标题: | 第三代行动通讯系统中身分认证协定之设计 Designing Authentication Protocols for Third Generation Mobile Communication Systems |
作者: | 郑淑敏 Shu-Min Cheng 谢续平 Shiuh-Pyng Shieh 资讯科学与工程研究所 |
关键字: | 身份认证;行动通讯;安全性;authentication;mobile communication;security;third-generation |
公开日期: | 1999 |
摘要: | 行动通讯系统使得人与人之间的沟通更加便利,但其安全性却是一个值得商讨的议题。目前许多学者、研究人员都致力于设计适用于行动通讯环境的安全通讯协定,其中包括了使用者身份认证及通讯内容的保密,以期能建立安全、隐密、有效率的行动通讯环境。但是,目前所设计的行动通讯协定均存在着一些弱点,例如使用者的身份可能会泄漏以及更新暂时识别码的方式较没有效率等等,而且这些协定并没有考虑到第三代行动通讯环境之安全性需求。因此,在这篇论文中,我们提出一套富弹性之使用者身份认证架构,并设计一套安全身份认证协定,使其不但适用于所提出之架构,且符合第三代行动通讯环境之所有安全需求。在本论文所提出的使用者身份认证架构中,我们订定了认证程序中三个必要角色,而此三个角色并未限定由谁扮演,因此,此身份认证架构可应用于各种不同之服务,例如通话服务、网际网路服务,另外,认证者还可自行动态选择身份认证的机制,不须与被访区域之网路管理者合作协调,且此网路管理者亦不会得知使用者认证时所传输的隐密资料,以此达到有弹性之身份认证。同时我们亦设计出一套可应用于此架构之身份认证协定,此协定皆满足了所有第三代行动通讯之安全需求,其中包括了双向认证、使用者匿名、点对点安全、不可否认性、资料完整性及资料隐密性等。 Security is considered as an important issue for mobile communication systems. Most of current authentication schemes for mobile systems only have simple security functions, such as subscribers’ authentication and the confidentiality of the communications on radio paths. They usually have some weaknesses, such as the leakage of user identity and the update overhead of temporary identity, and the security requirements of third-generation mobile systems (IMT-2000, UMTS) are not fulfilled. In this thesis, we propose a secure and flexible authentication framework for mobile communications. The new framework provides the flexibility of authentication, which enables service providers to dynamically choose the authentication mechanisms without the cooperation of network operators in visited domains. Based on the new authentication framework, a secure authentication protocols is proposed. The proposed protocol contains the security features required in third-generation mobile systems, such as mutual authentication, user anonymity, and end-to-end security. Not only for the authentication of call setup, our protocol can also be efficiently applied to a variety of mobile services, such as Internet services. |
URI: | http://140.113.39.130/cdrfb3/record/nctu/#NT880392007 http://hdl.handle.net/11536/65402 |
显示于类别: | Thesis |