Inter-subnet localized mobility support for host identity protocol

Host identity protocol (HIP) has security support to enable secured mobility and multihoming, both of which are essential for future Internet applications. Compared to end host mobility and multihoming with HIP, existing HIP-based micro-mobility solutions have optimized handover performance by reducing location update delay. However, all these mobility solutions are client-based mobility solutions. We observe that another fundamental issue with end host mobility and multihoming extension for HIP and HIP-based micro-mobility solutions is that handover delay can be excessive unless the support for network-based micro-mobility is strengthened. In this study, we co-locate a new functional entity, subnet-rendezvous server, at the access routers to provide mobility to HIP host. We present the architectural elements of the framework and show through discussion and simulation results that our proposed scheme has achieved negligible handover latency and little packet loss

Secure Mobile IP with HIP Style Handshaking and Readdressing

Mobile IP allows the mobile node roaming into a new IP network without losing its connection with its peer. Mobile IPv6 is using Mobile IP with Route Optimizationto improve performance by avoiding the triangle routing and adopting Return Routability as a secure process for binding update. Host Identity Protocol (HIP) is an experimental security protocol which provides mobility management and multi-homing by its new namespace. Its architecture is similar to that of Mobile IP with Route Optimization. In this paper, we have introduced a Secure Mobile IP with HIP Style Handshaking and Readdressing (SMIP), which has stronger security, better performance and lower binding cost in binding update process compared with Mobile IPv6. The dependence of home agent in the new scheme is also shown dramatically decreased. The initiated scheme integrated the primary features of two completely different mobility management solutions and has set up a migration path from mobile-IP based solution to a public-key based solution in mobile IP network

Wireless IP network mobility management: advancing from mobile IP to HIP-based network

Wireless networking introduces a whole range of challenges to the traditional TCP/IP network. In particular, IP address the issue of overloading because IP addresses are used as a network locator and an end point identity in the different layers in an OSI model. Even though Mobile IP is widely deployed, it has significant problems relating to performance and security. The Host Identity Protocol (HIP) provides secure mobility management by solving the IP address overloading from another angle. It restructures the TCP/IP model and introduces a new layer and a new namespace. The performance of HIP has proven to be better than Mobile IP and also opens a range of new research opportunities. This dissertation proposes and analyses a new step-stone solution from the Mobile IP-based network into a HIP-based network. The main advantage of this new solution is that much less change is required to the operating system kernel of the end point compared to a full HIP implementation. The new step-stone solution allows Mobile IP to use some HIP features to provide better security and handover performance. This dissertation also proposes several new and novel HIP-based wireless communication network architectures. An HIP-based heterogeneous wireless network architecture and handover scheme has been proposed and analysed. These schemes limit the HIP signalling in the wireless network if no communication to external networks is needed. Beside the network architecture modification, the hybrid Session Initial Protocol (SIP) and HIP-based Voice over IP (VoIP) scheme is proposed and analysed. This novel scheme improves the handover latency and security. This dissertation also proposes and analyses a new and novel extension to HIP, a HIP-based micro-mobility management, micro-HIP (mHIP). mHIP provides a new secure framework for micro-mobility management. It is a more complete HIP-based micro-mobility solution than any other proposed in existing studies. mHIP improves the intra-domain handover performance, the security, and the distribution of load in the intra-domain handover signalling. The new work presented opens up a number of very interesting research opportunities

Distributed mobility management with mobile Host Identity Protocol proxy

The architectural evolution from hierarchical to flatter networks creates new challenges such as single points of failure and bottlenecks, non-optimal routing paths, scalability problems, and long handover delays. The cellular networks have been hierarchical so that they are largely built on centralized functions based on which their handover mechanisms have been built. They need to be redesigned and/or carefully optimized. The mobility extension to Host Identity Protocol (HIP) proxy, mobile HIP Proxy (MHP), provides a seamless and secure handover for the Mobile Host in the hierarchical network. However, the MHP cannot ensure the same handover performance in flatter network because the MHP has also utilized the features offered by the hierarchical architecture. This paper extends the MHP to distributed mobile HIP proxy (DMHP). The performance evaluation of the DMHP in comparison to MHP and other similar mobility solutions demonstrates that DMHP does indeed perform well in the flatter networks. Moreover, the DMHP supports both efficient multi-homing and handover management for many mobile hosts at the same time to the same new point of attachment

Design and implementation of the node identity internetworking architecture

The Internet Protocol (IP) has been proven very flexible, being able to accommodate all kinds of link technologies and supporting a broad range of applications. The basic principles of the original Internet architecture include end-to-end addressing, global routeability and a single namespace of IP addresses that unintentionally serves both as locators and host identifiers. The commercial success and widespread use of the Internet have lead to new requirements, which include internetworking over business boundaries, mobility and multi-homing in an untrusted environment. Our approach to satisfy these new requirements is to introduce a new internetworking layer, the node identity layer. Such a layer runs on top of the different versions of IP, but could also run directly on top of other kinds of network technologies, such as MPLS and 2G/3G PDP contexts. This approach enables connectivity across different communication technologies, supports mobility, multi-homing, and security from ground up. This paper describes the Node Identity Architecture in detail and discusses the experiences from implementing and running a prototype

A Survey on Handover Management in Mobility Architectures

This work presents a comprehensive and structured taxonomy of available techniques for managing the handover process in mobility architectures. Representative works from the existing literature have been divided into appropriate categories, based on their ability to support horizontal handovers, vertical handovers and multihoming. We describe approaches designed to work on the current Internet (i.e. IPv4-based networks), as well as those that have been devised for the "future" Internet (e.g. IPv6-based networks and extensions). Quantitative measures and qualitative indicators are also presented and used to evaluate and compare the examined approaches. This critical review provides some valuable guidelines and suggestions for designing and developing mobility architectures, including some practical expedients (e.g. those required in the current Internet environment), aimed to cope with the presence of NAT/firewalls and to provide support to legacy systems and several communication protocols working at the application layer

Names, addresses and identities in ambient networks

Ambient Networks interconnect independent realms that may use different local network technologies and may belong to different administrative or legal entities. At the core of these advanced internetworking concepts is a flexible naming architecture based on dynamic indirections between names, addresses and identities. This paper gives an overview of the connectivity abstractions of Ambient Networks and then describes its naming architecture in detail, comparing and contrasting them to other related next-generation network architectures

Evaluating IP security and mobility on lightweight hardware

This work presents an empirical evaluation of applicability of selected existing IP security and mobility mechanisms to lightweight mobile devices and network components with limited resources and capabilities. In particular, we consider the Host Identity Protocol (HIP), recently specified by the IETF for achieving authentication, secure mobility and multihoming, data protection and prevention of several types of attacks. HIP uses the Diffie-Hellman protocol to establish a shared secret for two hosts, digital signatures to provide integrity of control plane and IPsec ESP encryption to protect user data. These computationally expensive operations might easily stress CPU, memory and battery resources of a lightweight client, as well as negatively affect data throughput and latency.We describe our porting experience with HIP on an embedded Linux PDA, a Symbian-based smartphone and two OpenWrt Wi-Fi access routers, thereby contributing to the protocol deployment. We present a set of measurement results of different HIP operations on these devices and evaluate the impact of public-key cryptography on the processor load, memory usage and battery lifetime, as well as the influence of the IPsec encryption on Round-Trip Time and TCP throughput. In addition, we assess how the lightweight hardware of a mobile handheld or a Wi-Fi access router in turn affects the duration of certain protocol operations including HIP base exchange, HIP mobility update, puzzle solving procedure and generation of an asymmetric key pair. After analyzing the empirical results we make conclusions and recommendations on applicability of unmodified HIP and IPsec to resource-constrained mobile devices. We also survey related work and draw parallels with our own research results

A generic communication architecture for end to end mobility management in the Internet

The proliferation of laptops, cellular phones, and other mobile computing platforms connected to the Internet has triggered numerous research works into mobile networking. The increasingly dense set of wireless access networks that can be potentially accessed by mobile users open the door to an era of pervasive computing. However, the puzzle of wireless access networks that tends to become the natural access networks to the Internet pushes legacy“wireoriented” communication architectures to their limit. Indeed, there is a critical gap between the increasingly used stream centric multimedia applications and the incapacity of legacy communication stacks to insure the continuity of these multimedia sessions for mobile users. This paper proposes a generic communication architecture (i.e. not dedicated to a specific protocol or technology) that aims to fill the gap between the application layer continuity needs and the discontinuity of the communication service inherent to the physical layer of wireless mobile networks. This paper introduces an end to end communication architecture that preserves efficiently session continuity in the context of mobile and wireless networks. This architecture is mainly based on end to end mechanisms that could be integrated into a new generation reconfigurable transport protocol. The proposed contribution efficiently satisfies mobility requirements such as efficient location management, fast handover, and continuous connection support