• Title/Summary/Keyword: Secure Handoff

Search Result 25, Processing Time 0.025 seconds

Secure Pre-authentication Schemes for Fast Handoff in Proxy Mobile IPv6

  • Baek, Jaejong
    • Journal of information and communication convergence engineering
    • /
    • v.14 no.2
    • /
    • pp.89-96
    • /
    • 2016
  • In mobile communication, there are various types of handoff for the support of all forms of mobility. Proxy mobile IPv6 (PMIPv6) enables local network-based mobility management of a mobile node without any effect of mobility-related signaling. Recently, PMIPv6 has been considered for supporting mobility management in LTE/SAE-based mobile networks. To support seamless mobility in heterogeneous mobile networks, the overall cost of handoffs needs to be minimized and the procedure should be guaranteed to be secure. However, the reduction of the authentication cost has not been fully investigated to provide seamless connectivity when mobile users perform a handoff between the PMIPv6 domains. This paper proposes secure pre-authentication schemes, completing an authentication procedure before performing a handoff, for a fast handoff in PMIPv6. Analytic models have been used for measuring the authentication latency and for the overhead cost analysis. In addition to providing fast authentication, the proposed pre-authentication schemes can prevent threats such as replay attacks and key exposure.

A Study on Improvement of Mechanism for Secure Handoff in Wireless Networks (무선랜 환경에서 안전한 핸드오프를 위한 메커니즘 개선에 관한 연구)

  • Cho, Ji-Hoon;Jeon, Joon-Hyeon
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.30 no.11A
    • /
    • pp.1047-1055
    • /
    • 2005
  • One of major characteristics in wireless LAN is terminal's frequent mobility, so it makes many overheads in the process of authentications repeatedly at each handoffs. So I propose IAPP(Inter Access Point Protocol) of IEEE 802.11f, modified context block and 4 way handshake of IEEE 802.11i, in order to implement secure and rapid handoff. The context block. I proposed, doesn't makes any communication with RADIUS server at handoff period. Therefore, it guarantee higher efficiency than existing handoff mechanisms. Also it can improve security vulnerability by padding authentication field in the context block for providing in advance against Replay and DoS(Denial of Service) attacks.

Fast and Secure Handoff Mechanism for IEEE 802.11i System (IEEE 802.11i 환경에서 신속하고 보안성 있는 핸드오프 메커니즘)

  • Park, Jae-Sung;Lim, Yu-Jin
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.11 s.353
    • /
    • pp.159-167
    • /
    • 2006
  • IEEE 802.11i standard specifies full authentication and preauthentication for secure handoff in 802.11 wireless LAN (WLAN). However, the full authentication is too slow to provide seamless services for handoff users, and preauthentication may fail in highly populated WLAN where it is highly probable that the cache entry of a preauthenticated user is evicted by other users before handoff. In this paper, we propose a fast and secure handoff scheme by reducing authentication and key management delay in the handoff process. When a user handoffs, security context established between the user and the previous access point (AP) is forwarded from the previous AP to the current AP, and the session key is reused before the handoff session terminates. The freshness of session key is maintained by regenerating session keys after handoff session is terminated. The proposed scheme can achieve considerable reduction in handoff delay with providing the same security level as 802.1X authentication by letting an AP authenticate a handoff user before making an robust security network association (RSNA) with it.

The Design of IAPP Server for Secure Handoff of wireless LAN Terminal (무선랜 단말의 안전한 핸드오프를 위한 Diameter IAPP서버의 설계)

  • 함영환;정병호;정교일;서창호
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.28 no.12C
    • /
    • pp.1258-1267
    • /
    • 2003
  • As the need for stable and high speed wireless Internet service Brows, the wireless LAN service provider hurries to preempt wireless LAN service market. IAPP(InterAccess Point protocol) is defined to be able to provide a secure handoff mechanism of wireless LAN terminal information between AP(Access Point)s, and the related IEEE standard is IEEE 802.11f. For the secure handoff of wireless LAN terminal, it is necessary to transfer terminal's authentication & accounting information securely from old AP to new AP IEEE 802.11f recommends RADIUS server as IAPP server which authenticates AP and provides information for secure channel between APs. This paper proposes IAPP server using Diameter protocol to overcome the limit of RADIUS sewer, and describes about the interaction between server components and integration method with the current IAPP client system.

Fast and Secure Handoff Mechanism for Mobile IPv6 based on IEEE 802.11 (IEEE 802.11 기반의 고속의 안전한 Mobile IPv6 핸드오프 메커니즘)

  • Kang, Hyun-Sun;Park, Chang-Seop
    • Journal of Korea Multimedia Society
    • /
    • v.13 no.2
    • /
    • pp.205-215
    • /
    • 2010
  • It is necessary to provide a fast and secure handover for seamless real-time multimedia services based on IEEE 802.11. In this paper, we propose FMIPv6 handoff protocol integrating L2/L3 layer based on IEEE 802.11 WLAN environment. In that, we propose a hierarchical key management scheme and authentication mechanism for protecting the handover signaling messages. The number of connections with AAA server is minimized for the fast handover. It is also compared and analyzed the handover cost with previous method.

A Method of Performance Improvement for AAA Authentication using Fast Handoff Scheme in Mobile IPv6 (Mobile IPv6에서 Fast Handoff기법을 이용한 AAA 인증 성능 향상 방안)

  • Kim Changnam;Mun Youngsong;Huh Eui-Nam
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.6
    • /
    • pp.566-572
    • /
    • 2004
  • In this paper, we define the secure authentication model to provide a mobile node with global roaming service and integrate the Fast Handoff scheme with our approach to minimize the service latency. By starting the AAA(Authentication, Authorization and Account) procedure with Fast Handoff simultaneously when a roaming occurs, authentication latency is reduced significantly and provision of fast and seamless service is possible. The previous works such as IPsec(Internet Protocol Security), RR (Return Routability) and AAA define the procedures performed after the completion of Layer2 Handoff which leads us to study a way of providing the real time and QoS guaranteed service during this period. The proposed scheme is for this goal and when appling it to roaming environment it shows the cost reduction up to 55% and 17% for the case of the MN receiving the FBACK and not respectively before L2 Handoff occurs.

Performance Analysis of Cross-Layer Handoff Scheme in IP-Based Next-Generation Wireless Networks (IP기반 차세대 무선 네트워크에서의 교차계층 핸드오프 기법의 성능 분석)

  • Lee, JaeSuk;Jeong, Jongpil
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.38B no.6
    • /
    • pp.454-472
    • /
    • 2013
  • The development of wireless network technology and the increasing use of wireless networks to mobile users with a variety of wireless network systems has arisen. Wireless sensor networks, they can be nested together, and the need to switch between the network, depending on your needs. Next Generation Wireless Networks(NGWN) gives the mobile user a wide coverage and optimized service etc. Previous hand off management protocol is not enough to secure support of the NGWN application program. Cross-layer Handoff(CLH) protocol technique has been developed to support between and inside networks of handoff management of NGWN. CLH supports mobility management in a wireless network environment and also utilizes mobility speed and handoff signaling delay information to improve the handoff performance ability. For the analysis of handoff performance ability, we analyzed sensitivity of link layer and network layer, therefore, CLH technique is suggested based on this analysis.

Fast and Secure 2-Way Handshake Mechanism using Sequence Number in Wireless LAN (순번을 이용한 고속의 안전한 무선 랜 2-Way 핸드쉐이크 기법)

  • Lim, Jeong-Mi
    • Journal of Korea Multimedia Society
    • /
    • v.12 no.9
    • /
    • pp.1323-1332
    • /
    • 2009
  • In this paper, we analyze security weakness of 4-Way Handshake in IEEE 802.11i and propose fast and secure 2-Way Handshake mechanism. Compute PTK(Pairwise Transient Key) using sequence number instead of random numbers in order to protect Replay attack and DoS attack. Also, proposed 2-Way Handshake mechanism can mutual authenticate between mobile station and access point and derive PTK using modified Re-association Request and Re-association Response frames. And, compare with others which are fast and secure Handoff mechanisms.

  • PDF

Secure Handoff Based on Dual Session Keys in Mobile IP with AAA (Mobile IP 및 AAA 프로토콜 기반으로 신속성과 안전성을 고려한 듀얼세션키 핸드오프 방식연구c)

  • Choi Yumi;Lee Hyung-Min;Choo Hyunseung
    • Journal of Internet Computing and Services
    • /
    • v.6 no.3
    • /
    • pp.107-119
    • /
    • 2005
  • The Mobile IP has evolved from providing mobility support for portable computers to support wireless handheld devices with high mobility patterns. The Mobile IP secures mobility, but does not guarantee security, In this paper, the Mobile IP has been adapted to allow AM protocol that supports authentication, authorization and accounting for authentication and collection of accounting information of network usage by mobile nodes, For this goal, we propose a new security handoff mechanism to intensify the Mobile IP security and to achieve fast handoff. In the proposed mechanism, we provide enough handoff achievement time to maintain the security of mobile nodes, According to the analysis of modeling result, the proposed mechanism composed the basic Mobile IP along with AM protocol is up to about $60\%$ better in terms of normalized surcharge for the handoff failure rate that considers handoff time.

  • PDF

Enhancement of Return Routability Mechanism for Optimized-NEMO Using Correspondent Firewall

  • Hasan, Samer Sami;Hassan, Rosilah
    • ETRI Journal
    • /
    • v.35 no.1
    • /
    • pp.41-50
    • /
    • 2013
  • Network Mobility (NEMO) handles mobility of multiple nodes in an aggregate manner as a mobile network. The standard NEMO suffers from a number of limitations, such as inefficient routing and increased handoff latency. Most previous studies attempting to solve such problems have imposed an extra signaling load and/or modified the functionalities of the main entities. In this paper, we propose a more secure and lightweight route optimization (RO) mechanism based on exploiting the firewall in performing the RO services on behalf of the correspondent nodes (CNs). The proposed mechanism provides secure communications by making an authorized decision about the mobile router (MR) home of address, MR care of address, and the complete mobile network prefixes underneath the MR. In addition, it reduces the total signaling required for NEMO handoffs, especially when the number of mobile network nodes and/or CNs is increased. Moreover, our proposed mechanism can be easily deployed without modifying the mobility protocol stack of CNs. A thorough analytical model and network simulator (Ns-2) are used for evaluating the performance of the proposed mechanism compared with NEMO basic support protocol and state-of-the-art RO schemes. Numerical and simulation results demonstrate that our proposed mechanism outperforms other RO schemes in terms of handoff latency and total signaling load on wired and wireless links.