Home > Research > Projects

 

DEVELOPMENT OF AN AUTHENTICATION AND ACCESS CONTROL SOLUTION FOR MOBILE DEVICES IN VIRTUAL PRODUCT AND MANUFACTURING ENVIRONMENTS
Institute of Graphic Interfaces (IGI), Korea, 2008.01-2008.06 (6 months).

Introduction

In the area of virtual product and manufacturing environments, the protection of sensitive information including technical data (e.g. construction plans, simulation results) as well as business related documents (e.g. strategy papers, business plans, schedules, minutes of executive meetings, internal progress reports, proposals) is of outmost importance for the commercial success of a company, since quite a huge amount of manpower and expertise had to be invested into the creation of these data and these documents contain a lot of valuable information about future products or plans.

Two foremost important security services for the protection of such sensitive information are user authentication and access control. Motivated from the fact that, existing authentication and access control approaches are not quite applicable and flexible for manufacturing environments, we are focusing on design and develop a new security model with key components are user authentication and access control. Meanwhile, other components are also provided including a confidentiality module, a integrity module, and a key management module. 

Scopes

We have a very typical enterprise scenario at hand. Companys information is stored on its servers and we need to give employees the access to information in secure manner. Considering a simple scenario, we will have an office and site environment, where the employees will be able to move from one place to another in order to fulfill the requirements of their jobs. They will have PDA or other wireless devices connected to the server through local LAN. They will be able to view, update or even delete information on the server according to the access rights assigned to them. Sample scenario is shown in Fig. 1. Providing security in wireless LANs has its own challenges. When we talk about security, we have to protect the data up to a point, where it becomes infeasible for the attacker to attack. The existing standard of 802.11 Wireless LANs security is relatively new and has many shortcomings, which we will discuss in detail in Section 8. In this work, we propose a Lightweight, Secure, Flexible Access control (uSFA) framework for mobile devices, which provides security services like, authentication, access control, key management, confidentiality and integrity.


Fig.1 Sample Scenario

Proposed Framework

We aim to provide a basic but dispensable security services in a ubiquitous manufacturing domain. Our proposed system provides end-to-end, secure, and flexible access from different types of users to technical information. Our security system involves authentication, access control, confidentiality, integrity, and key management scheme. These components are constructed on the foundation of a lightweight cryptography library (encryption/decryption scheme). The system architecture is depicted in Fig. 2.


Fig. 2 The proposed SFA Framework

 

top

 

 

 

 
   


     Webmaster: Le Xuan Hung
     Last Updated:  August 10, 2009
     Best view: 1024x768

2008 Ubiquitous Security Team
Department of Computer Engineering, Kyung Hee University,
Sochen-dong, Giheung-ku, Yogin-si, Gyeonggi-do, 449-701, Suwon, Korea
Tel (82)-31-201-3713