The Design of Efficient Internetwork Authentication for Ubiquitous Wireless Communications

A variety of wireless technologies have been standardized and commercialized, but no single solution is considered the best to satisfy all communication needs due to different coverage and bandwidth limitations. Therefore, internetworking between heterogeneous wireless networks is extremely important for ubiquitous and high performance wireless communications. The security problem is one of the major challenges in internetworking. To date, most research on internetwork authentication has focused on centralized authentication approaches, where the home network participates in each authentication process. For high latency between the home and visiting networks, such approaches tend to be inefficient. In this paper, we describe chained authentication, which requires collaboration between adjacent networks without involvement of the home network. After categorizing chained protocols, we propose a novel design of chained authentication methods under 3G-WLAN internetworking. The experiments show that proactive context transfer and ticket forwarding reduce the 3G authentication latency to 36.8% and WLAN EAP-TLS latency to 23.1% when RTT between visiting and home networks is 200 ms

Study, Analysis and Modeling of IP Multimedia systems on next generation networks providing mobile and fixed multimedia services

Not availabl

Context transfer support for mobility management in all-IP networks.

This thesis is a description of the research undertaken in the course of the PhD and evolves around a context transfer protocol which aims to complement and support mobility management in next generation mobile networks. Based on the literature review, it was identified that there is more to mobility management than handover management and the successful change of routing paths. Supportive mechanisms like fast handover, candidate access router discovery and context transfer can significantly contribute towards achieving seamless handover which is especially important in the case of real time services. The work focused on context transfer motivated by the fact that it could offer great benefits to session re-establishment during the handover operation of a mobile user and preliminary testbed observations illustrated the need for achieving this. Context transfer aims to minimize the impact of certain transport, routing, security-related services on the handover performance. When a mobile node (MN) moves to a new subnet it needs to continue such services that have already been established at the previous subnet. Examples of such services include AAA profile, IPsec state, header compression, QoS policy etc. Re-establishing these services at the new subnet will require a considerable amount of time for the protocol exchanges and as a result time- sensitive real-time traffic will suffer during this time. By transferring state to the new domain candidate services will be quickly re-established. This would also contribute to the seamless operation of application streams and could reduce susceptibility to errors. Furthermore, re-initiation to and from the mobile node will be avoided hence wireless bandwidth efficiency will be conserved. In this research an extension to mobility protocols was proposed for supporting state forwarding capabilities. The idea of forwarding states was also explored for remotely reconfiguring middleboxes to avoid any interruption of a mobile users' sessions or services. Finally a context transfer module was proposed to facilitate the integration of such a mechanism in next generation architectures. The proposals were evaluated analytically, via simulations or via testbed implementation depending on the scenario investigated. The results demonstrated that the proposed solutions can minimize the impact of security services like authentication, authorization and firewalls on a mobile user's multimedia sessions and thus improving the overall handover performance

Network-Assisted Handover for Heterogeneous Wireless Networks using IEEE 802.21

The IEEE 802.21 is a standard for enabling handover in heterogeneous wireless networks. Published in January 2009, it defines protocols and messages for mobile-to-node and node-to-node communication in a technology-neutral and flexible manner. The need arises because of the widespread diffusion of different technologies for wireless communications (e.g., WiFi, WiMAX, LTE) coexisting in the same geographical area. Even though the number of multi-radio multi-technology mobile devices is increasing significantly, there are no open solutions in the market to enable efficient inter-technology handover. As is often the case with communication standards, the structure of the required components, the procedures, and the algorithms are left unspecified by the IEEE 802.21 standard so as to promote competion by differentiation of equipment capabilities and services. The contribution of this thesis is two-fold: i) a design and an implemenation of the Media Independent Information Service (MIIS) server; and, ii) a solution to enable network-assisted handover using the IEEE 802.21 standard, aimed at reducing the handover latency and the energy consumption of mobile devices due to scanning. The MIIS server has been fully implemented in C++ under Linux. In order to perform testbed evaluations, all the required components have been implemented, as well, within an open source framework for IEEE 802.21 called ODTONE. Modifications to the latter have been performed for optimization and fine tuning, and for extending those functional modules needed but not fully implemented. For a realistic evaluation, Linux-based embedded COTS devices have been used, equipped with multiple IEEE 802.11a and IEEE 802.11g wireless network interface cards. This has required additional development for kernel/user space binding and hardware control. Testbed results are reported to show the effectiveness of the proposed solution, also proving the MIIS server scalability

Integration of IEEE 802.21 services and pre-authentication framework

Abstract: Providing multi-interface device users the ability to roam between different access networks is becoming a key requirement for service providers. The availability of multiple mobile broadband access technologies together with increasing use of real time multimedia applications is creating strong demand for handover solutions that can seamlessly and securely transfer user sessions across different access technologies. In this paper, we discuss how the Copyright © 2010 Inderscience Enterprises Ltd. Integration of IEEE 802.21 services and pre-authentication framework 173 IEEE 802.21 standard and its services address the challenges of seamless mobility for multi-interface devices. We focus on a proof-of-concept implementation that integrates IEEE 802.21 services and a pre-authentication framework, to optimise handover performance in two different scenarios. The first scenario is initiated by the mobile node and the second one is initiated by the network. We present the measurement results for realising these scenarios. Finally, we describe the implementation challenges and lessons learned throug

IP Mobility in Wireless Operator Networks

Wireless network access is gaining increased heterogeneity in terms of the types of IP capable access technologies. The access network heterogeneity is an outcome of incremental and evolutionary approach of building new infrastructure. The recent success of multi-radio terminals drives both building a new infrastructure and implicit deployment of heterogeneous access networks. Typically there is no economical reason to replace the existing infrastructure when building a new one. The gradual migration phase usually takes several years. IP-based mobility across different access networks may involve both horizontal and vertical handovers. Depending on the networking environment, the mobile terminal may be attached to the network through multiple access technologies. Consequently, the terminal may send and receive packets through multiple networks simultaneously. This dissertation addresses the introduction of IP Mobility paradigm into the existing mobile operator network infrastructure that have not originally been designed for multi-access and IP Mobility. We propose a model for the future wireless networking and roaming architecture that does not require revolutionary technology changes and can be deployed without unnecessary complexity. The model proposes a clear separation of operator roles: (i) access operator, (ii) service operator, and (iii) inter-connection and roaming provider. The separation allows each type of an operator to have their own development path and business models without artificial bindings with each other. We also propose minimum requirements for the new model. We present the state of the art of IP Mobility. We also present results of standardization efforts in IP-based wireless architectures. Finally, we present experimentation results of IP-level mobility in various wireless operator deployments.Erilaiset langattomat verkkoyhteydet lisääntyvät Internet-kykyisten teknologioiden muodossa. Lukuisten eri teknologioiden päällekkäinen käyttö johtuu vähitellen ja tarpeen mukaan rakennetusta verkkoinfrastruktuurista. Useita radioteknologioita (kuten WLAN, GSM ja UMTS) sisältävien päätelaitteiden (kuten älypuhelimet ja kannettavat tietokoneet) viimeaikainen kaupallinen menestys edesauttaa uuden verkkoinfrastruktuurin rakentamista, sekä mahdollisesti johtaa verkkoteknologioiden kirjon lisääntymiseen. Olemassa olevaa verkkoinfrastruktuuria ei kaupallisista syistä kannata korvata uudella teknologialla yhdellä kertaa, vaan vaiheittainen siirtymävaihe kestää tyypillisesti useita vuosia. Internet-kykyiset päätelaitteet voivat liikkua joko saman verkkoteknologian sisällä tai eri verkkoteknologioiden välillä. Verkkoympäristöstä riippuen liikkuvat päätelaitteet voivat liittyä verkkoon useiden verkkoyhteyksien kautta. Näin ollen päätelaite voi lähettää ja vastaanottaa tietoliikennepaketteja yhtäaikaisesti lukuisia verkkoja pitkin. Tämä väitöskirja käsittelee Internet-teknologioiden liikkuvuutta ja näiden teknologioiden tuomista olemassa oleviin langattomien verkko-operaattorien verkkoinfrastruktuureihin. Käsiteltäviä verkkoinfrastruktuureita ei alun perin ole suunniteltu Internet-teknologian liikkuvuuden ja monien yhtäaikaisten yhteyksien ehdoilla. Tässä työssä ehdotetaan tulevaisuuden langattomien verkkojen arkkitehtuurimallia ja ratkaisuja verkkovierailujen toteuttamiseksi. Ehdotettu arkkitehtuuri voidaan toteuttaa ilman mittavia teknologisia mullistuksia. Mallin mukaisessa ehdotuksessa verkko-operaattorin roolit jaetaan selkeästi (i) verkko-operaattoriin, (ii) palveluoperaattoriin ja (iii) yhteys- sekä verkkovierailuoperaattoriin. Roolijako mahdollistaa sen, että kukin operaattorityyppi voi kehittyä itsenäisesti, ja että teennäiset verkkoteknologiasidonnaisuudet poistuvat palveluiden tuottamisessa. Työssä esitetään myös alustava vaatimuslista ehdotetulle mallille, esimerkiksi yhteysoperaattorien laatuvaatimukset. Väitöskirja esittelee myös liikkuvien Internet-teknologioiden viimeisimmän kehityksen. Työssä näytetään lisäksi standardointituloksia Internet-kykyisissä langattomissa arkkitehtuureissa

Investigations into micromobility issues in IP networks

Master'sMASTER OF SCIENC