TY - JOUR TI - An IBC and certificate based hybrid approach to WIMAX security DO - https://doi.org/doi:10.7282/T3KK9BV0 PY - 2010 AB - WiMAX is a promising technology that provides high data throughput with low delays for various user types and modes of operation. These advantages make WiMAX applicable both for infrastructure purposes and end-client usage. Since WiMAX is presented as a network framework and a last-mile technology, it is believed to be capable of handling a wide range of usage scenarios. For example, while the end users have an opportunity to use WiMAX as the primary connection medium for acquiring services such as on-demand video streaming, VoIP connections and mobile bank transactions, the service providers may use it for data relaying purposes among access points. To meet the technical requirements of these various scenarios, majority of the WiMAX research has been conducted on physical and MAC layers; however little has been invested in a comprehensive and efficient security solution, which has resulted in a wide range of security weaknesses and reactive solutions. Many security problems remain to be addressed in different modes and for different user types even in the final security standard of WiMAX, PKMv2. In this thesis, we present a hybrid security solution combining Identity-Based Cryptography (IBC) and certificate based approaches to overcome the existing security problems of WiMAX without degrading service quality. IBC has potential benefits that can provide enhancements to the overall security and efficiency of the security standard. One such enhancement is combining user identity with the public key and therefore eliminating the public key distribution load from the network. However, IBC has a few caveats, such as the necessity of a secure medium to distribute private keys. To compensate for these disadvantages, in this study, IBC is combined with certificate-based security. As a result, the benefits of IBC are maintained while the disadvantages are eliminated. Using the hybrid approach, this study also aims to clarify the key revocation procedures and key lifetimes of WiMAX. To achieve this goal, key renewal intervals are examined and corresponding lifetimes are assigned to the credentials missing in both PKMv2 and PKMv1. Additionally, the key distribution procedures are investigated and a pattern is provided with the message exchange details. To be able to correctly assess the efficiency of this approach, a new mobility model is defined in the evaluation chapter of this thesis. Based on this model, the analysis has shown that our hybrid solution that combines IBC and the certified based security scheme results in a significant bandwidth improvement over the standard’s approach, PKMv2. This work is the first study that unites the advantages of both IBC and the certified-based security scheme for improved security while maintaining low overhead for WiMAX. KW - Electrical and Computer Engineering KW - IEEE 802.16 (Standard) KW - IEEE 802.16 (Standard)--Computer networks--Security measures LA - eng ER -