AP is one of the most actively investigating issues. It is also very important to minimize inter-AP security transition latency, while maintaining constantly the secure association from old AP when a station transits to new AP. Hence, this paper first defines secure transition latency as a primary performance metric of AP system in WLAN supporting IEEE802.11i, 802.1x, and 802.11f, and then presents low latency inter-AP security transition mechanism and its security FSM whose objective is to minimize inter-AP transition latency. Experiment shows that the proposed scheme outperforms the legacy 802.1X AP up to $79\%$ with regard to the transition latency.

• The Journal of The Korea Institute of Intelligent Transport Systems
• /
• v.8 no.6
• /
• pp.112-120
• /
• 2009

Both security enhancement in wireless and fast access for mobility are required to employ wireless LAN in ITS (Intelligent Transportation Systems). However, for the case of employing IEEE 802.11i security standard, it is known that the user authentication procedure of IEEE 802.1x and 4-way handshake procedure for stronger security enforcement may not be suitable for ITS due to its large delay. In this paper, we propose fast authentication method to resolve the above authentication delay problem, and verify its performance via simulation analysis.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.683-684
• /
• 2009

최근 IEEE 802.11n 표준의 상용화와 함께 무선랜 환경에서 실시간 멀티미디어 서비스를 이용하려는 수요가 증가하고 있다. 그러나 IEEE 802.11i 보안표준에서 정의한 IEEE 802.1x 인증과정은 끊김 없는 실시간 멀티미디어 서비스를 제공하기에는 핸드오프 지연시간이 너무 길다. 본 논문은 Ticket이라는 새로운 인증 기법을 도입하여 고속의 로밍을 지원하는 핸드오프 메커니즘을 소개한다.

• Journal of Korea Multimedia Society
• /
• v.11 no.8
• /
• pp.1101-1110
• /
• 2008

Nespot provides a convenient wireless internet connection service. The existing IEEE 802.1X EAP-MD5 authentication mechanism can be achieved based on ID/password information for a wireless connection. The Nespot system offers an advanced accounting and authorization procedure for providing wireless user authentication mechanism. However, many problems were found on the existing Nespot EAP-MD5 mechanism such as a ill value exposure, a leakage of personal information on wireless authentication procedure and a weakness on Nespot mutual authentication mechanism. Therefore, we analyzed the limitation of the existing IEEE 802.1X EAP-MD5 certification system, and suggested a one-time session key based authentication mechanism. And then we offered a simplified encryption function on the Nespot certification process for providing secure mutual authentication process.

• Journal of Advanced Navigation Technology
• /
• v.23 no.1
• /
• pp.36-43
• /
• 2019

In this paper, a novel channel access scheme for the next-generation vehicle to anything (V2X) system based on IEEE 802.11p standard which is applied to recent connected car technologies is suggested and analyzed. The proposed scheme proposes a channel access method utilizing OFDMA multi-user transmission for IEEE 802.11p based system. In this paper, the authors examine geographical distance and network area performance of IEEE 802.11p system and the proposed scheme. Results of this research show that the proposed scheme is quite suitable for improving conventional V2X standards and systems. This paper also provides mathematical analysis and simulation results of the conventional IEEE 802.11p system and the proposed scheme.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.43 no.11 s.353
• /
• pp.149-158
• /
• 2006

We proposed a method for improving a performance of TCP downstream between a desktop PC as a fixed host and a PDA as a mobile host in a wired and wireless network based on IEEE 802.11x wireless LAN. With data transmission between these heterogeneous terminals a receiving time during downstream is slower than that during upstream by 20% at maximum. The reason is that their congestion window size will be oscillated due to a significantly lower packet processing rate at receiver compared to a packet sending rate at sender. Thus it will cause to increase the number of control packets to negotiate their window size. To mitigate these allergies, we proposed two distinct methods. First, by increasing a buffer size of a PDA at application layer an internal processing speed of a socket receive buffer of TCP becomes faster and then the window size is more stable. However, a file access time in a PDA is kept nearly constant as the buffer size increases. With the buffer size of 32,768bytes the receiving time is faster by 32% than with that of 512bytes. Second, a delay between packets to be transmitted at sender should be given. With an inter-packet delay of 5ms at sender a resulting receiving time is faster by 7% than without such a delay.