In this paper, we propose an area-oriented authentication framework, which aims to provide a light-weight first authentication by reducing the complexity in acquiring and maintaining many different reference vectors as in the traditional one-by-one authentication framework. Under the proposed framework, we first derive the missing detection probability and the false alarm probability, respectively. Then we quantitatively evaluate the average risks that a spoofer is successfully detected or a legitimate user is falsely alarmed, at any position in a certain area. And correspondingly three kinds of areas are defined as the clear area where the spoofers prefer not to attack, the danger area where the spoofers have pretty high probabilities to attack successfully, and the warning area where the legitimate users are much likely to be falsely reported as attackers. These results depict the security situation distribution of a region, and provide useful insights for network operators to take proper following strategies. Finally, simulations are given to verify our analytical derivations and show the impacts of system parameters.

在本文中，我们提出了一种面向区域的身份验证框架，该框架旨在通过像传统的一对一身份验证框架中一样，通过降低获取和维护许多不同参考向量的复杂性来提供轻量级的第一身份验证。在提出的框架下，我们首先分别得出丢失的检测概率和虚警概率。然后，我们定量评估在某个区域中任何位置成功检测到踩踏者或错误警告合法用户的平均风险。相应地，将三种类型的区域定义为：泄洪者不喜欢攻击的净空区域，泄洪者具有相当高的成功攻击概率的危险区域，以及警告区域，合法用户很可能被错误地报告为攻击者。这些结果描述了区域的安全状况分布，并为网络运营商采取适当的跟踪策略提供了有用的见解。最后，通过仿真来验证我们的分析推导并显示系统参数的影响。