Dynamic group-based authentication in wireless networks

Huy Hoang Ngo
Authentication is an important part of any computer network. Authenticating individuals and groups of users and services securely and efficiently is challenging, especially in wireless networks. This is because users and services in wireless networks are vulnerable to attack due to the nature of wireless communication and the limitations of wireless devices. The problem is compounded by the need for authentication processes to also be scalable and flexible. Users and services in wireless
more » ... s are not only more dynamic than those of wired networks but also greater in number. Authentication processes also need to be able to employ different authentication protocols so that the requirements of different computer networks can be met. A good authentication model for wireless network users and services thus needs to have four desirable properties: security, efficiency, scalability and flexibility. Existing authentication models do not sufficiently possess these characteristics. This thesis presents a novel authentication model aimed to achieve these four major properties. The proposed authentication model consists of a collection of relationships, a group manager and an authentication controller. In this model, users and services are grouped into user groups and service groups respectively. The collection of relationships of users, services and their groups in this model is defined and classified in order to provide proper authentication for both individuals and groups of users and services. The group manager and the authentication controller are proposed in order to allow authentication with the four desirable properties to be achieved. In order to demonstrate the practical value of the proposed authentication model, an architecture is derived followed by a realization. The derived architecture has two layers: the key management layer and the authentication layer. Group management and authentication key distribution are conducted in the key management layer while authentication verification is performed in the aut [...]
doi:10.4225/03/5878532b57d3f fatcat:arsf224qqjdazl74krsiihwj2q