Supporting secure services on dynamic aggregation of heterogeneous networks
PhD Thesis
Title | Supporting secure services on dynamic aggregation of heterogeneous networks |
---|---|
Type | PhD Thesis |
Authors | |
Author | Lai, David Tai Wai |
Supervisor | Zhang, Zhongwei |
Institution of Origin | University of Southern Queensland |
Qualification Name | Doctor of Philosophy |
Number of Pages | 282 |
Year | 2010 |
Abstract | Sharing of services over IP networks prove to be an effective approach to satisfy the demand of network users when their home network cannot offer the required services. Authentication, authorization and revocation are some of the important challenges in the service sharing services over IP networks. This research address the problem associated with the authentication because it becomes more and more complicated due to the incompatible authentication Many efforts have been made to address these issues in the past years. Kerberos is a solution for cross realm authentication. Unfortunately, Kerberos suffers from bottle neck and single point of failure. Ad hoc aggregation cannot make use of Kerberos. Eduroam enables sharing of wireless access to users roaming between participating institutions, but only services provided by the home network is available to a user. Mobile Host Routing can route data between mobile user. But the networks are linked together in an unscalable network by network basis. Another authentication scheme which has gained some momentum is OpenID. However, in OpenID, authentication simply means proving the ownership of an account, and These problems and the limitations in the existing approaches inspired us to propose Service Network Graph, a service authentication infrastructure for service sharing among heterogeneous networks aggregated dynamically via self-authenticating encrypted channels. The key feature of SNG is delegation of authentication authority from one network to another. A user can use the services provided by the delegatee network as well as his home network after authenticating to the delegatee network. When an autonomous network attaches to an SNG, not only does the network being attached delegate its authentication authority, but all authentication authorities delegated As authentication is always done by the home network, the identity of a user can be securely bound to his account. At the same time, there is no hierarchy structure for the The information of the authentication delegation path is stored in a Service Path which can be optimized for performance. SNG can readily extend to include mobile users. We also proposed Dynamic Password (DPass) and its associated Key Exchange Scheme to be used as one of the candidate authentication schemes for SNG. DPass provide strong passwords which are relatively easy to remember. SNG together with DPass provide an infrastructure for secure service sharing on dynamic aggregation of heterogenous networks. The features and feasibility of SNG and DPass have been demonstrated on a simulated model of autonomous networks and an aggregate of networks in a laboratory. Our study has, to a certain extend, overcome the |
Keywords | service sharing; authentication; Service Network Graph; SNG; Dynamic Password |
ANZSRC Field of Research 2020 | 460609. Networking and communications |
Byline Affiliations | Department of Mathematics and Computing |
https://research.usq.edu.au/item/q0x1w/supporting-secure-services-on-dynamic-aggregation-of-heterogeneous-networks
Download files
1942
total views444
total downloads2
views this month2
downloads this month