透過綁定於USIM的不同資訊達到M2M的裝置認證

隨著物聯網等概念出現，人們將研究的重心移至機器對機器的通訊上，並且對於其安全的議題開始注重。目前機器對機器的通訊遇到許多問題，而其中一個重要的問題為USIM的盜取，由於物連網裝置通常無輸入介面，所以傳統的PIN碼鎖已不再能保障最基本的安全。本篇論文提出兩種解決方法。第一種我們加強原始的認證方式，提出裝置認證的演算法，使IMEI與IMSI配對，在IMEI有可能被篡改的情況下，仍能確保USIM的安全。與3GPP TR33.868所提出的解決方法相比，我們更有效率地達到裝置認證上的安全。另外，我們欲利用硬體特殊且不易被人為更動的特性，藉此保護USIM。因此，第二種方式使用每個裝置皆有些許不同的時脈偏移值作為參考。從結果來看，在不被攻擊者篡改資料封包的情況下，此方法能有效且安全地辨別裝置。在我們的實驗中，所提出的兩個方法能夠用硬體或是軟體的方式所實作。

關鍵字

物聯網；機器對機器的通訊； USIM盜取；安全裝置認證；時脈偏移

並列摘要

With the concept of Internet of Things well developed , the researchers increasingly moved the focus on M2M communications and began to pay attention to the relevant security issues. Up to now M2M communications have encountered several security problems. One of the important problems is about the USIM stolen. Due to hardly any input interfaces, the common PIN code verification is no effect. In this paper, we propose two approaches. The first is to enhance the original authentication mechanism and do the device authentication, we make IMEI and IMSI in pairs. In case IMEI is likely to be tampered with, we still can verify the fake device. Comparing with the method proposed in 3GPP TR 33.868, we utilize more efficient way to achieve secure device authentication. In addition, we would like to utilize the particular hardware characteristics, which is hardly artificially modified. In the approach 2, we make the clock skew, which each device is slightly different, as the reference achieve our requirement. Result shows that without an adversary tampering with the data packets, this approach can securely discriminate the devices. In the experiment, we can implement the two approaches in either hardware or software support.

並列關鍵字

IoT ； M2M communication ； USIM stolen ； secure device authentication ； clock skew

參考文獻

[1] Dave Evans. The Internet of Things: How the Next Evolution of the Internet Is Changing Everything. Tech. rep. Cisco, 2011.

[2] R. Ratasuk et al. “Recent advancements in M2M communications in 4G networks and evolution towards 5G”. In: Intelligence in Next Generation Networks (ICIN),

[3] 3rd Generation Partnership Project (3GPP).Standards Development Organizations.www.3gpp.org.

[4] European Telecommunications Standards Institute (ETSI). Standards Development

[5] OneM2M. Standards Development Organizations. www.onem2m.org.

延伸閱讀

李培宇（2011）。基於Hamming Distance之上的RFID相互認證協定〔碩士論文，國立交通大學〕。華藝線上圖書館。https://doi.org/10.6842/NCTU.2011.00783
Chen, M. F., & Lee, T. F. (2018). 利用改良混沌映射技術提升適用於遠距醫療資訊系統環境之動態識別碼為基礎的認證金鑰協商機制. 品質學報, 25(3), 153-165. https://doi.org/10.6220/joq.201806_25(3).0002
Li, C. H. (2015). M2M系統中支援服務品質之異質網路路由機制之設計與實作 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2015.02122
張瑞翔（2010）。The study of user authentication schemes for client/server environment〔碩士論文，亞洲大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0118-1511201215464319
Zhou, J., Yan, Y., Wang, L., & Guo, Y. (2013). Comparative Analysis and Application of Common Authentication and Accounting Technology in the Modern Network. International Journal of Automation and Power Engineering, 2(4), 84-89. https://www.airitilibrary.com/Article/Detail?DocID=P20150609007-201305-201508200026-201508200026-84-89

國際替代計量

透過綁定於USIM的不同資訊達到M2M的裝置認證

全文下載

主題瀏覽