Information Technology Reference
In-Depth Information
Security Scheme in Wireless Grid
Yue Hong Zhang
1
, Li Hao
2
, and Zhong Shan Yang
3
1
Automatic teaching and research section, Air force second flight Institute
2,3
Xi'an Communications Institute
710306, Xi-an City
xazyh@163.com
Abstract.
In this paper, we considered the two security services of authorization
and data security in wireless Grid. The security issues is related to authorization
and security, specific to Grid, the characteristics of these services have been
outlined. The proposed security solutions for the two services of authorization
and security have been categorized into three categories, depending upon the
underlying security techniques. The proposed solutions within each classifying
are discussed in detail. and then, We will analyze different privacy mechanisms
proposed for Grid. For each solution we will address the approach, security is-
sues addressed by the solution, strength of solution, overheads caused and the
weaknesses.
Keyword:
wireless Grid, classifying, authorization, encryption.
Preface
A security framework have been proposed based on stream cipher for encryption to
provide the services of data security, data integrity, and authorization. This framework
ensures per packet mutual authorization between the two communicating nodes within
the network. The objective of using stream cipher is to allow online processing of the
data. Consequently, minimum delay is introduced because of the security provisioning.
Two secret security keys, Authorization Key (AK) and Authorization Session Key
(ASK), are used for authorization of the supplicant and authenticator. AK is exchanged
between the supplicant and the authenticator after initial mutual authorization from the
authorization server, whereas the ASK is used for a given communication session
between the two nodes. The AK and ASK pair is used by the communicating nodes to
generate the permutation vector (PV) which is used for the encryption and decryption
of data. In the strongest mode of security, the data is also involved in the PV generation,
resulting in the randomness which makes the decryption of the data difficult even if the
encryption key of one packet is compromised. The synchronization of the generated
permutation vector between the sender and the receiver of the data results in origin
authorization of every MPDU. To minimize the security overhead, plain text MPDU is
XORed with the PV generated for that MPDU. The authors have proved that the en-
cryption of data using PV provides strong security services of data security, data in-
tegrity, and origin authorization.
Search WWH ::
Custom Search