Ubiquitous Internet in an integrated satellite-terrestrial environment: The SUITED solution

yesThe current Internet architecture appears to not be particularly suited to addressing the emerging needs of new classes of users who wish to gain access to multimedia services made available by ISPs, regardless of their location, while in motion and with a guaranteed level of quality. One of the main objectives of so-called nextgeneration systems is to overcome the limitations of today¿s available Internet by adopting an approach based on the integration of different mobile and fixed networks. The SUITED project moves in this direction since it aims at contributing to the design and deployment of the global mobile broadband system (GMBS), a unique satellite/terrestrial infrastructure ensuring nomadic users access to Internet services with a negotiated QoS. A description of the main features of the GMBS architecture, characterized by the integration of a multisegment access network with a federated ISP network is given in this article. The GMBS multimode terminal is schematically described, and an overview of the so-called QoS-aware mobility management scheme, devised for such a heterogeneous scenario,is provided

Security in Wireless Local Area Networks (WLANs)

Major research domains in the WLAN security include: access control & data frame protection, lightweight authentication and secure handoff. Access control standard like IEEE 802.11i provides flexibility in user authentication but on the other hand fell prey to Denial of Service (DoS) attacks. For Protecting the data communication between two communicating devices—three standard protocols i.e., WEP (Wired Equivalent Privacy), TKIP (Temporal Key Integrity Protocol) and AES-CCMP (Advanced Encryption Standard—Counter mode with CBC-MAC protocol) are used. Out of these, AES-CCMP protocol is secure enough and mostly used in enterprises. In WLAN environment lightweight authentication is an asset, provided it also satisfies other security properties like protecting the authentication stream or token along with securing the transmitted message. CAPWAP (Control and Provisioning of Wireless Access Points), HOKEY (Hand Over Keying) and IEEE 802.11r are major protocols for executing the secure handoff. In WLANs, handoff should not only be performed within time limits as required by the real time applications but should also be used to transfer safely the keying material for further communication. In this chapter, a comparative study of the security mechanisms under the above-mentioned research domains is provided

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

A novel multi-fold security framework for cognitive radio wireless ad-hoc networks

Cognitive Radio (CR) Technology has emerged as a smart and intelligent technology to address the problem of spectrum scarcity and its under-utilization. CR nodes sense the environment for vacant channels, exchange control information, and agree upon free channels list (FCL) to use for data transmission and conclusion. CR technology is heavily dependent on the control channel to dialogue on the exchanged control information which is usually in the Industrial-Scientific-Medical (ISM) band. As the ISM band is publically available this makes the CR network more prone to security vulnerabilities and flaws. In this paper a novel multi-fold security framework for cognitive radio wireless ad-hoc networks has been proposed. Multiple security levels, such as, encryption of beacon frame and privately exchanging the FCL, and the dynamic and adaptive behaviour of the framework makes the proposed protocol more resilient and secure against the traditional security attacks when compared with existing protocols

Secure 3G user authentication in ad-hoc serving networks

The convergence of cellular and IP technologies has pushed the integration of 3G and WLAN networks to the forefront. With 3G networks\u27 failure to deliver feasible bandwidth to the customer and the emerging popularity, ease of use and high throughput of 802.11 WLANs, integrating secure access to 3G services from WLANs has become a primary focus. 3G user authentication initiated from WLANs has been defined by an enhancement to the extensible authentication protocol, EAP, used to transport user authentication requests over WLANs. The EAP-AKA protocol executes the 3G USIM user challenge and response authentication process over the IP backbone for WLAN serving networks. To improve the degree of control of 3G subscribers, spatial control has been proposed for 3G-WLAN user authentication. Successful execution of 3G security algorithms can be limited to a specified area by encrypting a user\u27s authentication challenge with spatial data defining his/her visited WLAN. With 3G networks\u27 limited capacity to determine a user\u27s location to the granularity of a small WLAN area and restricted access to users\u27 location due to privacy, 3G operators must rely on spatial data sent from visited WLANs to implement control for authentication. The risks of implementing EAP-AKA spatial control by 3G operators with no prior relationship or trust for serving WLAN networks are presented in this paper. An ad-hoc architecture is proposed for serving networks in 3G-WLAN integration and the advantages of this architecture that facilitate secure 3G user authentication are identified. Algorithms are proposed to define robust trust relationships between the parties in 3G-WLAN networks. The security of 3G user authentication is further protected by new mechanisms defined that are based on the quality of trust established between parties