Security, privacy, and accountability in wireless access networks

The presence of ubiquitous connectivity provided by wireless communications and mobile computing has changed the way humans interact with information. At the same time, it has made communication security and privacy a hot-button issue. In this article we address the security and privacy concerns in wireless access networks. We first discuss the general cryptographic means to design privacy-preserving security protocols, where the dilemma of attaining both security and privacy goals, especially user accountability vs. user privacy, is highlighted. We then present a novel authentication framework that integrates a new key management scheme based on the principle of separation of powers and an adapted construction of Boneh and Shacham's group signature scheme, as an enhanced resort to simultaneously achieve security, privacy, and accountability in wireless access networks.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Yuguang Fang,et al.  ARSA: An Attack-Resilient Security Architecture for Multihop Wireless Mesh Networks , 2006, IEEE Journal on Selected Areas in Communications.

[3]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[4]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[5]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[6]  Hovav Shacham,et al.  Group signatures with verifier-local revocation , 2004, CCS '04.

[7]  Wenjing Lou,et al.  A Sophisticated Privacy-Enhanced Yet Accountable Security Framework for Metropolitan Wireless Mesh Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[8]  Robert H. Deng,et al.  A novel privacy preserving authentication and access control scheme for pervasive computing environments , 2006, IEEE Transactions on Vehicular Technology.

[9]  Pin-Han Ho,et al.  ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.