Front Matter
 1 Introduction
  1.1 Overview
   1.1.1 Architecture of WLAN
   1.1.2 Transmission Technologies and Specifications
   1.1.3 Series Specifications of IEEE 802.11
   1.1.4 Applications
   1.1.5 Development Trends
  1.2 Key Issues of WLAN Security
   1.2.1 Security Access
   1.2.2 Fast roaming and handoff
   1.2.3 Secure Integration of Heterogeneous Wireless Networks
   1.2.4 Privacy Protection
   1.2.5 WLAN Security Management
   1.2.6 TPM-based Security Access
  1.3 Realization
  Questions and discussion
  References
 2 Security Architecture Framework
  2.1 Security Attacks and Requirements
   2.1.1 Logical Attacks
   2.1.2 Physical Attacks
   2.1.3 Security Requirements
  2.2 Management-Based WLAN Security Architecture
   2.2.1 The Design Methods of Security Architecture
   2.2.2 Framework
   2.2.3 Logical Realization of Key Components
   2.2.4 Analysis
  2.3 Evolution of Security Architecture for WLAN Access
   2.3.1 WEP
   2.3.2 IEEE 802.1X
   2.3.3 WPA
   2.3.4 IEEE 802.11i Security Framework
   2.3.5 WAPI
   2.3.6 Others
  2.4 The Integrated Security Access Authentication Architecture for WLAN Terminals
   2.4.1 Design Concepts
   2.4.2 The Architecture Scheme
   2.4.3 Flow of Integrated Authentication Operations
   2.4.4 Prototype Implementation
  Questions and Discussions
  References
 3 Security Access Protocol
  3.1 Security Analysis of WAPI
   3.1.1 WAPI Specification
   3.1.2 WAPI Implementation Plan
   3.1.3 Security Analysis of WAI in WAPI Implementation Plan
   3.1.4 Implementation Plan Overcomes the Weaknesses of the Original WAPI
  3.2 Analysis and Improvement of WAPI
   3.2.1 Universally Composable Security
   3.2.2 Improvement of WAPI
   3.2.3 Analysis of Improved Protocol
  3.3 Authentication Scheme that Compatible with 802.11i and WAPI
   3.3.1 Compatible Scheme
   3.3.2 Security Analysis of Compatible Scheme
   3.3.3 Compatibility Analysis of New Scheme
  3.4 WAPI-XG1 Access Authentication and Fast Handoff Protocol
   3.4.1 Overview
   3.4.2 Authentication Protocol
   3.4.3 Unicast Key Agreement Protocol
   3.4.4 Group key notification protocol
   3.4.5 Security Analysis
   3.4.6 Improved Authentication and Fast Handoff Protocols Based on WAPI-XG1
  3.5 Self-Certified Public Key based WAPI Authentication and Key Agreement Protocol
   3.5.1 Authentication and Key Agreement Protocol
   3.5.2 Authentication of Self-Certified Certificate and Key Agreement at STA
   3.5.3 Security Analysis
   3.5.4 Protocol Features and Performance Analysis
  Questions and discussion
  References
 4 Security Protocols for Fast BSS Transition
  4.1 IEEE 802.11r
   4.1.1 Introduction
   4.1.2 Fast BSS Transition Protocol
   4.1.3 Fast BSS Transition Flow
   4.1.4 Security Consideration
  4.2 Security Solution for IEEE 802.11r Drafts
   4.2.1 MIC Authentication Based Solutions
   4.2.2 Hash Chain Based FT Mechanism
   4.2.3 Mechanism Analysis
  4.3 FT Security Solution Based on Location
   4.3.1 Proactive Neighbor Caching Mechanism Based on Moving Direction and QoS Guarantee
   4.3.2 Active Probing Algorithm Assisted by Location
   4.3.3 Secure FT Solution Based on Location
  Questions and discussion
  References
 5 Security Protocols in WLAN Mesh
  5.1 Overview of WLAN Mesh
   5.1.1 SnowMesh
   5.1.2 SEE-Mesh
   5.1.3 IEEE 802.11s Draft
   5.1.4 Classification of Wireless Mesh Networks
   5.1.5 Security Requirements of WLAN Mesh
  5.2 WLAN Mesh Authentication Schemes
   5.2.1 Centralized Authentication
   5.2.2 Distributed Authentication
   5.2.3 Pre-Shared Key Authentication
   5.2.4 MSA
   5.2.5 4-way Mesh Handshake
   5.2.6 Identity-based Mesh Authentication Protocol
  5.3 Protocols for Access Authentication, Secure Fast Handoff and Roaming
   5.3.1 Access Authentication Protocol
   5.3.2 Security Analysis
   5.3.3 Performance Analysis
  5.4 Design and Implementation of Mesh Access Authentication System
   5.4.1 Technological Foundations
   5.4.2 Design and Implementation
  Questions and discussion
  References
 6 Authenticated Key Exchange Protocol
  6.1 IKEv2
   6.1.1 Introduction
   6.1.2 The Initial Exchanges
   6.1.3 The CREATE_CHILD_SA Exchange
   6.1.4 The INFORMATIONAL Exchange
   6.1.5 Authentication of the IKE_SA
   6.1.6 Extensible Authentication Protocol Methods
   6.1.7 Generating Keying Material
   6.1.8 Analysis of IKEv2
  6.2 Key Exchange Protocol in WLAN
   6.2.1 Protocol Design Requirement
   6.2.2 Wireless Key Exchange Protocol
   6.2.3 Protocol Analysis
  6.3 Extension of Provably Secure Model for Key Exchange Protocol
   6.3.1 Canetti-Krawczyk Model
   6.3.2 Analysis and Extension for Canetti-Krawczyk Model
  Questions and discussion
  References
 7 Privacy Protection for WLAN
  7.1 Mobile Anonymity
  7.2 IPSec-based Anonymity Connection Protocols in WLAN
   7.2.1 Anonymity Architecture Model
   7.2.2 Anonymity Connection Protocols
   7.2.3 Implementation of protocols
   7.2.4 Protocol Analysis
  7.3 Universally Composable Anonymous Authentication Protocol
  Questions and Discussion
  References
 8 Adaptive Security Policy
  8.1 Overview
   8.1.1 Adaptive Security
   8.1.2 Evolution of Adaptive Security Architecture
   8.1.3 Dynamic Security Policy Framework
  8.2 Framework of WLAN Adaptive Security Policy
   8.2.1 Requirement Analysis
   8.2.2 Framework of Adaptive Security
   8.2.3 Policy-Based Security Management Framework
  8.3 Adaptive Security Communication Model for WLAN
   8.3.1 System Model
   8.3.2 Evidence Theory Based Security Inference Method
   8.3.3 Analytical Hierarchy Process Based Adaptive Security Policy Decision-Making
  Questions and Discussion
  References
 9 Evaluation Method of Security Performance
  9.1 View Model of Security Service
   9.1.1 Service Classfication
   9.1.2 QoSS Security Services View
   9.1.3 Description of Security Service View
  9.2 Entropy Weight Coefficient Based WLAN Security Threat Quantification Model
   9.2.1 Risk Parameters Description
   9.2.2 Security Risk Evaluation Model
   9.2.3 Model Aanalysis
  Questions and Discussion
  References
 10 Architecture of Trusted Terminal
  10.1 Trusted Computing Technology
   10.1.1 TCG’s Definition of Trust
   10.1.2 Applications of Trusted Computing
   10.1.3 Overview of TCG Architecture Specification
   10.1.4 TMP Hardware Architecture
   10.1.5 TMP Software Architecture
   10.1.6 Relationships between TPM and TMP
  10.2 TC-based Security Architecture for Terminals
   10.2.1 Security Kernel-Based Architecture
   10.2.2 Micro Kernel-based Architecture
   10.2.3 VMM-Based Architecture
   10.2.4 LSM Mechanism-based Architecture
  Questions and Discussion
  References
 11 Architecture of Trusted Network Connect
  11.1 From Trusted Platform to Trusted Network
   11.1.1 Trusted Transmission
   11.1.2 Platform Authentication
   11.1.3 Trusted Network Connect
  11.2 TPM-Based Trusted Architecture
   11.2.1 Trusted Computing Model
   11.2.2 Trusted Architecture of Mobile Terminal
   11.2.3 Trusted Network Architecture
  11.3 Architecture of Mobile Device Accessing Trusted Network
   11.3.1 Premise and Assumption
   11.3.2 Access Entities
   11.3.3 Architecture of Accessing Trusted Network
   11.3.4 Analysis
  Questions and Discussion
  References
 Index
 版权