Location-based authentication protocol for first cognitive radio networking standard

The developing IEEE 802.22 standard will allow broadband access to be provided in sparsely populated areas by using cognitive radio techniques with operations on a non-interfering basis over television broadcast bands. Such non-interfering basis operation will increase the efficiency of utilisation of that spectrum, and provide large economic and societal benefits. However, the security mechanisms supported by IEEE 802.22 security sub-layer are insufficient to ensure robust security due to the fact that the designers of the standard attempted to reuse the security sub-layer designed for IEEE 802.16 networks, which does not consider the unique security features from IEEE 802.22 networks. This paper proposes a location-based authentication protocol for IEEE 802.22, which can be integrated with the extensible authentication protocol. The proposed protocol uses location information as a key factor to be authenticated each other. Furthermore, it could provide the privacy and confidentiality.

[1]  Jeffrey H. Reed,et al.  Defense against Primary User Emulation Attacks in Cognitive Radio Networks , 2008, IEEE Journal on Selected Areas in Communications.

[2]  Hung-Min Sun,et al.  An Efficient Remote User Authentication Scheme Using Smart Cards , 2000 .

[3]  Joseph Mitola,et al.  Cognitive Radio An Integrated Agent Architecture for Software Defined Radio , 2000 .

[4]  Kee-Young Yoo,et al.  Improved efficient remote user authentication scheme using smart cards , 2004, IEEE Transactions on Consumer Electronics.

[5]  Kaigui Bian,et al.  Security vulnerabilities in IEEE 802.22 , 2008, WICON 2008.

[6]  Lichun Bao,et al.  Secure Access Control for Location-Based Applications in WLAN Systems , 2006, 2006 IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[7]  Jung-Min Park,et al.  Ensuring Trustworthy Spectrum Sensing in Cognitive Radio Networks , 2006, 2006 1st IEEE Workshop on Networking Technologies for Software Defined Radio Networks.

[8]  T. Charles Clancy,et al.  Security in Cognitive Radio Networks: Threats and Mitigation , 2008, 2008 3rd International Conference on Cognitive Radio Oriented Wireless Networks and Communications (CrownCom 2008).

[9]  Gaetano Borriello,et al.  Location Systems for Ubiquitous Computing , 2001, Computer.

[10]  Jia-Yong Liu,et al.  A new mutual authentication scheme based on nonce and smart cards , 2008, Comput. Commun..

[11]  Zhongding Lei,et al.  IEEE 802.22: The first cognitive radio wireless regional area network standard , 2009, IEEE Communications Magazine.

[12]  Daniel P. Dern Privacy Concerns , 2003, IEEE Security & Privacy Magazine.

[13]  Masahiro Kuroda,et al.  A Radio-independent Authentication Protocol (EAP-CRP) for Networks of Cognitive Radios , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[14]  Jong Hyuk Park,et al.  Robust one-time password authentication scheme using smart card for home network environment , 2011, Comput. Commun..

[15]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[16]  Eun-Jun Yoon,et al.  An improvement of Hwang-Lee-Tang's simple remote user authentication scheme , 2005, Comput. Secur..

[17]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[18]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs , 2005, RFC.

[19]  Cheng-Chi Lee,et al.  Password Authentication Schemes: Current Status and Key Issues , 2006, Int. J. Netw. Secur..

[20]  Timothy X. Brown,et al.  Potential Cognitive Radio Denial-of-Service Vulnerabilities and Protection Countermeasures: a Multi-dimensional Analysis and Assessment , 2008, Mob. Networks Appl..

[21]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .