Showing papers by "Seung-Woo Seo published in 2011"

RSU-Based Distributed Key Management (RDKM) For Secure Vehicular Multicast Communications

Abstract: Although lots of research efforts have focused on group key management (GKM) for secure multicast, existing GKM schemes are inadequate for vehicle communication (VC) systems since they incur unnecessary rekeying overhead without considering the characteristics of VC systems such as Vehicle-to-Infrastructure communications and a great number of high mobility vehicles. Therefore, we propose a GKM scheme, called RSU-based decentralized key management (RDKM), dedicated for the multicast services in the VC systems. The RDKM scheme significantly reduces the rekeying overhead through delegating a part of the key management functions to the road-side infrastructure units (RSUs) and through updating the key encryption keys (KEKs) within a RSU. The performance of the RDKM scheme is analyzed in terms of communication overhead and storage overhead each of which has a strong impact on the performance of GKM. Furthermore, we propose an optimization algorithm that minimizes the weighted sum of the communication and the storage overhead, called the GKM overhead (GKMO), by appropriately determining the design parameters. The numerical results from the extensive analysis demonstrate that the RDKM scheme outperforms the existing GKM schemes in terms of the GKMO.

Design Optimization of Vehicle Control Networks

Abstract: The advancement of electronic technology has made significant contributions to the safety and convenience of modern vehicles. New intelligent functionalities of vehicles have been implemented in a number of electronic control units (ECUs) that are connected to each in vehicle control networks (VCNs). However, with the rapid increase in the number of ECUs, VCNs currently face several challenges, e.g., design complexity, space constraints, system reliability, and interdependency. Considering these factors, the complexity of the VCN design problem exponentially increases, which means that the problem cannot be solved within a reasonable time using conventional optimization techniques. In this paper, we report a new methodology for the optimal design of VCNs. An analytical model was derived to examine the fundamental characteristics of the VCN design problem. Compared with the case of a conventional data network, which typically considers temporal scheduling over a fixed physical topology, the VCN design problem should also consider spatial constraints, e.g., volume, position, and weight. Moreover, the spatial constraints change during the solving procedure. Such temporal and spatial joint optimization problems with varying constraints incur extremely high computational complexity. To tackle the high complexity, this paper proposes a fast solution based on a repeated-matching method, which reduces the problem complexity from O(NNN) to O(NN3). By applying our methodology to a number of different real-world VCN design scenarios, this proposal can produce a 1% near-optimal design within a significantly reduced time.

A Physical and Logical Security Framework for Multilevel AFCI Systems in Smart Grid

Abstract: The arc fault circuit interrupter (AFCI) is expected to be one of the most essential components in smart grid systems for providing physical security and safety against electrical fire hazards caused by arc faults. As AFCIs are widely deployed as a part of mandatory installation requirements, a hierarchy consisting of multilevel AFCIs has been established, where a portable AFCI is connected serially to an outlet box AFCI. However, this multilevel AFCI structure causes serious problems when the AFCI detects arc faults in the surveillance area of its descendant AFCIs. This can cause de-energizing of the entire area covered by the upper-level AFCI, which may lead to blackouts over large areas. This paper proposes an integrated security framework comprised of physical and logical security measures as a solution for this problem. Firstly, the problem is tackled through communication between the hierarchy levels. Since the proposed system deals with physical security and safety, the communication must guarantee reliable message delivery within the specified deadlines. A controller area network (CAN) is chosen as the communication technology because it provides deterministic message delivery that meets the system requirements. Moreover, CAN has the advantages of verified performance and cost competitiveness through accelerated industrial adoption. Along with the physical security framework, a logical security framework is also proposed with group key management that prevents unauthorized access. Finally, this paper reports an integrated methodology for optimizing the design parameters satisfying the bandwidth and security demands of physical and logical measures because both demands competitively share a common communication resource.

Security in Next Generation Mobile Networks: SAE/LTE and WiMAX

Abstract: Starting from voice services with simple terminals, today a mobile device is nothing sort of a small PC in the form of smart-phones. The result has been a huge increase in data-services giving mobile communication access to critical aspects of human society / life. This has led to standardization of SAE/LTE (System Architecture Evolution / Long Term Evolution) by 3GPP and IEEE 802.16e / WiMAX. Together with penetration of mobile communications and new standardization come new security issues and thus the need for new security solutions. This book provides a fresh look at those security aspects, with main focus on the latest security developments of 3GPP SAE/LTE and WiMAX. SAE/LTE is also known as Evolved Packet System (EPS).

Anonymous Communication in Ubiquitous Computing Environments

Abstract: Wireless networks such as WLANs which have already been commonplace will play an important role in providing the last mile access for ubiquitous computing environments. However, the wireless access technologies are accompanied with some security vulnerabilities that stem from the broadcasting medium. Although most of the vulnerabilities can be solved by the existing security countermeasures, there still exists the vulnerability of a message header. In most wireless access networks, the header part of each message, including the source and destination addresses, is transmitted in a plain-text format. This can be a security hole with adversaries collecting the revealed header information for a traffic analysis attack that can breach the privacy of the transmitter and receiver. In this paper, we focus on describing a solution to this problem, namely, the undesirable loss of privacy. Our main idea is to integrate address information with a conventional Message Authentication Code (MAC) and to replace both fields of the address and the MAC by an integrated code called the Address-embedded MAC (AMAC). Through detailed performance and security analysis of our scheme, we show that our AMAC scheme can guarantee privacy of a network while providing a provable security level with less overhead.

Minimizing wavelength conversion cost in WDM networks with a constrained blocking probability

Abstract: During the last two decades, wavelength conversion has received a considerable attention due to its strong influence on the blocking performance of wavelength-routed WDM networks. However, most of the related works focus on only one aspect of wavelength conversion, i.e., sparse or partial or limited wavelength conversion. Although these approaches outperform the full wavelength conversion, there has been no fair comparison among different approaches. Furthermore, it is still arguable which wavelength conversion scheme leads to the optimal performance of such networks. Recognizing these limitations, we advocate the use of sparse-partial-limited wavelength conversion (SPLWC) integrating all above approaches. In this paper, we consider a converter placement problem of minimizing the wavelength conversion cost (WCC) to meet the constraint on the blocking probability. We present a novel analytical model accounting for the two sources of call blocking in wavelength conversion: a range blocking from the limited conversion range of a wavelength converter; and a capacity blocking from the limited number of wavelength converters. We also present a sequential converter placement algorithm which can be applicable to any wavelength conversion schemes including SPLWC. From the numerical results, we demonstrate that the blocking performance of the analytical model closely matches with that of the simulation. We also show that SPLWC achieves an outstanding WCC performance compared with the existing approaches.

Enhancement of cell-based decentralized Key Management in vehicular communication networks

Abstract: Cell-based Decentralized Key Management (CDKM) was proposed to manage a group key for secure multicast in mobile cellular networks efficiently. It achieves better performance with less management overhead than other currently available schemes by dividing a group into the cell-based multiple subgroups and delegating key management functions to each base station governing each subgroup. However, room for improvement still remains in the subgroup size affecting the rekeying overhead directly. This paper proposes the enhanced CDKM which improves the rekeying performance through the reduction of the size of the subgroup, and adopts this scheme to group key management in vehicular communication networks. The proposed scheme further splits the cell-based subgroups into several segments, which is simple but very efficient way to reduce the rekeying overhead. We prove mathematically that the additional split enhances the performance, and show the proposed scheme can improve the rekeying performance by up to 15% over the original CDKM and by at least 80% over the existing schemes.