Basic Search / Detailed Display

Author: 王雋凱
Chun-Kai Wang
Thesis Title: 基於近場通訊技術且適用於IPTV個人化服務之使用者身分鑑別機制
NFC-based User Authentication Mechanisms for Personalized IPTV Services
Advisor: 羅乃維
Nai-Wei Lo
Committee: 吳宗成
Tzong-Chen Wu
Kuo-Hui Yeh
Degree: 碩士
Department: 管理學院 - 資訊管理系
Department of Information Management
Thesis Publication Year: 2015
Graduation Academic Year: 103
Language: 英文
Pages: 75
Keywords (in Chinese): 主機卡模擬近場通訊身分鑑別個人化服務網路協定電視
Keywords (in other languages): NFC, Authentication, Personalized Services, IPTV, HCE
Reference times: Clicks: 488Downloads: 7
School Collection Retrieve National Library Collection Retrieve Error Report

網路協定電視(Internet Protocol Television,IPTV)正在成為一個平台,改變我們獲取資訊與娛樂的方式,並可提供互動功能及個人化服務(Personalized Services)。儘管IPTV服務供應商能透過機上盒(Set-top Box,STB) 獨特的硬體識別碼,執行電視觀眾識別與身分鑑別來驅動個人化服務,但此基於機上盒之認證導致整個家庭成員皆取得相同的存取權限及服務,這表明與IPTV欲提供個人化服務的目標不一致。
隨著智慧型手機的普及且近場通訊(Near Field Communication,NFC)技術逐漸成為其標準配備,本文提出基於NFC手機之主機卡模擬(Host Card Emu-lation,HCE)技術的使用者身分鑑別機制,並設計兩套身分鑑別方案。第一個方案植基於金鑰雜湊訊息鑑別碼(Keyed-hash Message Authentication Code,HMAC),具有輕量化、低成本的優點;另一個則以數位簽章(Digital Signature)為基礎,此方案尤其適用於設計開放式服務的環境。經實驗與分析表明,本機制可滿足安全性需求並提供良好的系統易用性、可部署性及服務擴展性,適用於IPTV環境下的個人化服務,並易於部署至現有的IPTV系統。

Internet Protocol Television (IPTV) is becoming a platform that changes the way we obtain information and entertainment, and offers interactive features and person-alized services. Although IPTV service providers can perform TV viewer identifica-tion and authentication through a unique hardware identifier of the Set-top box (STB), it is based on STB-level identification leads to whole family members get the same access level and services. This indicates that existing authentication schemes are in-consistent with IPTV's main intent of providing personalized services.
Smartphones with NFC (Near Field Communication) capabilities have grown to become very popular over the years. The NFC-based user authentication mechanisms by using HCE (Host Card Emulation) technology, and two authentication schemes are presented in this thesis. The first is the HMAC-based authentication scheme with lightweight operations and relatively low cost. The second is the Digital Signa-ture-based authentication scheme that it particularly applies to design open IPTV ser-vices. In this thesis, the experiments and analysis show that the proposed mechanisms can meet the security requirements and provide great system usability, deployability and service scalability for personalized IPTV services. The proposed mechanisms are suitable for personalized IPTV services and able to be easily deployed onto current IPTV systems.

中文摘要 I Abstract II 誌謝 III Contents IV List of Figures VI List of Tables VII Chapter 1 Introduction 1 Chapter 2 Related Work 4 2.1 Viewer Identification Systems for IPTV 4 2.2 Near Field Communication 8 2.2.1 Host Card Emulation 9 Chapter 3 Proposed Mechanisms 12 3.1 Overview 12 3.2 Notations 15 3.3 HMAC-based Authentication Scheme 17 3.3.1 Registration Phase 17 3.3.2 Authentication Phase 20 3.3.3 Key Update Phase 25 3.4 Digital Signature-based Authentication Scheme 28 3.4.1 Registration Phase 28 3.4.2 Authentication Phase 31 3.4.3 Key Update Phase 36 Chapter 4 Security and Performance Analysis 39 4.1 Security Analysis 39 4.1.1 Trust Boundary and Assumptions 39 4.1.2 Analysis of the proposed authentication protocols 40 4.2 Performance Analysis 43 4.2.1 Prototype Implementation 43 4.2.2 Analysis of two proposed schemes 45 Chapter 5 Discussion and Comparison 50 5.1 Usability and Deployability 50 5.2 Service Scalability 51 5.3 Comparison of the Proposed Schemes 53 5.4 Comparison with Existing Solutions 56 Chapter 6 Conclusion 59 References 60

[1] G. Agarwal and S. Singh, “A Comparison between Public Key Authority and Certification Authority for Distribution of Public Key,” International Journal of Computer Science and Information Technologies, vol. 1, no. 5, pp. 332–336, 2010.
[2] S. C. Kim, S. S. Yeo, and S. K. Kim, “A Hybrid User Authentication Protocol for Mobile IPTV Service,” Multimedia tools and applications, vol. 65, no. 2, pp. 283–296, May 2011.
[3] R. Want, “An Introduction to RFID Technology,” IEEE Pervasive Computing, vol. 5, no. 1, pp. 25–33, Jan. 2006.
[4] J. H. Cho, J. Kim, J. W. Kim, K. Lee, K. D. Aim, and S. Kim, “An NFC Trans-ceiver with RF-powered RFID Transponder Mode,” in Solid-State Circuits Con-ference, 2007. ASSCC ’07. IEEE Asian, 2007, pp. 172–175.
[5] C. Bisdikian, “An Overview of the Bluetooth Wireless Technology,” IEEE Communications Magazine, vol. 39, no. 12, pp. 86–94, Dec. 2001.
[6] R. Bambini, P. Cremonesi, and R. Turrin, “A Recommender System for an IPTV Service Provider: a Real Large-Scale Production Environment,” in Recommender Systems Handbook, F. Ricci, L. Rokach, B. Shapira, and P. B. Kantor, Eds. Springer US, 2011, pp. 299–331.
[7] V. Coskun, B. Ozdenizci, and K. Ok, “A Survey on Near Field Communication (NFC) Technology,” Wireless Pers Commun, vol. 71, no. 3, pp. 2259–2294, Dec. 2012.
[8] H. Lee, W. C. Hong, C. H. Kao, and C. M. Cheng, “A User-Friendly Authenti-cation Solution using NFC Card Emulation on Android,” in 2014 IEEE 7th In-ternational Conference on Service-Oriented Computing and Applications (SOCA), 2014, pp. 271–278.
[9] H. L. Wang, J. G. Wang, and W. Y. Yau, “Automated Age Regression for Per-sonalized IPTV Services,” in 2010 IEEE International Conference on Multimedia and Expo (ICME), 2010, pp. 1333–1336.
[10] I. Krevatin, “Biometric Recognition in Telecom Environment,” in 2010 14th In-ternational Conference on Intelligence in Next Generation Networks (ICIN), 2010, pp. 1–6.
[11] A. G. Foina, J. Ramirez-Fernandez, and R. M. Badia, “Cell BE and Bluetooth applied to Digital TV,” in 2010 IEEE Network Operations and Management Symposium (NOMS), 2010, pp. 825–828.
[12] R. Jana, Y. F. Chen, D. C. Gibbon, Y. Huang, S. Jora, J. Murray, and B. Wei, “Clicker - An IPTV Remote Control in Your Cell Phone,” in 2007 IEEE Interna-tional Conference on Multimedia and Expo, 2007, pp. 1055–1058.
[13] P. Urien, “Cloud of Secure Elements: An Infrastructure for the Trust of Mobile NFC Services,” in 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), 2014, pp. 213–218.
[14] K. H. Lin, D. H. Shiue, Y. S. Chiu, W. H. Tsai, F. J. Jang, and J. S. Chen, “De-sign and Implementation of Face Recognition-aided IPTV Adaptive Group Recommendation System based on NLMS Algorithm,” in 2012 International Symposium on Communications and Information Technologies (ISCIT), 2012, pp. 626–631.
[15] J. Lyu, S. Pyo, J. Lim, M. Kim, S. Lim, and S. Kim, “Design of Open APIs for Personalized IPTV Service,” in The 9th International Conference on Advanced Communication Technology, 2007, vol. 1, pp. 305–310.
[16] M. Alattar and M. Achemlal, “Host-based Card Emulation: Development, Secu-rity, and Ecosystem Impact Analysis,” in 2014 IEEE Intl Conf on High Perfor-mance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyber-space Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS), 2014, pp. 506–509.
[17] K. Chang, J. Hightower, and B. Kveton, “Inferring Identity using Accelerome-ters in Television Remote Controls,” in Pervasive Computing, H. Tokuda, M. Beigl, A. Friday, A. J. B. Brush, and Y. Tobe, Eds. Springer Berlin Heidelberg, 2009, pp. 151–167.
[18] S. Zeadally, H. Moustafa, and F. Siddiqui, “Internet Protocol Television (IPTV): Architecture, Trends, and Challenges,” IEEE Systems Journal, vol. 5, no. 4, pp. 518–527, Dec. 2011.
[19] Z. Liu, B. Wei, and H. Yu, “IPTV, Towards Seamless Infotainment,” in 6th IEEE Consumer Communications and Networking Conference, 2009. CCNC 2009, 2009, pp. 1–5.
[20] M. Bellare, R. Canetti, and H. Krawczyk, “Keying Hash Functions for Message Authentication,” in Advances in Cryptology — CRYPTO ’96, N. Koblitz, Ed. Springer Berlin Heidelberg, 1996, pp. 1–15.
[21] S. Park and S. H. Jeong, “Mobile IPTV: Approaches, Challenges, Standards, and QoS Support,” IEEE Internet Computing, vol. 13, no. 3, pp. 23–31, May 2009.
[22] R. Want, “Near Field Communication,” IEEE Pervasive Computing, vol. 10, no. 3, pp. 4–7, Jul. 2011.
[23] N. Saparkhojayev, A. Dauitbayeva, A. Nurtayev, and G. Baimenshina, “NFC-enabled Access Control and Management System,” in 2014 International Conference on Web and Open Access to Learning (ICWOAL), 2014, pp. 1–4.
[24] A. Andersen, R. Karlsen, and A. Munch-Ellingsen, “NFC Provided User Friend-liness for Technologically Advanced Services,” in Human Interface and the Management of Information. Information and Interaction for Health, Safety, Mo-bility and Complex Environments, S. Yamamoto, Ed. Springer Berlin Heidelberg, 2013, pp. 337–346.
[25] S. Shirali-Shahreza, H. Sameti, and M. Shirali-Shahreza, “Parental Control based on Speaker Class Verification,” IEEE Transactions on Consumer Electronics, vol. 54, no. 3, pp. 1244–1251, Aug. 2008.
[26] R. Morris and K. Thompson, “Password Security: A Case History,” Commun. ACM, vol. 22, no. 11, pp. 594–597, Nov. 1979.
[27] J. H. Choi, J. Jeok, S. Y. Lim, H. C. Kim, H. K. Lee, and J. W. Hong, “Personal-ized Data Broadcasting Service based on TV-Anytime Metadata,” in IEEE In-ternational Symposium on Consumer Electronics, 2007. ISCE 2007, 2007, pp. 1–6.
[28] M. C. Hwang, L. T. Ha, N. H. Kim, C. S. Park, and S. J. Ko, “Person Identifica-tion System for Future Digital TV with Intelligence,” IEEE Transactions on Consumer Electronics, vol. 53, no. 1, pp. 218–226, Feb. 2007.
[29] M. Reveilhac and M. Pasquet, “Promising Secure Element Alternatives for NFC Technology,” in First International Workshop on Near Field Communication, 2009. NFC ’09, 2009, pp. 75–80.
[30] T. Jiang, Y. Hou, and S. Zheng, “Secure Communication between Set-top Box and Smart Card in DTV Broadcasting,” IEEE Transactions on Consumer Elec-tronics, vol. 50, no. 3, pp. 882–886, Aug. 2004.
[31] S. K. Panigrahy, S. K. Jena, and A. K. Turuk, “Security in Bluetooth, RFID and Wireless Sensor Networks,” in Proceedings of the 2011 International Conference on Communication, Computing & Security, pp. 628–633.
[32] E. Haselsteiner and K. Breitfuß, “Security in Near Field Communication (NFC),” in Workshop on RFID security, 2006, pp. 12–14.
[33] S. H. Lee, M. K. Sohn, D. J. Kim, B. Kim, and H. Kim, “Smart TV Interaction System using Face and Hand Gesture Recognition,” in 2013 IEEE International Conference on Consumer Electronics (ICCE), 2013, pp. 173–174.
[34] B. Veselinovska, M. Gusev, and T. Janevski, “State of the Art in IPTV,” in 2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), 2014, pp. 479–484.
[35] R. van Brandenburg, H. van den Berg, M. O. van Deventer, and I. M. Schenk, “Towards Multi-user Personalized TV Services, Introducing combined RFID Digest Authentication,” Graduate Thesis TNO+ University Twente, vol. 10, 2009.
[36] A. Munch-Ellingsen, R. Karlsen, A. Andersen, and S. Akselsen, “Two-factor Authentication for Android Host Card Emulated Contactless Cards,” in 2015 First Conference on Mobile and Secure Services (MOBISECSERV), 2015, pp. 1–6.
[37] Y.-K. Park, S.-H. Lim, O. Yi, S. Lee, and S.H. Kim, “User Authentication Mechanism using Java Card for Personalized IPTV Services,” in International Conference on Convergence and Hybrid Information Technology, 2008. ICHIT ’08, 2008, pp. 618–626.
[38] T. Silva, J. F. de Abreu, O. Pacheco, and P. Almeida, “User Identification: A Key Factor for Elderly Viewers to Benefit from Interactive Television Services,” in ENTERprise Information Systems, M. M. Cruz-Cunha, J. Varajão, P. Powell, and R. Martinho, Eds. Springer Berlin Heidelberg, 2011, pp. 40–48.
[39] T. Mlakar, J. Zaletelj, and J. F. Tasic, “Viewer Authentication for Personalized iTV Services,” in Eighth International Workshop on Image Analysis for Multime-dia Interactive Services, 2007. WIAMIS ’07, 2007, pp. 63–63.
[40] H. Jabbar, T. Jeong, J. Hwang, and G. Park, “Viewer Identification and Authen-tication in IPTV using RFID Technique,” IEEE Transactions on Consumer Elec-tronics, vol. 54, no. 1, pp. 105–109, Feb. 2008.