http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
Random Visitor: Defense against Identity Attacks in P2P Networks
GU, Jabeom,NAH, Jaehoon,KWON, Hyeokchan,JANG, Jonsoo,PARK, Sehyun The Institute of Electronics, Information and Comm 2008 IEICE transactions on information and systems Vol.91 No.4
<P>Various advantages of cooperative peer-to-peer networks are strongly counterbalanced by the <I>open</I> nature of a distributed, serverless network. In such networks, it is relatively easy for an attacker to launch various attacks such as misrouting, corrupting, or dropping messages as a result of a successful identifier forgery. The impact of an identifier forgery is particularly severe because the whole network can be compromised by attacks such as Sybil or Eclipse. In this paper, we present an identifier authentication mechanism called <I>random visitor</I>, which uses one or more randomly selected peers as delegates of identity proof. Our scheme uses <I>identity-based cryptography</I> and <I>identity ownership proof</I> mechanisms collectively to create multiple, cryptographically protected <I>indirect</I> bindings between two peers, instantly when needed, through the delegates. Because of these bindings, an attacker cannot achieve an identifier forgery related attack against interacting peers without breaking the bindings. Therefore, our mechanism limits the possibility of identifier forgery attacks efficiently by disabling an attacker's ability to break the binding. The design rationale and framework details are presented. A security analysis shows that our scheme is strong enough against identifier related attacks and that the strength increases if there are many peers (more than several thousand) in the network.</P>
IPv6기반 이동인터넷 환경에서 이동노드의 안전한 시동에 관한 방법
나재훈,정교일,한치문,Nah Jaehoon,Chung Kyoil,Han Chi-Moon 대한전자공학회 2005 電子工學會論文誌-CI (Computer and Information) Vol.42 No.3
At IETF (Internet Engineering Task Force), recently RFC3775, RFC3776 documents about the mobile IPv6 were standardized by IETF (Internet Engineering Task Force). Those specifications propose that during the roaming, the mobile node sends securely the binding update to the home agent and the correspondent node after setting the security association between Mobile Node and Home Agent. But there is no secure bootstrapping method between a mobile node and a home agent at the two RFC documents. This paper proposed a method for the secure bootstrapping between a mobile node and a home agent. This makes the authentication, binding update, home agent assignment, security association distribution through the AAA-based secure channel between mobile node and home agent. And the proposed method was analyzed in the view of the procedure, round trip and security strength. IETF (Internet Engineering Task Force) 표준화 기구에서 최근에 완료된 MIPv6 (Mobile IPv6) 관련 표준 RFC3775, RFC3776는 이동노드와 홈에이전트 사이에 사전에 보안연계 (SA : Security Association)가 설정 된 이후에 이동중에 홈에이전트와 상대노드에게 이동사실을 안전하게 통보하는 위치갱신에 관한 방법을 제시하고 있다. 그러나 이 표준 규격에는 이동노드의 시동(Bootstrapping)과 시동의 경우에 이동노드와 홈에이전트 간에 보안연계를 설정하는 문제에 대하여 제시된 방식이 없다. 본 논문에서는 이동노드와 홈에이전트간의 안전한 시동을 위한 방식을 제시하였다. 이 방식은 인증, 위치갱신, 홈에이전트 할당 그리고 보안연계 분배를 AAA의 안전한 채널을 통하여 이동노드와 홈에이전트간에 수행한다. 그리고 제안된 방식을 기능, 라운드트립 그리고 보안강도 관점에서 특성분석 하였다.