無線區網通訊協定之安全技術研究

Abstract

無線區域網路技術的快速普及，使各大企業、消費者能夠利用這些技術及衍生的應 用在家裡、辦公室與公共場所享受上網漫遊的樂趣。隨著無線行動成為許多人生活中 不可或缺的元素，在各無線區網之間的漫遊行為也成為連網的基本要件。因此，本計 畫主要的目的希望能提供各企業與網路服務供應商（ISP）一套完整的解決方案，使其 得以提供終端使用者無縫、安全、可靠、可擴充的無線漫遊能力。在本計劃中，我們 將分成三大步驟來達到上述目的。首先，對無線區域網路的安全議題進行研究，收集 已知並找出新的無線區域網路的攻擊行為與安全漏洞。其次，針對這些弱點與漫遊的 需求，進一步地設計適用的安全通訊機制，尤其是針對漫遊使用者的安全通訊問題， 使其得以抵擋已知或新的攻擊行為。此外，本計畫研究人員將更進一步地分析所設計 的機制抵擋現有或新找到的無線區域網路攻擊的能力。最後，本計畫研究人員擬將所 研究設計之無線區域網路的安全漫遊身份認證機制以軟體實際開發出來，期能作為提 供國內廠商與相關產業開發產品之參考依據，並希望能前瞻性地分析未來可能衍生的 攻擊行為。

In the past few years, the prevalence of wireless local area networks (WLANs) has increased dramatically. Companies are now starting to implement WLANs as a convenient network access method to enable workforce mobility within their offices. In the public places, hotels, airports and even coffee shops are putting in wireless LAN hotspots to facilitate high-speed access to the Internet for their customers. On the other hands, WLANs are quickly becoming the preferred way to connect to the company intranet and to the public Internet. Not only do they provide end users with the flexibility to be able to work virtually anywhere within the coverage – from their homes, at the offices, when on the road and public areas. As mobility becomes a fact of life for many people, roaming between WLANs becomes emerging as one of the basic elements of connectivity. In this project, we plan to provide a solution for enterprises and Internet service providers (ISP) that need to provide their users with seamless, secure, robust and scalable wireless roaming capability. In this project, we plan to achieve the above goals with three major steps. First, the researchers will survey the known and new attacks and security holes in WLANs. Second, the researchers will design a secure communication protocol to against these weakness and attacks, especially the security issues in roaming between WLANs. In addition, researchers will further analyze the capability for the proposed secure protocol to against the known or new attacks in WLANs. In the final step, the researchers will implement and test the proposed secure protocol to provide a software prototype to the venders for further improvement and production. The output of the project should be able to push the wireless communication to a higher degree in security.