laac: a location-aware access control protocol younsun cho, lichun bao and michael t. goodrich iwuac...
Post on 19-Dec-2015
214 views
TRANSCRIPT
LAAC: A Location-Aware Access Control Protocol
YounSun Cho, Lichun Bao and Michael T. GoodrichIWUAC 2006
Why Location-Based Access Control? Previous user identity- based access control approaches
cannot verify Physical location of the access requester, which plays an important role in determining access rights Secure verification of location claims is required
Secure verification of location claims Natural No need to establish shared secrets in advance
Information about Location can strengthen access control policy Not just which subject is accessing what object Where the subject and object are located
Subject belongs to a location group as long as she can listen to one of the beacons in that group
Previous Works
Hardware dependency to determine location GPS Temper resistant device Ultrasonic signals
Need central server Expensive crypto and overhead
PKI, DH key exchange
Properties
No servers No pre-registration No expensive crypto No expensive hardware (e.g. GPS) Low communication/computation Different from localization problem
Notation
Protocol Description Each access point (APj)periodically broadcasts its nonce (rj)
Assume each APj knows other AP's nonces (rj) through a secure channel A mobile station (MSi) collects nonces of the access points MSi derives its location key (ki) by XOR-ing all the nonces of access p
oints MSi constructs its access request (ARi) using hash of ki and claims it
s location to its associated access point with it. If MSi is located in the access-granted area, it can access to the resourc
e o/w, it cannot access it
This system is secure if each entity does not collude each other Assume trust AP
not mutual authentication.
What is AP group ?
Define three AP groups: G1={AP1, AP2}, G2={AP3, AP4}, G3={AP1, AP4}
Each AP's group: AP1 is in G1, G3 AP2 is in G1 AP3 is in G2 AP4 is in G2,G3
G1 G2G3
Access-Granted Area
1)
1)
1)
1)
1)
1)
2)
2)3
)
Security Analysis
Insecure nonce combinationRNG with k=|nonce| 80 bits
Bogus location claimzero-false positive with
Interval T < Speed of MScf. GPS error, sector error, etc.
Security Analysis (cont.)
Wormhole attack
Security Analysis (cont.)
The Sybil attack Simple solutionAssume each mobile statio
n has APs Certificates of each
Using AP's signature of BBM
Better solution? Man-in-the-Middle Attack?
Efficiency Estimation Various Hash Function Computation Times ( μseconds) based on the Crypto++ 5.2.1 b
enchmark tested on the AMD Opteron 1.6 GHz processor under Linux 2.4.21.
Let |nonce|= 80 bits and |ID|=8 bits and use 160-bit SHA-1 Computation Time
Only 0.147 μseconds to compute access request of mobile station side Communication Load
|BBM| 80 + 8 + 8*|L|*|N| bits of each access point |AR| = 160 bits of each mobile station
Storage Requirement For the mobile stations, there is no storage requirement
Simulation Result Simulation condition
23 MSs, 2 APs 802.11 propagation and path-loss model in the free-space model without
a routing protocol between mobile stations Two access points broadcast beacons with nonces (r1, r2) 1000 times in
every broadcasting interval
False positive rate with various nonce sizes |r1| = |r2| = 4, 8, 16 bits of access points under T= =1 second of static mobile station model
False positive rate with various T=1, 2, 4, 8 seconds with = 1 second T under |r1| = |r2| = 16 bits of randomly moving mobile station model
Application and Extension
HotSpot Cyber Cafe, coffee shop, airport
Data encryption key as well as access control key
Location Tracking Sensor network
Future Work
Scalability Applicable to Sensor Network LBS (Location Based Services)
Location TrackingLocation PrivacySecure Data Aggregation
Conclusion
Easy Simple Cheap Practical Applicable
Q & A