雲端運算環境下適用於橢圓密碼學的隨意式無線網路安全演算機制

雲端服務是種承襲與整合許多分散式、網格運算與網路的概念，也正因近年雲端服務的推動運用，使得各類資通訊產品及服務朝向多元化發展趨勢。其中虛擬化雲端安全除了面臨承繼以往的傳統安全性問題外，在虛擬環境上更面臨新興安全問題，所以在降低雲端服務威脅及強化安全措施是愈顯重要的。隨意式無線區域網路是屬於多重跳躍架構的無線網路，它無須類似存取點或基地台的基礎建設。就因網路定義為一群節點或路由器的設備，進而能直接在無線網路之間做溝通。因為在無線網路下使用無線電波傳送資訊，是更容易遭受到竊聽與攻擊，而隨意式無線網路架構大多應用於個人網路或家用網路系統整合、區域或小型會議通訊、軍事應用，如筆電、無線耳機、無線滑鼠與無線鍵盤等。其資料機密更是具備重要性且不容許遭到竊聽，於是在資訊安全強度上的議題是不容忽視。為了能對於節點不被竊聽且進行保護，如何在使用者之間建立高安全性的認證機制是重要的議題，其中結合生物識別的認證可以有效提升安全性的方式，因此本論文提出一個基於橢圓曲線密碼學遠端三因子認證機制，此機制不需要身分表來驗證使用者的身分，而且能夠有效地避免攻擊者通過驗證。　　　此外並提出一個基於最小擴張樹的隨意式無線區域網路繞徑演算法，來有效且快速地建立出各路由器之間傳輸資料的最短路徑以及搜尋方法，使得在未來各種資訊與網路環境中的數位資訊傳遞安全及效率性的實現可行性探討。也就是能讓雲端運算環境之網路拓樸上所有正常的節點，能快速且穩定達成網路服務應用需求。

關鍵字

橢圓曲線密碼學；生物識別；遠端驗證；隨意式無線區域網路；雲端運算

並列摘要

Cloud computing is a concept of inheritance and integration with distributed computing, grid computing, and networking computing. Because cloud computing services are pursued and applied recent years, it has a trend to develop diversification of all kinds of information and communication products and services. Secure virtualization for cloud computing inherits traditional security issues from the past, and even faces emerging security problems in virtual environments. Therefore, it’s very important to decrease the threats of cloud computing services and strengthen security measures. A wireless ad-hoc network is a multi-hop wireless network that doesn't need access points or base stations, and it is defined as the devices of a number of nodes or routers which are able to communicate with each other directly on the wireless network. 　　It’s very easy to suffer from eavesdropping and attacks if you use radio waves to send data in wireless network environment. Ad hoc network architecture is applied to individual network, home internet connection, conferences on local communication or military applications, such as laptops, wireless headphones, wireless mouse, wireless keyboards, etc. however, because the confidentiality of information has more importance and doesn’t be allowed to suffer from eavesdropping, the issues of Information security are noticeable. In order to protect nodes from eavesdropping, it’s an important issue how to establish a highly secure authentication scheme between users, especially an authentication scheme which is combined with the biometric data is able to effectively enhance security. Therefore, the paper proposes an ECC based remote three-factor authentication scheme, which does not requires ID tables to verify its users, is more efficient to prevent adversaries from passing the authentication. 　　Furthermore, the paper proposes a minimum spanning tree based ad hoc wireless networks routing algorithm scheme to effectively and quickly build the shortest path and search for transmitting data between routers. It’s able to achieve a secure and effective way that transmits digital data in different types of information and network environments. In other words, It’s able to make every executable node in network topology achieve the request of network services and applications on cloud computing.

並列關鍵字

ECC ； Biometric ； Remote Authentication ； Ad Hoc Wireless Networks ； Cloud Computing

參考文獻

【1】 H. Takabi & J. Joshi & G. Ahn, “Security And Privacy Challenges in Cloud Computing Environments,” IEEE Security & Privacy, vol. 8, No. 6, pp. 24–31, November 2010.

【2】 R. Chow et al., “Controlling Data in the Cloud: Outsourcing Computation without Outsourcing Control,” in ACM workshop on Cloud computing security, 2009.

【5】 C.H. Lin and Y.Y. Lai, “A flexible biometrics remote user authentication scheme, ” Computer Standards & Interfaces vol. 27, no. 1, 2004, pp.19-23.

【6】 C.I. Fan and Y.H. Lin, “Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics, ” IEEE Transactions on information forensics and security, vol. 4, no. 4, 2009, pp. 933-945.

【7】 J.K. Lee, S.R. Ryu and K.Y. Yoo, “Fingerprint-based remote user authentication scheme using smart cards, ” Electronics Letters, vol. 38, no.12, 2002, pp. 554-555.

國際替代計量

雲端運算環境下適用於橢圓密碼學的隨意式無線網路安全演算機制

主題瀏覽