本論文提出一行動網路漫遊狀態下之使用者鑑別機制。隨著網際網路和無線通訊的蓬勃發展,使用者能透過行動裝置取得無線網路服務;又由於人類具有行動性之特質,因此產生在客網域需透過無線或行動裝置存取網路之需求,亦即所謂的漫遊。客網域鑑別使用者為其他合作網域合法使用者便成為維護行動網路安全和有效管理之非常重要議題。本論文有效運用智慧卡之低運算成本與方便可攜的特性,提出一個結合通行碼和智慧卡適用於客網域的身份鑑別機制。使用者可以匿名地在客網域登錄且同使用者不同次的登錄,其他人無法辨別,深層地確保個人隱私。此外,本論文的方法除了能夠達到在行動網路下的安全需求,也提供高效率的使用者通行碼驗證和離線更改通行碼功能,並且抵擋在行動網路環境下可能的攻擊。本論文方法相較於其他學者的方法在計算效能上也略勝一籌。 This research proposes an authentication mechanism for roaming users of mobile networks. Thanks to the rapid development of Internet and wireless communications, users can access to wireless Internet services through mobile devices. Since humans are mobile by nature, they may access Internet with their wireless or mobile devices via a foreign agent. This phenomenon is called roaming. Allowing foreign agents to identify legal users among other cooperating networks is thus an essential issue to keep mobile network security with effective management reachable. This research adopts smartcards due to their low computing costs and easy portability. In combination with passwords, a mechanism suitable for user authentication in foreign agents is established so that users may log into foreign agents anonymously. The same user may anonymously log in numerous times, and other parties are blocked from spying the user and thereby individual privacy is ensured. In addition, the method proposed in this research meets security requirements of mobile networks and provides functions such as highly efficient user password authentication and offline password changing. These features block possible security attacks that may occur in mobile networks. In comparison with methods presented by other researchers, the computational performance of the proposed method is superior.
