跳到主要內容

臺灣博碩士論文加值系統

(18.205.192.201) 您好!臺灣時間:2021/08/05 03:09
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:李哲維
研究生(外文):Che Wei Lee
論文名稱:具交談金鑰預測功能之無線區域網路安全防護機制
論文名稱(外文):Security Schemes for Wireless Local Area Networks with Session Key Forecasting Capability
指導教授:曹偉駿曹偉駿引用關係
指導教授(外文):Woei-Jiunn Tsaur
學位類別:碩士
校院名稱:大葉大學
系所名稱:資訊管理學系碩士班
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:中文
論文頁數:61
中文關鍵詞:無線區域網路安全弱點檢測無線存取點橢圓曲線密碼系統
外文關鍵詞:Wireless Local Area Network SecurityVulnerability DetectingAccess PointElliptic Curve Cryptosystem
相關次數:
  • 被引用被引用:0
  • 點閱點閱:110
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
  無線區域網路(Wireless Local Area Network;WLAN)提供今日使用者於機動性與便利性之資訊應用需求,卻也必須面臨異於以往的資訊安全風險。網路管理人員在進行WLAN安全防護措施時,普遍會面臨以下兩個問題:一、弱點偵防與檢測的工作需要耗費企業組織中大量的系統資源與稽核人力成本;二、WLAN環境下之Client端節點變動頻繁,使得無線存取點(Access Point)及使用者端稽核的工作面臨相當大的考驗。因此,本研究提出兼具高安全性與預測能力之WLAN安全防護機制,將可同時避免WLAN環境中的節點異動頻繁所造成之安全性衝擊、簡化並降低企業組織於稽核未經授權之AP時所需的網路專業門檻及人力物力、自動化檢測無線網路服務使用者之合法使用期限、預測並評估目前所使用的交談金鑰之風險等級。值得一提的是,使用者可視交談金鑰之風險等級預測結果,以評估是否需重新更換交談金鑰,如此一來除了可降低系統於產生交談金鑰時所耗費的運算資源,更可免除使用者須時常更新交談金鑰的困擾。相信本機制將可提供企業組織一兼具高安全性、便利性與低成本之WLAN安全解決方案。
Wireless Local Area Networks (WLAN ) provide the demand for information ap-plication in the mobility and the convenient capital for users. At the same time, users must to face the variance in the former information security risk. When the network administrator carries on the WLAN security protective measure, usually to face the fol-lowing two questions generally: First, vulnerability detecting jobs are consuming the massive system resources and the audit manpower cost in enterprise; Second, under the WLAN environment, client nodes are variation frequently, and causes the wireless ac-cess point and the user auditing faced with the huge challenge. Therefore, this thesis proposes WLAN security schemes with highly secure and forecasting capability, it might simultaneously avoiding in client nodes are variation frequently that having the secure impact in WLAN environments, simplifing and reducing in auditing the unau-thorized AP that needed the network specialized knowledge and the manpower resource in the enterprise to organize, automating detect the users’ legitimate life which using the wireless network service, and forecasting and evaluating the risk of rank for a session key. Especially, users could estimate if he needs to regenerate a session key, depending on the forecasting result of the risk of rank for it. In such a case, this schemes cannot only reduce the operation resources of key generating, but also avoid the user to renew session key frequently. We affirm that the proposed schemes can provide the enterprise to achieve a highly secure, convenient and low-cost solution for WLAN.
中文摘要 ...................... iii
英文摘要 ...................... iv
誌謝辭 ...................... v
內容目錄 ...................... vi
表目錄  ...................... viii
圖目錄  ...................... ix
第一章  緒論......................1
  第一節  研究背景..................1
  第二節  研究動機與目的...............1
  第三節  研究流程..................3
  第四節  論文架構..................4
第二章  文獻探討....................6
  第一節  系統弱點與系統安全.............6
  第二節  弱點管理與檢測相關機制...........7
  第三節  基於模糊推論技術之網路安全等級預測機制...10
  第四節  WLAN安全機制之現有解決方案及其存在之
弱點....................12
第三章  兼具高安全性與交談金鑰預測能力之無線區域網
路安全防護機制.................14
  第一節  機制架構..................14
  第二節  建置階段..................15
  第三節  註冊階段..................17
  第四節  登入階段..................18
  第五節  檢測階段..................19
  第六節  交談金鑰產生階段及預測功能.........21
  第七節  變更使用者密碼功能.............33
第四章  安全性分析...................35
第五章  系統實作與模擬.................39
  第一節  實驗環境描述................39
  第二節  實驗步驟..................42
第六章  討論與結論...................53
  第一節  討論....................53
  第二節  結論....................56
參考文獻.........................57
一、中文部份

謝燦榮(2005) ,適用於多伺服器環境之兼具效率與安全的身份認證機制,大葉大學資訊管理系未出版之碩士論文,29-31。

二、英文部份
Alhazmi, O. H., & Malaiya, Y. K. (2005a). Modeling the Vulnerability Discovery Process. Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering (pp. 1-10), USA:Dallas.

Alhazmi, O. H., & Malaiya, Y. K. (2005b). Quantitative Vulnerability Assessment of Systems Software. Proceedings of Annua lReliability and Maintainability Symposium (pp. 615-620), USA:Alexandria.

Ali, K. M., & Owens, T. J. (2007). Selection of an EAP Authentication Method for A WLAN. International Journal of Information and Computer Security 1(1/2), 210-233.

Allen, J., Christie, A., Fithen, W., McHugh, J., Pickel, J., & Stoner, E. (2000). State of the Practice of Intrusion Detection Technologies. Software Engineering Institute Technical Report, CMU/SEI-99-TR-028, Carnegie Mellon University.

Altrock, C. V. (1996). Fuzzy Logic & Neuro Fuzzy Applications In Business & Finance. Upper Saddle River,NJ:Prentice Hall PTR, 35-43.

Anh, N. T., & Shorey, R. (2005). Network Sniffing Tools for WLANs: Merits and Limitations, Proceedings of the 2005 IEEE International Conference on Personal Wireless Communications (pp. 389-393), India:New Delhi.

Bittau, A., Mark, H., & Joshua, L. (2006). The Final Nail in WEP’s Coffin, Proceedings of 2006 IEEE Symposium on Security and Privacy (pp. 386-400), USA:California.

Corral G., Cadenas X., Zaballos A., & Cadenas, M. T. (2005). A Distributed Vulnerability Detection System for WLANs. Proceedings of First International Conference on Wireless Internet (pp. 86-93), Budapest:Hungary.

Corral G., Zaballos A., Cadenas X., & Grane, A. (2005). A Distributed Vulnerability Detection System for an Intranet, Proceedings of the 39th Annual 2005 International Carnahan Conference on Security Technology (pp. 291-294), SPAIN:Las Palmas.

Dantu, R., Clothier, G., & Atri, A. (2007). EAP Methods for Wireless Networks. Computer Standards and Interfaces, 29(3), 289-301.

FuzzyTECH. (2007). FuzzyTECH Features Overview [Online]. Available: http://www.fuzzytech.com/e/ftpo.html [2007, March 15]

Gerald, C., & Wheatley, P. (2003). Applied Numerical Analysis, Pearson Education.

Gupta, M., Rees, J., Chaturvedi, A., & Chi, J. (2006). Matching Information Security Vulnerabilities to Organizational Security Profiles: A Genetic Algorithm Approach, Decision Support Systems, 41(3), 592-603.

Herzog, P. (2003). Open-Source Security Testing Methodology Manual-Wireless Security Testing Section (OSSTMM WIRELESS). The Institute for Security and Open Methodologies.

Il-Gon, K., & Jin-Young, C. (2004). Formal Verification of PAP and EAP-MD5 Protocols in Wireless Networks: FDR Model Checking. Proceedings of the 18th International Conference on Advanced Information Networking and Applications (pp. 264-269), Japan:Fukuoka.

Jing, N., Wen, J. Luo, J. He, X. , & Zhou, Z. (2007). An Adaptive Fuzzy Logic Based Secure Routing Protocol in Mobile Ad Hoc Networks. Fuzzy Sets and Systems, 157(12), 1704-1712.

Liu, Y., & Mana, H. (2005). Network Vulnerability Assessment using Bayesian Networks, Proceedings of the SPIE. 61-71.

Sanguanpong, S., & Kanlayasiri, U. (2006). Worm Damage Minimization in Enterprise Networks, International journal of Human-Computer Studies, 65(1), 3-16.

Tsaur, W. J. (2005). Several Security Schemes Constructed using ECC-Based Self-Certified Public Key Cryptosystems, Applied Mathematics and Computation, 168, 447-464.

Tsaur, W. J., Wu, C. C., & Lee, W. B. (2004). A Smart Card-Based Remote Scheme for Password Authentication in Multi-server Internet services. Computer Standards and Interfaces, 27, 39-51.

Urien P., Badra, M., & Dandjinou, M. (2004). EAP-TLS SmartCards, from Dream to Reality, Proceedings of the 2004 4th Workshop on Applications and Services in Wireless Networks (pp. 39-45), USA:Massachusetts.

Venter, H. S., & Eloff, J. H. P. (2004). Vulnerability Forecasting-A Conceptual Model. Computers and Security, 23, 489-497.

Wack, J., Miles, T., & Murugiah S. (2003). Guideline on Network Security Testing, Recommendations of the National Institute of Standards and Technology.

Wilfred, L., Allan, W., & Dillon, T. S. (2006). Application of Soft Computing Techniques to Adaptive User Buffer OverflowControl on the Internet. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, 36(3), 397-410.

Willem, G., Ru, D., & Eloff, J. H. P. (1997). Enhanced Password Authentication through Fuzzy Logic, IEEE expert magazine, 12, 38-45.

Xie, Y., & Burnham, K. (2006). Fuzzy decision support system for demand forecasting with a learning mechanism. Fuzzy Sets and Systems, 157(12), 1713-1725.

Yue, M., & Xiuying, C. (2003). How to Use EAP-TLS Authentication in PWLAN Environment, Proceedings of the 2003 International Conference on Neural Networks and Signal Processing (pp. 1677-1680), China:Nanjing.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top