Improving authentication in the security of wireless LANs 11.802 with an emphasis on the cache mechanism at the access point

Master thesis

Software trend

Abstract

         Today, the world of communication is developing at an indescribable speed and the Internet plays a significant role in this development. Mobile users want access to the Internet and wireless networks have provided this possibility. {Formatting Citation} Establishing secure communication and user security and maintaining service quality[1] at an acceptable level for users are among the most important issues of wireless network access. There are many solutions to ensure the security of users, one of which is the use of EAP methods, in this method, users must be authenticated, and on the other hand, the authentication process is time-consuming. In this research, by using the cache mechanism in the access points, the handoff process was done faster, and subsequently, the authentication time was reduced and the possibility of using stronger security protocols was provided. It is worth noting that the role of the access point is very vital and important in this research.

Keywords - developed authentication protocol [2]; authentication, authorization and audit servers [3]; Handoff; access point[4]; Cache memory.[5]

Introduction

Today, with the improvement of performance, efficiency and security factors, wireless local area networks are growing and expanding significantly, and the IEEE 802.11 standard is the basic standard that wireless local area networks are designed and implemented based on. The need to provide security and improve it in wireless local networks has been much considered and investigated. One of the security solutions is to use the AAA security model, and each of the processes of this security model, including authentication, authorization and auditing, have mechanisms to ensure security. In this research, the authentication process is discussed. If the AAA security model is used in the wireless local network, the security and quality of service, which are two important factors in creating a good connection, will be affected. Due to the process of authentication and reducing the time of this stage of communication, a stronger security protocol can be used. In the proposed method, the access point plays an important role, and the way access points interact with mobile nodes is described in the proposed flowchart. Compared to other methods of establishing security in the wireless network, relying on the idea of ??the proposed method, a tremendous improvement in security can be achieved.

The structure of this thesis is as follows: the first chapter is an overview of some concepts of wireless networks, the second chapter is an overview of some concepts of AAA servers. The background of the research is stated in the third chapter. The fourth chapter explains the proposed idea and method, followed by the conclusion, conclusion, and future work in the fifth and sixth chapters, respectively.

Overview

Wireless networks

This chapter will provide an overview of the concepts and operation of wireless networks regarding security.

1-1 Classification of wireless networks In terms of extent

wireless networks are divided into four main categories according to the extent of the area of ??the network they cover [4] [1]:

wide wireless networks[6]

city wireless networks[7]

local wireless networks[8]

personal wireless network[9]

1-1-1 networks Broadband wireless

In these networks, it is possible to communicate between cities or even countries using different satellite systems. The above networks are known as second generation systems and are generally networks with high wireless coverage. An example of these networks is the cellular wireless structure used in mobile phone networks. In these networks, due to the network structure and access technology of network users, a wide area is covered by them. Among these technologies, AMPS[10], second generation digital cellular networks such as GSM[11] in Europe, PDC cellular networks[12] in Japan and third generation cellular networks such as UMTS[13] can be mentioned[1]. The above networks are often used as cable backup networks (copper, optical fiber). Urban wireless networks are networks whose coverage area is limited to the urban area. Among the standards of this network, we can mention the IEEE802.16 [14] standard.  The most famous 802.11. Which is called WiFi was produced by an electrical and electronic engineer. This standard defines all the fields of the radio frequency wireless network. Depending on the type of standard it follows, they have a range of up to 400 meters. WiFi can be an effective and valuable way to expand indoor networks without the expense of wiring an office[1][3].

WiFi allows APs to reach a perimeter, or hotspot, up to a radius of approx. It covers 100 meters in the interior space of the building. Depending on the conditions, outdoor WiFi can cover a radius of 300 meters, depending on the environmental conditions. The transmission speed in WiFi standards is different and ranges from 11Mbps to 54Mbps.

The advantages of WiFi include the following:

Using the frequency band without permission

Less international restrictions

Architecture Its structure allows it to be used everywhere and spread quickly.

Low cost,

ability to move without disconnecting from the network.

But the disadvantages of WiFi are as follows:

Usage From the 2.4 GHZ frequency band, which is susceptible to interference and noise.

Compared to other standards, it consumes more energy.

1-1-3 Personal wireless networks

In these networks, the possibility of communication between personal devices such as handheld computers [15] in a limited area (about 914 centimeter) is provided. In this type of networks, two common technologies IR [16] and Bluetooth [17] are used. On the other hand, personal wireless networks are included in the category of ad hoc networks. Personal wireless networks, which have a communication range of about 10 meters, have been created in order to simplify the communication between computers, mobile phones and handheld computers [18]. The best known technology for personal wireless networks is the Bluetooth standard[1].

1-1-4 Local wireless networks

These networks allow users living in a limited area such as a university or library campus to access the network or the Internet. Compared to wired local networks, national wireless networks offer higher flexibility and portability to network users. In such networks, users connect to the network and benefit from its facilities by establishing a wireless connection with a device called an access point. The IEEE 802.11 standard is one of the prominent standards in wireless local networks that provides a data transfer rate of about 1Mbps to 100Mbps in two frequency bands of 5 and 2.4 GHz for network users. Another prominent standard in wireless local networks is the standard [19] Hiperlan. This standard works in the 5 GHz frequency band. Hipelan 1 has a data transfer rate of 19 MB/s and standard Hiperlan 2 has a transfer rate of 54 MB/s and supports "quality of service" [20] [1].

(images are in the main file)

Figure 1.1 shows the three main categories of wireless networks and their coverage area. As can be seen in the figure, among the wireless LAN standards, the 802.11a standard supports a higher transmission rate and switching speed compared to other standards. On the other hand, it is clear that generally cellular networks offer their users a higher transfer speed. Figure 1.1 is a comparison of the transmission rate and the speed of moving nodes in different categories of wireless networks. Mobile users need to access the Internet and the wireless networks made it possible for them. In fact, the safety as well as secure user's communication and the quality of services are the significant factors of accessing wireless network for users. There are many approaches in order to prepare security for users, that one of them is Extended Authentication Protocol method. In this method all users must be authenticated, however, the authentication process is time consuming. In this paper, mechanism of handoff process takes a short time when the cache memory is used in access point and consequently the authentication time decreased so using strong security method is possible.