首页    期刊浏览 2024年12月02日 星期一
登录注册

文章基本信息

  • 标题:Automatic Security Assessment for Next Generation Wireless Mobile Networks
  • 本地全文:下载
  • 作者:Francesco Palmieri ; Ugo Fiore ; Aniello Castiglione
  • 期刊名称:Mobile Information Systems
  • 印刷版ISSN:1574-017X
  • 出版年度:2011
  • 卷号:7
  • 期号:3
  • 页码:217-239
  • DOI:10.1155/2011/404328
  • 出版社:Hindawi Publishing Corporation
  • 摘要:

    Wireless networks are more and more popular in our life, but their increasing pervasiveness and widespread coverage raises serious security concerns. Mobile client devices potentially migrate, usually passing through very light access control policies, between numerous and heterogeneous wireless environments, bringing with them software vulnerabilities as well as possibly malicious code. To cope with these new security threats the paper proposes a new active third party authentication, authorization and security assessment strategy in which, once a device enters a new Wi-Fi environment, it is subjected to analysis by the infrastructure, and if it is found to be dangerously insecure, it is immediately taken out from the network and denied further access until its vulnerabilities have been fixed. The security assessment module, that is the fundamental component of the aforementioned strategy, takes advantage from a reliable knowledge base containing semantically-rich information about the mobile node under examination, dynamically provided by network mapping and configuration assessment facilities. It implements a fully automatic security analysis framework, based on AHP, which has been conceived to be flexible and customizable, to provide automated support for real-time execution of complex security/risk evaluation tasks which depends on the results obtained from different kind of analysis tools and methodologies. Encouraging results have been achieved utilizing a proof-of-concept model based on current technology and standard open-source networking tools.

  • 关键词:Dynamic access control; active networks; analytic hierarchy process; multiple criteria decision analysis; nomadic; computing; security audit; security assessment; ubiquitous networking
国家哲学社会科学文献中心版权所有