A network mobility management architecture for a heteregeneous network environment

Network mobility management enables mobility of personal area networks and vehicular networks across heterogeneous access networks using a Mobile Router. This dissertation presents a network mobility management architecture for minimizing the impact of handoffs on the communications of nodes in the mobile network. The architecture addresses mobility in legacy networks without infrastructure support, but can also exploit infrastructure support for improved handoff performance. Further, the proposed architecture increases the efficiency of communications of nodes in the mobile network with counter parts in the fixed network through the use of caching and route optimization. The performance and costs of the proposed architecture are evaluated through empirical and numerical analysis. The analysis shows the feasibility of the architecture in the networks of today and in those of the near future.Verkkojen liikkuuvudenhallinta mahdollistaa henkilökohtaisten ja ajoneuvoihin asennettujen verkkojen liikkuvuuden heterogeenisessä verkkoympäristössä käyttäen liikkuvaa reititintä. Tämä väitöskirja esittää uuden arkkitehtuurin verkkojen liikkuvuudenhallintaan, joka minimoi verkonvaihdon vaikutuksen päätelaitteiden yhteyksiin. Vanhoissa verkoissa, joiden infrastruktuuri ei tue verkkojen liikkuvuutta, verkonvaihdos täytyy hallita liikkuvassa reitittimessa. Standardoitu verkkojen liikkuvuudenhallintaprotokolla NEMO mahdollistaa tämän käyttäen ankkurisolmua kiinteässä verkossa pakettien toimittamiseen päätelaitteiden kommunikaatiokumppaneilta liikkuvalle reitittimelle. NEMO:ssa verkonvaihdos aiheuttaa käynnissä olevien yhteyksien keskeytymisen yli sekunnin mittaiseksi ajaksi, aiheuttaen merkittävää häiriötä viestintäsovelluksille. Esitetyssä arkkitehtuurissa verkonvaihdon vaikutus minimoidaan varustamalla liikkuva reititin kahdella radiolla. Käyttäen kahta radiota liikkuva reititin pystyy suorittamaan verkonvaihdon keskeyttämättä päätelaitteiden yhteyksiä, mikäli verkonvaihtoon on riittävästi aikaa. Käytettävissa oleva aika riippuu liikkuvan reitittimen nopeudesta ja radioverkon rakenteesta. Arkkitehtuuri osaa myös hyödyntää infrastruktuurin tukea saumattomaan verkonvaihtoon. Verkkoinfrastruktuurin tuki nopeuttaa verkonvaihdosprosessia, kasvattaenmaksimaalista verkonvaihdos tahtia. Tällöin liikkuva reitin voi käyttää lyhyen kantaman radioverkkoja, joiden solun säde on yli 80m, ajonopeuksilla 90m/s asti ilman, että verkonvaihdos keskeyttää päätelaitteiden yhteyksiä. Lisäksi ehdotettu arkkitehtuuri tehostaa kommunikaatiota käyttäen cache-palvelimia liikkuvassa ja kiinteässä verkossa ja optimoitua reititystä liikkuvien päätelaitteiden ja kiinteässä verkossa olevien kommunikaatiosolmujen välillä. Cache-palvelinarkkitehtuuri hyödyntää vapaita radioresursseja liikkuvan verkon cache-palvelimen välimuistin päivittämiseen. Heterogeenisessä verkkoympäristossä cache-palvelimen päivitys suoritetaan lyhyen kantaman laajakaistaisia radioverkkoja käyttäen. Liikkuvan reitittimen siirtyessä laajakaistaisen radioverkon peitealueen ulkopuolelle päätelaitteille palvellaan sisältöä, kuten www sivuja tai videota cache-palvelimelta, säästäen laajemman kantaman radioverkon rajoitetumpia resursseja. Arkkitehtuurissa käytetään optimoitua reititystä päätelaitteiden ja niiden kommunikaatiokumppaneiden välillä. Optimoitu reititysmekanismi vähentää liikkuvuudenhallintaan käytettyjen protokollien langattoman verkon resurssien kulutusta. Lisäksi optimoitu reititysmekanismi tehostaa pakettien reititystä käyttäen suorinta reittiä kommunikaatiosolmujen välillä. Esitetyn arkkitehtuurin suorituskyky arvioidaan empiirisen ja numeerisen analyysin avulla. Analyysi arvioi arkkitehtuurin suorituskykyä ja vertaa sitä aikaisemmin ehdotettuihin ratkaisuihin ja osoittaa arkkitehtuurin soveltuvan nykyisiin ja lähitulevaisuuden langattomiin verkkoihin.reviewe

Inter-Domain Authentication for Seamless Roaming in Heterogeneous Wireless Networks

The convergence of diverse but complementary wireless access technologies and inter-operation among administrative domains have been envisioned as crucial for the next generation wireless networks that will provide support for end-user devices to seamlessly roam across domain boundaries. The integration of existing and emerging heterogeneous wireless networks to provide such seamless roaming requires the design of a handover scheme that provides uninterrupted service continuity while facilitating the establishment of authenticity of the entities involved. The existing protocols for supporting re-authentication of a mobile node during a handover across administrative domains typically involve several round trips to the home domain, and hence introduce long latencies. Furthermore, the existing methods for negotiating roaming agreements to establish inter-domain trust rely on a lengthy manual process, thus, impeding seamless roaming across multiple domains in a truly heterogeneous wireless network. In this thesis, we present a new proof-token based authentication protocol that supports quick re-authentication of a mobile node as it moves to a new foreign domain without involving communication with the home domain. The proposed proof-token based protocol can also support establishment of spontaneous roaming agreements between a pair of domains that do not already have a direct roaming agreement, thus allowing flexible business models to be supported. We describe details of the new authentication architecture, the proposed protocol, which is based on EAP-TLS and compare the proposed protocol with existing protocols

QoS provisioning and mobility management for IP-based wireless LAN

Today two major technological forces drive the telecommunication era: the wireless cellular systems and the Internet. As these forces converge, the demand for new services, increasing bandwidth and ubiquitous connectivity continuously grows. The next-generation mobile systems will be based solely or in a large extent, on the Internet Protocol (IP). This thesis begins by addressing the problems and challenges faced in a multimedia, IP-based Wireless LAN environment. The ETSI HiperLAN/2 system has been mainly selected as the test wireless network for our theoretical and simulation experiments. Apart from the simulations, measurements have been taken from real life test scenarios, where the IEEE 802.11 system was used (UniS Test-bed). Furthermore, a brief overview of the All-IP network infrastructure is presented. An extension to the conventional wireless (cellular) architecture, which takes advantage of the IP network characteristics, is considered. Some of the trends driving the 3G and WLANs developments are explored, while the provision of quality of service on the latter for real-time and non-real-time multimedia services is investigated, simulated and evaluated. Finally, an efficient and catholic Q0S framework is proposed. At the same time, the multimedia services should be offered in a seamless and uninterrupted manner to users who access the all-IP infrastructure via a WLAN, meeting the demands of both enterprise and public environments anywhere and anytime. Thus providing support for mobile communications not only in terms of terminal mobility, as is currently the case, but also for session, service and personal mobility. Furthermore, this mobility should be available over heterogeneous networks, such as WLANs, IJMTS, as well as fixed networks. Therefore, this work investigates issues such as, multilayer and multi-protocol (SIP-Mobile IP-Cellular IP) mobility management in wireless LAN and 3G domains. Several local and global mobility protocols and architectures have been tested and evaluated and a complete mobility management framework is proposed. Moreover, integration of simple yet efficient authentication, accounting and authorisation mechanisms with the multimedia service architecture is an important issue of IP-based WLANs. Without such integration providers will not have the necessary means to control their provided services and make revenue from the users. The proposed AAA architecture should support a robust AAA infrastructure providing secure, fast and seamless access granting to multimedia services. On the other hand, a user wishing a service from the All-IP WLAN infrastructure needs to be authenticated twice, once to get access to the network and the other one should be granted for the required service. Hence, we provide insights into these issues by simulating and evaluating pre-authentication techniques and other network authentication scenarios based on the wellknown IEEE 802.lx protocol for multimedia IP-based WLANs.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

A network mobility management architecture for a heterogeneous network environment

Network mobility management enables mobility of personal area networks and vehicular networks across heterogeneous access networks using a Mobile Router. This dissertation presents a network mobility management architecture for minimizing the impact of handoffs on the communications of nodes in the mobile network. The architecture addresses mobility in legacy networks without infrastructure support, but can also exploit infrastructure support for improved handoff performance. Further, the proposed architecture increases the efficiency of communications of nodes in the mobile network with counter parts in the fixed network through the use of caching and route optimization. The performance and costs of the proposed architecture are evaluated through empirical and numerical analysis. The analysis shows the feasibility of the architecture in the networks of today and in those of the near future.Verkkojen liikkuuvudenhallinta mahdollistaa henkilökohtaisten ja ajoneuvoihin asennettujen verkkojen liikkuvuuden heterogeenisessä verkkoympäristössä käyttäen liikkuvaa reititintä. Tämä väitöskirja esittää uuden arkkitehtuurin verkkojen liikkuvuudenhallintaan, joka minimoi verkonvaihdon vaikutuksen päätelaitteiden yhteyksiin. Vanhoissa verkoissa, joiden infrastruktuuri ei tue verkkojen liikkuvuutta, verkonvaihdos täytyy hallita liikkuvassa reitittimessa. Standardoitu verkkojen liikkuvuudenhallintaprotokolla NEMO mahdollistaa tämän käyttäen ankkurisolmua kiinteässä verkossa pakettien toimittamiseen päätelaitteiden kommunikaatiokumppaneilta liikkuvalle reitittimelle. NEMO:ssa verkonvaihdos aiheuttaa käynnissä olevien yhteyksien keskeytymisen yli sekunnin mittaiseksi ajaksi, aiheuttaen merkittävää häiriötä viestintäsovelluksille. Esitetyssä arkkitehtuurissa verkonvaihdon vaikutus minimoidaan varustamalla liikkuva reititin kahdella radiolla. Käyttäen kahta radiota liikkuva reititin pystyy suorittamaan verkonvaihdon keskeyttämättä päätelaitteiden yhteyksiä, mikäli verkonvaihtoon on riittävästi aikaa. Käytettävissa oleva aika riippuu liikkuvan reitittimen nopeudesta ja radioverkon rakenteesta. Arkkitehtuuri osaa myös hyödyntää infrastruktuurin tukea saumattomaan verkonvaihtoon. Verkkoinfrastruktuurin tuki nopeuttaa verkonvaihdosprosessia, kasvattaenmaksimaalista verkonvaihdos tahtia. Tällöin liikkuva reitin voi käyttää lyhyen kantaman radioverkkoja, joiden solun säde on yli 80m, ajonopeuksilla 90m/s asti ilman, että verkonvaihdos keskeyttää päätelaitteiden yhteyksiä. Lisäksi ehdotettu arkkitehtuuri tehostaa kommunikaatiota käyttäen cache-palvelimia liikkuvassa ja kiinteässä verkossa ja optimoitua reititystä liikkuvien päätelaitteiden ja kiinteässä verkossa olevien kommunikaatiosolmujen välillä. Cache-palvelinarkkitehtuuri hyödyntää vapaita radioresursseja liikkuvan verkon cache-palvelimen välimuistin päivittämiseen. Heterogeenisessä verkkoympäristossä cache-palvelimen päivitys suoritetaan lyhyen kantaman laajakaistaisia radioverkkoja käyttäen. Liikkuvan reitittimen siirtyessä laajakaistaisen radioverkon peitealueen ulkopuolelle päätelaitteille palvellaan sisältöä, kuten www sivuja tai videota cache-palvelimelta, säästäen laajemman kantaman radioverkon rajoitetumpia resursseja. Arkkitehtuurissa käytetään optimoitua reititystä päätelaitteiden ja niiden kommunikaatiokumppaneiden välillä. Optimoitu reititysmekanismi vähentää liikkuvuudenhallintaan käytettyjen protokollien langattoman verkon resurssien kulutusta. Lisäksi optimoitu reititysmekanismi tehostaa pakettien reititystä käyttäen suorinta reittiä kommunikaatiosolmujen välillä. Esitetyn arkkitehtuurin suorituskyky arvioidaan empiirisen ja numeerisen analyysin avulla. Analyysi arvioi arkkitehtuurin suorituskykyä ja vertaa sitä aikaisemmin ehdotettuihin ratkaisuihin ja osoittaa arkkitehtuurin soveltuvan nykyisiin ja lähitulevaisuuden langattomiin verkkoihin.reviewe

セルラーネットワークにおける無線LANオフロードのためのネットワーク選択方式に関する研究

早大学位記番号:新7456早稲田大

Fast and seamless mobility management in IPV6-based next-generation wireless networks

Introduction -- Access router tunnelling protocol (ARTP) -- Proposed integrated architecture for next generation wireless networks -- Proposed seamless handoff schemes in next generation wireless networks -- Proposed fast mac layer handoff scheme for MIPV6/WLANs

On secure communication in integrated internet and heterogeneous multi-hop wireless networks.

Integration of the Internet with a Cellular Network, WMAN, WLAN, and MANET presents an exceptional promise by having co-existence of conventional WWANs/WMANs/WLANs with wireless ad hoc networks to provide ubiquitous communication. We call such integrated networks providing internet accessibility for mobile users as heterogeneous multi-hop wireless networks where the Internet and wireless infrastructure such as WLAN access points (APs) and base stations (BSs) constitute the backbone for various emerging wireless networks (e.g., multi-hop WLAN and ad hoc networks. Earlier approaches for the Internet connectivity either provide only unidirectional connectivity for ad hoc hosts or cause high overhead as well as delay for providing full bi-directional connections. In this dissertation, a new protocol is proposed for integrated Internet and ad hoc networks for supporting bi-directional global connectivity for ad hoc hosts. In order to provide efficient mobility management for mobile users in an integrated network, a mobility management protocol called multi-hop cellular IP (MCIP) has been proposed to provide a micro-mobility management framework for heterogeneous multi-hop network. The micro-mobility is achieved by differentiating the local domain from the global domain. At the same time, the MCIP protocol extends Mobile IP protocol for providing macro-mobility support between local domains either for single hop MSs or multi-hop MSs. In the MCIP protocol, new location and mobility management approaches are developed for tracking mobile stations, paging, and handoff management. This dissertation also provides a security protocol for integrated Internet and MANET to establish distributed trust relationships amongst mobile infrastructures. This protocol protects communication between two mobile stations against the attacks either from the Internet side or from wireless side. Moreover, a secure macro/micro-mobility protocol (SM3P) have been introduced and evaluated for preventing mobility-related attacks either for single-hop MSs or multi-hop MSs. In the proposed SM3P, mobile IP security has been extended for supporting macro-mobility across local domains through the process of multi-hop registration and authentication. In a local domain, a certificate-based authentication achieves the effective routing and micro-mobility protection from a range of potential security threats

A framework for secure mobility in wireless overlay networks

Various wireless networks are widely deployed world wide. Current technologies employed in these networks vary widely in terms of bandwidths, latencies, frequencies, and media access methods. Most existing wireless network technologies can be divided into two categories: those that provide a low-bandwidth service over a wide geographic area, for example UMTS, and those that provide a high bandwidth service over a narrow geographic area, for example 802.11. Although it would be desirable to provide a high- bandwidth service over a wide coverage region to mobile users all the time, no single wireless network technology simultaneously satisfies these require- ments. Wireless Overlay Networks, a hierarchical structure of wireless personal area, local area, and wide area data networks, is considered as an efficient and scalable way to solve this problem. Due to the wide deployment of UMTS and 802.11 WLAN, this study attempts to combine them to implement the concept of Wireless Overlay Net- works. Furthermore, the information transmitted over this Wireless Overlay Networks is protected in terms of authentication, integrity and confidentiality. To achieve this goal, this study aims to combine GPRS, Mobile IP and IPSec to propose a framework for secure mobility in Wireless Overlay Networks. The framework is developed in three steps: Firstly, this study addresses the problem of combining GPRS and Mo- bile IP, so that GPRS users are provided with Mobile IP service. This results in presenting a uniform Mobile IP interface to peers regardless of whether mobile users use UMTS or 802.11 WLAN. Secondly, this study discovers the existing problem when combining Mobile IP and IPSec, and proposes a Dual Home Agent Architecture to achieve secure mobility. Finally, based on the output of the previous two steps, a complete framework is proposed, which achieves secure mobility in Wireless Overlay Networks, specifically, in UMTS and 802.11 WLAN. The framework also implements seamless handover when mobile users switch between UMTS and 802.11. This results in UMTS and 802.11 WLAN looking like a single network when participating in this framework, and presents seamless and secure mobility

Context transfer support for mobility management in all-IP networks.

This thesis is a description of the research undertaken in the course of the PhD and evolves around a context transfer protocol which aims to complement and support mobility management in next generation mobile networks. Based on the literature review, it was identified that there is more to mobility management than handover management and the successful change of routing paths. Supportive mechanisms like fast handover, candidate access router discovery and context transfer can significantly contribute towards achieving seamless handover which is especially important in the case of real time services. The work focused on context transfer motivated by the fact that it could offer great benefits to session re-establishment during the handover operation of a mobile user and preliminary testbed observations illustrated the need for achieving this. Context transfer aims to minimize the impact of certain transport, routing, security-related services on the handover performance. When a mobile node (MN) moves to a new subnet it needs to continue such services that have already been established at the previous subnet. Examples of such services include AAA profile, IPsec state, header compression, QoS policy etc. Re-establishing these services at the new subnet will require a considerable amount of time for the protocol exchanges and as a result time- sensitive real-time traffic will suffer during this time. By transferring state to the new domain candidate services will be quickly re-established. This would also contribute to the seamless operation of application streams and could reduce susceptibility to errors. Furthermore, re-initiation to and from the mobile node will be avoided hence wireless bandwidth efficiency will be conserved. In this research an extension to mobility protocols was proposed for supporting state forwarding capabilities. The idea of forwarding states was also explored for remotely reconfiguring middleboxes to avoid any interruption of a mobile users' sessions or services. Finally a context transfer module was proposed to facilitate the integration of such a mechanism in next generation architectures. The proposals were evaluated analytically, via simulations or via testbed implementation depending on the scenario investigated. The results demonstrated that the proposed solutions can minimize the impact of security services like authentication, authorization and firewalls on a mobile user's multimedia sessions and thus improving the overall handover performance

Mobility management across converged IP-based heterogeneous access networks

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University, 8/2/2010.In order to satisfy customer demand for a high performance “global” mobility service, network operators (ISPs, carriers, mobile operators, etc.) are facing the need to evolve to a converged “all-IP” centric heterogeneous access infrastructure. However, the integration of such heterogeneous access networks (e.g. 802.11, 802.16e, UMTS etc) brings major mobility issues. This thesis tackles issues plaguing existing mobility management solutions in converged IP-based heterogeneous networks. In order to do so, the thesis firstly proposes a cross-layer mechanism using the upcoming IEEE802.21 MIH services to make intelligent and optimized handovers. In this respect, FMIPv6 is integrated with the IEEE802.21 mechanism to provide seamless mobility during the overall handover process. The proposed solution is then applied in a simulated vehicular environment to optimize the NEMO handover process. It is shown through analysis and simulations of the signalling process that the overall expected handover (both L2 and L3) latency in FMIPv6 can be reduced by the proposed mechanism by 69%. Secondly, it is expected that the operator of a Next Generation Network will provide mobility as a service that will generate significant revenues. As a result, dynamic service bootstrapping and authorization mechanisms must be in place to efficiently deploy a mobility service (without static provisioning), which will allow only legitimate users to access the service. A GNU Linux based test-bed has been implemented to demonstrate this. The experiments presented show the handover performance of the secured FMIPv6 over the implemented test-bed compared to plain FMIPv6 and MIPv6 by providing quantitative measurements and results on the quality of experience perceived by the users of IPv6 multimedia applications. The results show the inclusion of the additional signalling of the proposed architecture for the purpose of authorization and bootstrapping (i.e. key distribution using HOKEY) has no adverse effect on the overall handover process. Also, using a formal security analysis tool, it is shown that the proposed mechanism is safe/secure from the induced security threats. Lastly, a novel IEEE802.21 assisted EAP based re-authentication scheme over a service authorization and bootstrapping framework is presented. AAA based authentication mechanisms like EAP incur signalling overheads due to large RTTs. As a result, overall handover latency also increases. Therefore, a fast re-authentication scheme is presented which utilizes IEEE802.21 MIH services to minimize the EAP authentication process delays and as a result reduce the overall handover latency. Analysis of the signalling process based on analytical results shows that the overall handover latency for mobility protocols will be approximately reduced by 70% by the proposed scheme