Xuebin Sun,Shuang Men,Chenglin Zhao,Zheng Zhou

DOI: https://doi.org/10.1002/sec.551

IF: 1.968

2012-05-10

Security and Communication Networks

Abstract:Machine‐to‐machine (M2M) techniques have significant application potential in the emerging internet of things, which may cover many fields from intelligence to ubiquitous environment. However, because of the data exposure when transmitted via cable, wireless mobile devices, and other technologies, its security vulnerability has become a great concern during its further extending development. This problem may even get worse if the user privacy and property are considered. Therefore, the authentication process of communicating entities has attracted wide investigation. Meanwhile, the data confidentiality also becomes an important issue in M2M, especially when the data are transmitted in a public and thereby insecure channel. In this paper, we propose a promising M2M application model that connects a mobile user with the home network using the existing popular Time Division‐Synchronous Code Division Multiple Access (TD‐SCDMA) network. Subsequently, a password‐based authentication and key establishment protocol is designed to identify the communicating parties and hence establish a secure channel for data transmissions. The final analysis shows the reliability of our proposed protocol. Copyright © 2012 John Wiley & Sons, Ltd. In this article, we propose a promising M2M application model that connects a mobile user with the home network by using the existing popular Time Division‐Synchronous Code Division Multiple Access (TD‐SCDMA) network. A reliability password‐based authentication and key establishment protocol is also designed to identify the communicating parties and hence, establish a secure channel for data transmissions.

computer science, information systems,telecommunications

Mohammed Ramadan,Fagen Li,Chunxiang Xu,Abdeldime Mohamed,Hisham Abdalla,Ahmed Abdalla Ali

DOI: https://doi.org/10.6633/ijns.201607.18(4).17

2016-01-01

Abstract:Long Term Evolution LTE is the first technology that provides exclusively packet-switched data and modifies the security architecture of the 2G and 3G systems. The LTE security architecture offers confidentiality, access control, a kind of obscurity and mutual authentication. However, numerous types of attacks can be encountered during the mutual authentication process which is a challenge-response based technique. Therefore, a high secure public key algorithm can be implemented to improve the network security services. As the network operator is often considered as not being a highly trusted party and can thus face threats, the communications ends are the only secure parties to provide such security features. This paper pro- poses a secure mutual authentication and key agreement scheme for LTE cellular system with user-to-user security. The network side in this scheme operates as a proxy and non-trusted party to provide the security architecture with more exibility and reliability. This is achieved by using designated verifier proxy signature and key agreement protocol based bilinear pairing with some changes in both security algorithms and LTE security architecture within the LTE standardization. Our security and performance analysis demonstrated that the proposed scheme is more secure compared to the basic authentication and key agreements schemes.

Inshil Doh,Jiyoung Lim,Shi Li,Kijoon Chae

DOI: https://doi.org/10.1109/IMIS.2013.102

2013-01-01

Abstract:M2M(Machine-to-Machine) communication is considered to be one of the major issues in future network. Especially, M2M will bring various benefits in wireless communications when it is interconnected with cellular network. Considering the characteristics of cellular M2M network, traditional security solutions are not practical to apply because the cellular M2M network is more vulnerable to various attacks. In this work, we consider security aspects for cellular M2M communication and propose a key management. Our proposal can provide reliability and efficiency for secure cellular M2M communication network.

Inshil Doh,Jiyoung Lim,Shi Li,Kijoon Chae

DOI: https://doi.org/10.2298/csis130922065d

2014-01-01

Computer Science and Information Systems

Abstract:In the ubiquitous environment, more and more devices are deployed in our daily life, and need to communicate with one another. M2M (Machine-to-Machine) communication is considered to be one of the major issues in future networks. M2M is expected to bring various benefits in wireless communications when it is interconnected with cellular networks. Considering the characteristics of cellular M2M networks, traditional security solutions are not proper to be applied to cellular M2M networks because the M2M network itself is vulnerable to various attacks. We consider security aspects for cellular M2M communications and propose a key management mechanism including the pairwise key and group key establishment. Our proposal could provide reliability and efficiency for the cellular M2M communication network in the secure manner.

Chen Tianzhou,Mao Haixia,Dai Hongjun

2006-01-01

Abstract:This paper briefly analyzes the security mechanisms of GSM/UMTS and finds their security defects, such as unidirectional authentication and cipher key transmission without encryption. For these defects, existing mobile communication systems can not prevent hostile attacks to satisfy high-level security demands. To solve these problems, we propose the robust Middleware Architecture for Mobile Communication Security (MAMCS), which employs new Authentication and Key Agreement (AKA) protocols, chooses different encryption algorithms for different applications and implements integrity control mechanism. In the end, we analyze the performance of MAMCS and show that MAMCS gets a 200%~2% improvement in security only at the cost of 1.51% descent in bandwidth and 18.14 ms extra latency.

Lei Chen,Chong Guo,Bei Gong,Muhammad Waqas,Lihua Deng,Haowen Qin

DOI: https://doi.org/10.1186/s13677-024-00631-x

2024-03-24

Journal of Cloud Computing

Abstract:The widespread adoption of fifth-generation mobile networks has spurred the rapid advancement of mobile edge computing (MEC). By decentralizing computing and storage resources to the network edge, MEC significantly enhances real-time data access services and enables efficient processing of large-scale dynamic data on resource-limited devices. However, MEC faces considerable security challenges, particularly in cross-domain service environments, where every device poses a potential security threat. To address this issue, this paper proposes a secure cross-domain authentication scheme based on a threshold signature tailored to MEC's multi-subdomain nature. The proposed scheme employs a (t,n) threshold mechanism to bolster system resilience and security, catering to large-scale, dynamic, and decentralized MEC scenarios. Additionally, the proposed scheme features an efficient authorization update function that facilitates the revocation of malicious nodes. Security analysis confirmed that the proposed scheme satisfies unforgeability, collusion resistance, non-repudiation and forward security. Theoretical evaluation and experimental simulation verify the effectiveness and feasibility of the proposed scheme. Compared with existing schemes, the proposed scheme has higher computational performance while implementing secure authorization updates.

Lei Wang,Xiujie Zhang,Aiqing Zhang,Baoyu Zheng,Quan Zhou

DOI: https://doi.org/10.1109/IWCMC.2017.7986469

2017-01-01

Abstract:With extensive promising applications of M2M (machine-to-machine) or MTC (machine type communication), while supporting multiple MTC device access networks has been considered essential for M2M communication. In a roaming environment, it has always been a great challenge to ensure safe and efficient access for MTC device groups. In this paper, in order to solve the real-time secure and efficient access problem of multiple MTCs, we proposed a group authentication protocol based on bilinear-pairing and aggregate signature. In proposed protocol, node key is generated jointly by KGC (Key Generation Center) and node simultaneously to resist camouflage attack, and the computational complexity in authentication process is significantly ameliorated as the session key is engendered by DLP (Discrete Logarithm Problem). Security analysis shows the strong security of proposed protocol, and performance evaluation proves that both transmission overhead and computational complexity decrease significantly compared with conventional schemes. In addition, it overcomes the weakness of key escrow in identity based aggregate signature protocol.

Lei WANG,Tao WANG,Ji-ming YAO,Bao-yu ZHENG

DOI: https://doi.org/10.16798/j.issn.1003-0530.2017.07.014

2017-01-01

Journal of Signal Processing

Abstract:With the rapid growing of MTC (Machine Type Communication) mobile terminal,network congestion is becoming more and more serious.In this paper,we propose a Multi Group-based and Device Side Key Distribution Secure Authentication and Key Agreement,MGDK-AKA protocol.In the protocol,firstly large number of requests the access device to be divided into multiple groups according to certain rules.Group header aggregate the request message of group members,and the group header and the core network complete the whole authentication and key negotiation process.The group members only complete mutual authentication with the group header,thus avoiding a large number of devices to access the core network simultaneously.At the same time,the key distribution on the side of the core network is transferred to the device side,which can further overcome the network congestion and ensure the secure transmission of the data.The security analysis shows that the proposed scheme can achieve the security goals,and prevent the security threats.Simulation results verify the feasibility of the protocol in network congestion avoidance.

Yichao Chen,Cheng Zeng,Xin Zhou,Liang Huang,Shibo He

DOI: https://doi.org/10.1109/iccc62479.2024.10681994

2024-01-01

Abstract:Mobile edge computing (MEC) is gaining popularity, as it can improve mobile application performance by offloading local computation to edge servers. However, due to the openness of wireless communication, the confidentiality of MEC data transmission, especially the uploading, is endangered by eavesdropping attacks, whose risks have not been thoroughly depicted, evaluated and managed in the literature. In this paper, we investigate the application of friendly jamming (FJ) from base station (BS) and a nearby user to improve physical layer security (PLS) for MEC services. Further, we propose an adjustable multilevel assessment framework for user to evaluate confidentiality risks, and model the impact of its subjective biases under uncertainty based on Prospect Theory (PT). Then, we formulate an operator’s net income maximization problem by jointly considering effective data rate, user satisfaction, antenna usage, upload/FJ power consumption and FJ incentive cost. To solve the highly complex problem, we propose a two-stage control scheme, which first optimizes the secrecy capacity and then maximizes the effective data rate that achieves user satisfaction. By simulation, we evaluate the secrecy performance of the scheme under various conditions, and compare it with the one based on expected utility theory (EUT).

Ronghao Ma,Jianhong Zhou,Maode Ma

DOI: https://doi.org/10.3390/s24072331

IF: 3.9

2024-04-06

Sensors

Abstract:In the realm of the fifth-generation (5G) wireless cellular networks, renowned for their dense connectivity, there lies a substantial facilitation of a myriad of Internet of Things (IoT) applications, which can be supported by the massive machine-type communication (MTC) technique, a fundamental communication framework. In some scenarios, a large number of machine-type communication devices (MTCD) may simultaneously enter the communication coverage of a target base station. However, the current handover mechanism specified by the 3rd Generation Partnership Project (3GPP) Release 16 incurs high signaling overhead within the access and core networks, which may have negative impacts on network efficiency. Additionally, other existing solutions are vulnerable to malicious attacks such as Denial of Service (DoS), Distributed Denial of Service (DDoS) attacks, and the failure of Key Forward Secrecy (KFS). To address this challenge, this paper proposes an efficient and secure handover authentication protocol for a group of MTCDs supported by blockchain technology. This protocol leverages the decentralized nature of blockchain technology and combines it with certificateless aggregate signatures to mutually authenticate the identity of a base station and a group of MTCDs. This approach can reduce signaling overhead and avoid key escrow while significantly lowering the risk associated with single points of failure. Additionally, the protocol protects device anonymity by encrypting device identities with temporary anonymous identity markers with the Elliptic Curve Diffie–Hellman (ECDH) to abandon serial numbers to prevent linkage attacks. The resilience of the proposed protocol against predominant malicious attacks has been rigorously validated through the application of the BAN logic and Scyther tool, underscoring its robust security attributes. Furthermore, compared to the existing solutions, the proposed protocol significantly reduces the authentication cost for a group of MTCDs during handover, while ensuring security, demonstrating commendable efficiency.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yu Zheng,Dake He,Xiaohu Tang,Hongxia Wang

DOI: https://doi.org/10.1109/ICICS.2005.1689196

2005-01-01

Abstract:Future 4G mobile communication networks are expected to provide all IP-based services for heterogeneous wireless access technologies. Security service for mobile user as a major challenge in developing such 4G networks becomes more complicated to handle. Since the mobile equipment (ME) becomes ever more powerful but still remain open to possible attacks, the neglect of the security of ME in developing traditional security scheme for mobile networks will remain many risks in the coming 4G systems. In this paper we associate trusted computing (TC) with PKI to provide a considerable robust platform for user's access to sensitive service and data in the scenario of 4G systems. Then over the trusted mobile platform (TMP) we present an hybrid AKA (authentication and key agreement) and authorization scheme, in which password is in combination with fingerprint as well as public key to achieve mutual authentication among user/ME/USIM (universal subscriber identity module) and that among user/AN (accessed network)/HE (home environment). Compared with other AKA for future mobile networks and 3G AKA, our scheme with well scalability and acceptable efficiency is more robust and secure to resist potential attacks on/from ME and attacks in heterogeneous network infrastructure

CAO Wei,FENG Gang,QIN Shuang,LIANG Liang

DOI: https://doi.org/10.3979/j.issn.1673-825x.2017.05.001

2017-01-01

Abstract:Recently,as a key enabler of IoT,Machine-Type Communication (MTC) becomes one of the important services in future wireless mobile networks.MTC deployments are expected to grow exponentially with an increasing demand on broad-range interconnectivity.IoT is moving toward an architecture based on cellular network infrastructures with wide-area coverage,and hence Cellular-IoT is a very promising technology in the next generation mobile communication system (5G).Especially,massive Machine-Type Communication (mMTC) has been identified as one of the three generic 5G services.It is hard for traditional radio access technologies to provide adequate services for meeting mMTC requirements,and radio access for mMTC services is an important research problem.In this paper,we first briefly introduce the traditional random access procedure,and then survey the existing mMTC access technologies.Moreover,it is hard to address the mMTC access problem by using conventional technical tools in the progressively complicated and service-centric network environments.Artificial Intelligence (AI) based access mechanism has been deemed as one of the most promising solutions.We analyze the feasibility of exploiting AI tools for solving mMTC access control,and propose a Q-learning based smart access point selection scheme for mMTC,with the aim of providing useful insights into future AI based access control research.

Mohammed Ramadan,Fagen Li,Chun Xiang Xu,Ahmed Abdalla,Hisham Abdalla

DOI: https://doi.org/10.1109/icbda.2016.7509848

2016-01-01

Abstract:The security architecture of the mobile networks provides different security features such as authentication, confidentiality, and integrity for both users and network operator. Moreover, the security of mobile communications becomes a hot topic and always need security improvements. GSM cellular system has many weaknesses, especially in the authentication process due to the lack of the physical protection mechanisms in both user and network sides. This paper analyses an existing GSM authentication scheme based on CL-PKC which was proposed in 2014, and it has many weaknesses since it used the basic CL-PKC scheme which has many weaknesses itself. And this paper also proposes an efficient end-to-end scheme for GSM mutual authentication using the concept ofa secure CL-PKC, with some modifications in both security and GSM network architectures.

Yu Zheng,Dake He,Weichi Yu,Xiaohu Tang

DOI: https://doi.org/10.1109/PDCAT.2005.243

2005-01-01

Abstract:In this paper security requirements and security architecture for 4G systems are presented with the consideration of Trusted Computing (TC) for mobile equipment (ME). The security framework based on Trusted Mobile Platform (TMP) and PKI is proposed to provide a considerable robust platform for user’s access to sensitive service and data in the scenario of 4G systems. Over this framework, with the combination of password and biometric identification (BI) as well as public key-based identification, an efficient hybrid authentication and key agreement (HAKA) scheme is presented to resist the possible attacks, particularly the attacks on/from ME. Compared with 3G architecture and other security schemes for 4G mobile networks, our architecture and corresponding HAKA is more secure, scalable and convenient to support globe mobility and capable of being employed to handle the complicated security issues in 4G mobile networks.

Yichao Chen,Kai Zhao,Heng Zhang,Shibo He

DOI: https://doi.org/10.1109/jiot.2023.3272113

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Mobile edge computing (MEC) is becoming popular in many civilian applications. However, due to the broadcast nature of wireless connections, traditional MEC is open to eavesdropping attacks that endanger mobile users’ information confidentiality. Friendly jamming (FJ), as one of the physical layer security techniques, can efficiently protect users from such threats by degrading attackers’ wiretap channel capacities. In this paper, we propose an FJ-based physical layer security (PLS) mechanism to safeguard the confidentiality of data uploading in MEC services. We design a comprehensive security scheme that uses FJ from both base station (BS) and nearby mobile users to cover upload transmission. Accordingly, the eavesdropping risk zone (ERZ) is formulated as an area under high secrecy outage probability (SOP). To promote FJ from users, we further introduce Device-to-device (D2D) communication-based FJ, which is inspired by non-orthogonal multiple access (NOMA) techniques. Then, we formulate, simplify, and solve the problem by optimizing the MEC secrecy performance under the required risk, with efficiencies in data uploading, energy consumption, and incentive delivery. Furthermore, we tackle the challenge of efficient incentive design under information asymmetry by introducing Contract Theory and providing differentiated rewards. By simulations, we evaluate the mechanism in terms of secrecy performance and incentive efficiency under information asymmetry, and the results accordingly show the effectiveness of the proposed security mechanism.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lianghai Ji,Bin Han,Man Liu,Hans D. Schotten

DOI: https://doi.org/10.1109/MCOMSTD.2017.1700031

2017-05-10

Abstract:Massive Machine Type Communication (mMTC) to serve billions of IoT devices is considered to open a potential new market for the next generation cellular network. Legacy cellular networks cannot meet the requirements of emerging mMTC applications, since they were designed for human-driven services. In order to provide supports for mMTC services, current research and standardization work focus on the improvement and adaptation of legacy networks. However, these solutions face challenges to enhance the service availability and improve the battery life of mMTC devices simultaneously. In this article, we propose to exploit a network controlled sidelink communication scheme to enable cellular network with better support for mMTC services. Moreover, a context-aware algorithm is applied to ensure the efficiency of the proposed scheme and multiple context information of devices are taken into account. Correspondingly, signaling schemes are also designed and illustrated in this work to facilitate the proposed technology. The signaling schemes enable the network to collect required context information with light signaling effort and thus network can derive a smart configuration for both the sidelink and cellular link. In order to demonstrate the improvements brought by our scheme, a system-level simulator is implemented and numerical results show that our scheme can simultaneously enhance both the service availability and battery life of sensors.

Networking and Internet Architecture

Jie Song,Xiangyu Pan,Fagen Li

DOI: https://doi.org/10.1007/978-981-99-9331-4_8

2024-01-01

Abstract:With the rapid development of network technology, the number of mobile devices is increasing at a phenomenal speed. However, many wireless communications are established on public wireless networks, which makes it a challenge to ensure the message confidentiality and user privacy. Besides, mobile devices usually have limited resources. It is necessary to design a secure and efficient cryptographic scheme for wireless communication. In this paper, we propose an identity-based mutual authentication scheme for resource-constrained mobile devices. With the help of random oracle model, we show that the scheme is provably secure under extended Canetti-Krawczyk (eCK) security model. Finally, through comparative experiments with six related works, we demonstrate that the proposed scheme is the most suitable for resource-constrained mobile devices in wireless communications.

Yi-Li Huang,Fang-Yie Leu,Ilsun You,Yao-Kuo Sun,Cheng-Chung Chu

DOI: https://doi.org/10.1007/s11227-013-0958-z

IF: 3.3

2013-06-14

The Journal of Supercomputing

Abstract:In broadband wireless technology, due to having many salient advantages, such as high data rates, quality of service, scalability, security, mobility, etc., LTE-A currently has been one of the trends of wireless system development. This system provides several sophisticated authentication and encryption techniques to enhance its system security. However, LTE-A still suffers from various attacks, like eavesdropping and replay attacks. Therefore, in this paper, we propose a novel security scheme, called the security system for a 4Genvironment (Se4GE for short), which as an LTE-A-based system integrates the RSA and Diffie–Hellman algorithms to solve some of LTE-A’s security drawbacks where LTE-A stands for LTE-Advance which is a 4G system. The Se4GE is an end-to-end ciphertext transfer mechanism which dynamically changes encryption keys to enforce the security of data transmission in an LTE-A system. The Se4GE also produces several logically connected random keys, called the intelligent protection-key chain, which invokes two encryption/decryption techniques to provide users with broader demands for security services. The analytical results show that the Se4GE has higher security level than that of an LTE-A system.

Mohammed Ramadan,Guohong Du,Fagen Li,Chun Xiang Xu

DOI: https://doi.org/10.14257/ijsia.2016.10.6.22

2016-01-01

International Journal of Security and Its Applications

Abstract:GSM system is widely used by hundreds of millions of people. In fact there is no encryption scheme provides the reasonable security level (user-to-user encryption), it's just provide the Air-interface encryption i.e. between the mobile station and the base station. Furthermore, there are other wireless links are vulnerable to attacks. It is therefore of great importance to provide reasonable security techniques to ensure the privacy of the mobile users especially circuit switching-based services, as well as prevent unauthorized use of the service. In this paper, a new approach is proposed to provide end-to-end encryption for the GSM system (EEE-GSM). This is achieved by using CL-PKC with some modifications and follow some assumptions in GSM system architecture in order to make the scheme compliant to the GSM cellular system. However, the proposed scheme not only efficient due to end-to-end security, but can also provide a secure system against IMSI catcher, man-in-the-middle, and replay attacks.

Guopeng Zhang,Jiansheng Qian,Shuo Xiao,Jie Gu

DOI: https://doi.org/10.23919/wiopt.2018.8362807

2018-01-01

Abstract:Machine-to-machine (M2M) type communications (MTCs) over cellular networks feature the large number of MTC devices (MTCDs), small and time controlled data transmissions, and rigorous energy limitation. Considering full-duplex (FD) relaying can achieve high spectrum and energy efficiency, this paper proposes an MTC-enabled cellular communication scheme, where a traditional cellular user equipment (UE) is configured as an FD relaying based gateway to assist the uplink transmissions of the served MTCDs. The designed objective is to minimize the aggregate energy consumption of a group consisting of a UE and multiple MTCDs, while fulfilling their minimum throughput requirements. To this end, a convex optimization problem is formulated and a low complexity algorithm is also developed to find the optimal power allocation strategies for the UE and the MTCDs. The simulation results show that the proposed scheme can achieve most of the channel reuse gain of the FD relaying if the self-interference at the UE is controlled below a certain level.