WLAN 802.11/11b数据加密机制的安全分析

在802.11标准中的加密采用WEP协议，用于提供链路层数据传输的安全保护。目前，在原有EP的基础上提出了一些改进方案，能提高WEP的安全性能，但理论上缺少严密的安全分析。笔者通过数学模型对这些解决方案以及原有WEP协议进行量化分析，推导出机制内各模块与整个安全机制间安全性能的对应函数关系，并比较了这些方案间安全性能的差异，证明这些安全机制可以提高原有WEP的安全性能，在理论上为用户提供如何构造满足所需安全性能的WLAN数据加密增强机制。     

浅谈WLAN无线网络的安全策略

由于技术上的不完善性，WLAN网络更容易受到病毒的入侵，且由于不需要电脑联网，WLAN网络的攻击者只要在中继器或无线路由器的有效范围内，就可以对相关网络进行攻击，所以WLAN网络的全球性比较差，本文结合WLAN网络安全防护管理实际，对WLAN无线网络的安全策略进行了研究，希望本文的研究可以为我国WLAN网络的发展作出贡献。     

无线接入点WAPI认证机制的研究与实现

随着无线局域网技术的广泛应用，新的无线局域网安全标准被提出以增强无线局域网的安全性能。在分析WAPI(WLAN Authentication and Privacy Infrastructure)标准的技术特征和基本架构的基础上，介绍了无线接入点对WAPI认证机制的实现机理和具体流程，并对WAPI认证机制的性能进行测试分析。     

WLAN安全技术及安全防范措施

详细介绍WLAN安全技术和安全防范措施,以保护WLAN中传输的数据的安全性和数据的完整性。     

WLAN一体化安全简析

对WLAN系统的安全系统进行简析,参考802.11系列规范,分析中国推出的WAPI安全标准进行分析。研究WLAN安全系统的发展方向。     

无线局域网安全策略研究

文章介绍了无线局域网的安全风险和安全需求,分析了IEEE802．11b标准采用的WEP方案及其安全漏洞,并进一步分析了WEP改进方案WEP2、WEP密钥散列、提供集中认证和动态密钥分发功能的EAP／802．1X、四次握手协议以及基于IPSec标准的安全方案,并提出WLAN安全方案实施策略。     

校园无线局域网方案设计

着重介绍如何组建WLAN无线网络,无线局域网的基本组成构架和设备,并对WLAN无线网络的安全管理进行探讨。     

本钢企业无线局域网浅谈

本文介绍了如何在本钢内部简单组建WLAN无线网络,浅谈了无线局域网在本钢应用的前景以及无线局域网的基本组成背景和构架,组建WLAN无线网络所需的软硬件和无线局域网在企业中的发展和应用,叙述组建WLAN无线网络所必须的相关知识和要点。简述无线网络的安全问题和解决方案。并讲述了在根据要求和规划选择组网方案。     

浅谈WiFi-3G互通组网相关问题

主要从网络组织、认证机制、漫游机制等方面分析WLAN与3GPP网络的组网互操作机制。     

基于多关联模型的软件定义高密WLAN EDCA机制的吞吐量优化

为了提高IEEE 802.11e增强分布式信道接入(EDCA)机制在高密场景下的全局吞吐量,研究了基于多关联模型的软件定义WLAN系统和无线接入点(AP)关联算法。首先扩展了软件定义WLAN架构,使之在不改变终端协议的基础上支持多关联,实现将同一终端的不同类型数据流由不同的AP进行传输。其次,考虑高密场景空口时间和链路速率特性,提出了快速分配算法,将算法的时间复杂度由2N简化到logN。最后实现了该机制并对其进行了验证,结果发现采用多关联模型的分配机制能明显提高EDCA机制下的全局带宽,相对于传统的单AP策略,全局带宽最高能提升48%;相对于高密AP全启用策略,全局带宽最高能提升35%。     

基于接入控制器模式的公共无线局域网安全体系设计

公共无线局域网面临网络安全、用户数据保护、身份认证、移动管理及网络服务等多方面的挑战。将现有的公共无线局域网分为WISP—owned,Operator—owned以及for Enterprise 3种类型,并分别讨论了各种类型的特征及其架构。在此基础上提出一种基于接入控制器模式的通用安全体系,可应用于目前大多数类型的公共无线局域网。提出了一种802．1X和Web认证的混合型认证协议,该协议在进行Web认证时将利用802．1X协商后产生的密钥进行,可有效地抵抗窃取服务、基站伪装、消息窃听等攻击,并与现有公共无线局域网Web认证相兼容。     

A Blockchain-Based Authentication Protocol for WLAN Mesh Security Access

In order to deploy a secure WLAN mesh network, authentication of both users and APs is needed, and a secure authentication mechanism should be employed. However, some additional configurations of trusted third party agencies are still needed on-site to deploy a secure authentication system. This paper proposes a new block chain-based authentication protocol for WLAN mesh security access, to reduce the deployment costs and resolve the issues of requiring key delivery and central server during IEEE 802.11X authentication. This method takes the user’s authentication request as a transaction, considers all the authentication records in the mesh network as the public ledger and realizes the effective monitoring of the malicious attack. Finally, this paper analyzes the security of the protocol in detail, and proves that the new method can solve the dependence of the authentication node on PKI and CA.     

802.11i认证协议可验安全性形式化分析

IEEE 802.11标准组提出了802.11i标准以增强无线局域网的安全性能。在802.11i标准中采用了802.1X标准实现无线局域网用户的认证和接入控制过程。针对802.1X认证协议的三方交互结构提出一种扩展Bellare-Rogaway模型,对802.11i认证和密钥交换机制进行可验安全性分析。通过分析,证明802.11i认证协议存在缺陷并给出了相应的中间人攻击方法。     

电动汽车充电对电网安全风险影响及管控措施研究

随着政府的重点扶持和政策激励,电动汽车市场蓬勃发展,这极大地刺激了电动汽车充换电设施的建设运营,对电网运行检修的安全带来较大影响。通过介绍电动汽车充电对电网的安全风险影响因素,识别影响因素和仿真模拟,分析了电动汽车充电和放电对配网的影响,并对安全风险影响进行评估,最后在电动汽车的规划、建设、运维、自建自管等方面做出安全风险管控措施建议。     

A multi-attribute Systemic Risk Index for comparing and prioritizing chemical industrial areas

Measures taken to decrease interdependent risks within chemical industrial areas should be based on quantitative data from a holistic (cluster-based) point of view. Therefore, this paper examines the typology of networks representing industrial areas to formulate recommendations to more effectively protect a chemical cluster against existing systemic risks. Chemical industrial areas are modeled as two distinct complex networks and are prioritized by computing two sub-indices with respect to existing systemic safety and security risks (using Domino Danger Units) and supply chain risks (using units from an ordinal expert scale). Subsequently, a Systemic Risk Index for the industrial area is determined employing the Borda algorithm, whereby the systemic risk index considers both a safety and security network risk index and a supply chain network risk index. The developed method allows decreasing systemic risks within chemical industrial areas from a holistic (inter-organizational and/or inter-cluster) perspective. An illustrative example is given.     

Managing Security-Risks for Improving Security-Durability of Institutional Web-Applications: Design Perspective

The advanced technological need, exacerbated by the flexible time constraints, leads to several more design level unexplored vulnerabilities. Security is an extremely vital component in software development; we must take charge of security and therefore analysis of software security risk assumes utmost significance. In order to handle the cyber-security risk of the web application and protect individuals, information and properties effectively, one must consider what needs to be secured, what are the perceived threats and the protection of assets. Security preparation plans, implements, tracks, updates and consistently develops safety risk management activities. Risk management must be interpreted as the major component for tackling security efficiently. In particular, during application development, security is considered as an add-on but not the main issue. It is important for the researchers to stress on the consideration of protection right from the earlier developmental stages of the software. This approach will help in designing software which can itself combat threats and does not depend on external security programs. Therefore, it is essential to evaluate the impact of security risks during software design. In this paper the researchers have used the hybrid Fuzzy AHP-TOPSIS method to evaluate the risks for improving security durability of different Institutional Web Applications. In addition, the e-component of security risk is measured on software durability, and vice versa. The paper’s findings will prove to be valuable for enhancing the security durability of different web applications.     

Trustworthiness Evaluation for Permissioned Blockchain-Enabled Applications

As permissioned blockchain becomes a common foundation of blockchain-based circumstances for current organizations, related stakeholders need a means to assess the trustworthiness of the applications involved within. It is extremely important to consider the potential impact brought by the Blockchain technology in terms of security and privacy. Therefore, this study proposes a rigorous security risk management framework for permissioned blockchain-enabled applications. The framework divides itself into different implementation domains, i.e., organization security, application security, consensus mechanism security, node management and network security, host security and perimeter security, and simultaneously provides guidelines to control the security risks of permissioned blockchain applications with respect to these security domains. In addition, a case study, including a security testing and risk evaluation on each stack of a specific organization, is demonstrated as an implementation instruction of our proposed risk management framework. According to the best of our knowledge, this study is one of the pioneer researches that provide a means to evaluate the security risks of permissioned blockchain applications from a holistic point of view. If users can trust the applications that adopted this framework, this study can contribute to the adoption of permissioned blockchain-enabled technologies. Furthermore, application providers can use the framework to perform gap analysis on their existing systems and controls and understand the risks of their applications.