Location Authentication Methods for Wireless Network Access Control

Location-based service provisioning is of great interests to wireless Internet service providers. However, the essential mechanism, location authentication, can easily become the target of network hackers for free-riding and attacks. We identify two aspects for improvements at the network providers...

Full description

Saved in:
Bibliographic Details
Main Author: Lichun Bao
Format: Conference Proceeding
Language:English
Subjects:
Access control
Access protocols
Algorithm design and analysis
Authentication
Authorization
Computer hacking
Diffic-Hellman
Location based access control
Personal AP
Runtime
security management
Web and internet services
Wireless application protocol
wireless LAN
Wireless networks
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Location-based service provisioning is of great interests to wireless Internet service providers. However, the essential mechanism, location authentication, can easily become the target of network hackers for free-riding and attacks. We identify two aspects for improvements at the network providers to enforce location authentication for network access control location-based key distribution and run-time location verification, and propose solutions to enforce network access control based on location, which we refer to as LENA (Location-Enforced Network Access). First, we designed a location authentication and authorization protocol based on Diffie-Hellman algorithm, which securely authenticates the location claims of mobile wireless devices, and distributes shared keys for data encryption purpose. Secondly, we employ a mobility management protocol to guarantee that the mobile devices are physically at where they claim to be when they access the network. These two steps can separately enforce location based network access control, or be combined. LENA climinates the dependence on expensive hardware devices in order to localize the mobile devices, and solves a couple of possible attacks to the system. The computations, communication, and the memory requirement are evaluated and validated using simulations.
ISSN:1097-2641
2374-9628
DOI:10.1109/PCCC.2008.4745118