A Scalable Authentication Framework for Fast Remote Roaming with Hierarchical Caching

계층적 캐슁을 이용해 로밍 확장성을 높인 인증 프레임워크

  • 이희진 (서울대학교 전기 컴퓨터공학부) ;
  • 송유경 (서울대학교 전기 컴퓨터공학부) ;
  • 이명수 (KT 정보보호단) ;
  • 김종권 (서울대학교 전기 컴퓨터공학부)
  • Published : 2005.10.01

Abstract

As the demand on ubiquitous communication increases, global roaming and vertical handover will be prevailing in the near future. Since this environment is accompanied by the frequent handovers at remote sites, a scalable and fast authentication becomes prerequisite for ubiquitous communication. In this paper, we suggest a framework for scalable and fast authentication, using hierarchical caching based on general trust relationship among domains. At the end, we show that the proposed scheme achieves reduced authentication delay and network overhead through an analytic method with fluid flow model.

국제 로밍 및 이기종 망간 핸드오버가 활성화된 환경에서 사용자에게 부드러운 통신 서비스를 지원하기 위해서는 보다 빠르고 확장성이 뛰어난 인증 기법이 필요하다 본 논문은 빠른 로밍을 지원하기 위한 확장성 높은 인증 프레임워크에 관한 것으로, 직간접적으로 구성된 도메인간의 일반적인 신뢰 관계를 바탕으로 계층적 캐슁을 구성한다. 계층적 인증 캐슁을 이용할 경우 확장성을 보장함은 물론 인증 지연 및 인증으로 인한 망의 부하를 줄일 수 있으며, 이를 수학적으로 분석하였다.

Keywords

References

  1. Rigney, C. et al., 'Remote Authentication Dial In User Services(RADIUS),' IETF RFC 2138, 1997
  2. Calhoun, P. et al., 'Diameter Base Protocol,' IETF RFC3588, 2003
  3. Arkko, J. and Haverinen, H., 'EAP AKA Authentication,' Internet draft, dratt-arkko-pppext-eap-aka-12, Apr. 2004
  4. Haverinen, H., 'EAP SIM Authentication,' Internet draft, draft-haverinen-pppext-eap-sim-13, Apr. 2004
  5. Microsoft, .Net Passport. http://www.microsoft.com/net/ services/passport/
  6. Fumiko Satoh, Takayuki Itoh, 'Single Sign On Architecture with Dynamic Tokens,' SAINT, 2004 https://doi.org/10.1109/SAINT.2004.1266116
  7. B. Yao and W. K. Fuchs, 'Proxy-based Recovery for Applications on Wireless Hand-held Devices'. In Proc. 19th IEEE Symposium on Reliable Distributed Systems SRDS'00), October 16- 18, 2000, pp. 2.10 https://doi.org/10.1109/RELDI.2000.885387
  8. B. Yao and W.K. Fuchs. 'Recovery Proxy for Wireless Application'. In Proc. 12th International Symposium on Software Reliability Engineering (ISSRE 2001), IEEE, pp. 112-119, 2001
  9. Kohl, J. and Neuman, C., 'The Kerberos Network Authentication Service (V5),' RFC 1510, 1993
  10. 3GPP, http://www.3gpp.org
  11. Salkintzis and Apostolis K., 'Interworking Techniques and Architecture for WLAN/3G Integration Toward 4G Mobile Data Networks,' IEEE Wireless Communications, 2004 https://doi.org/10.1109/MWC.2004.1308950
  12. B. Anton and B. Bullock and J. Short, 'Best Current Practices for Wireless Internet Service Provider(WISP) Roaming,' Wi-Fi Alliance - Wireless ISP Roaming(WISPr), Ver. 1.0, February 2003
  13. M. Long and C.-H. Wu, and J.D. Irwin, 'Localized authentication for inter-network roaming across wireless LANs,' IEE Proceedings-Commun., Vol.151, No.5, October 2004
  14. Michael Hecker and Peter Leijdekkers and Valerie Gay, 'A Testbed For Ubiquitous Computing Using Next Generation Mobile Networks,' CollECTeR 2004
  15. Fumiko Satoh and Takayuki Itoh, 'Single Sign On Architecture with Dynamic Tokens,' SAINT, 2004 https://doi.org/10.1109/SAINT.2004.1266116
  16. M.S. Bargh, R.J. Hulsebosch, E.H. Eertink, A. Prasad, H. Wang, and P. Schoo, 'Fast Authentication Methods for Handovers between IEEE 802.11 Wireless LANs,' WMASH, 2004 https://doi.org/10.1145/1024733.1024741
  17. Samar Vipin, 'Single Sign-On Using Cookies for Web Applications,' WETICE, 1999
  18. Mohan, S. and Jain, R., 'Two user location strategies for personal communications services,' IEEE Pers. Comm. Vol. 1, No.1, pp. 42-50, 1/4, 1994 https://doi.org/10.1109/98.295359
  19. Woo, M., 'Performance analysis of 'Mobile IP Regional Registration,' IEICE Trans. Comm., Vol. E86-B, No.2, Feb. 2003