Abstract
The rapid development of mobile businesses raises the need for exchanging information between mobile computing devices via Internet. If a secure connection is necessary then a virtual private network (VPN) is essential. Currently, VPN protocols set up secure connections between two nodes with fixed IP addresses. However, if several people work in a moving vehicle with their mobiles or computers, the secure connection will be lost due to the IP change and a new connection has to be built from scratch. The current solution to this problem is to run tunnels over Mobile IP (MIP). However, that is inefficient due to double tunneling. In this paper, the authors add a novel form of mobility support to secure L2TP/IPsec tunnels which will be shared by everyone in the vehicle using a Point-to-Point Protocol (PPP) wireless network. The mobility support properly handles the IP change (users may even change to a different kind of network such as from Universal Mobile Telecommunications System (UMTS) to Worldwide Interoperability for Microwave Access (WiMAX) without using an MIP, and without incurring tunnel-re-establishment at handoff. The novel solution achieves better security than current mobility solutions for VPN, and supports fast handoff in IPv4 networks.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aboba, B., & Dixon, W. (2004). IPsec-network address translation (NAT) compatibility requirements, RFC3715.
Berioli M., Trtta F. (2003) IP mobility support for IPsec-based virtual private networks: An architectural solution. Global Telecommunications Conference 3: 1532–1536
Carmouche J. H. (2007) IPsec virtual private network fundamentals. Cisco Press, Indianapolis
Comer D. E. (2000) Internetworking with TCP/IP: Principles, protocols, and architecture. Prentice-Hall, London
Comstock, D. R., Solna. (2002). Mobile terminating l2tp using mobile IP data. US Patent 6452920.
Dierks, T., & Rescorla, E. (2008). The transport layer security (TLS) protocol, RFC 5246.
Doraswamy N., Harkins D. (2003) IPSec: The new security standard for the internet, intranets, and virtual private networks. Prentice-Hall, London
Errata, K. S. (2005). IP encapsulating security payload, RFC 4303.
Feilner M. (2006) OpenVPN: Building and integrating virtual private networks. Birmingham, Packt
Fonsell, E. (2003). Security in IP mobility solutions. HUT. report, Seminar on Internetworking.
FreeBSD The Power To Serve. (2008). FreeBSD official website. Accessed January 2008, from http://www.freebsd.org/.
Hamzel, K., Pall, G., Verthein, W., Taarud, J., Little, W., & Zorn, G. (1999). Point-to-point tunneling protocol (PPTP), RFC 2637.
Jim, B., & Srinivasan, S. (2003). Simple mobility support for IPsec tunnel mode. Vehicular Technology Conference, 3.
Johnson, D., Perkins, C., & Arkko, J. (2004). IP mobility support for IPv6, RFC 3775.
Kaufman, C. (Ed.) (2005). Internet key exchange (IKEv2) protocol, RFC 4306.
Kempf J., Arkko J., Nikander P. (2004) Mobile IPv6 security. Wireless personal communications. Springer, The Netherlands
Kent, S. (2005). IP authentication header, RFC 4302.
Li Q., Jinmei T., Shima K. (2007) IPv6 advanced protocols implementation. Elsevier, Oxford
Loshin P. (2003) IPv6: Theory, protocol, and practice (2nd ed.). Elsevier, United States of America
Maughan, D., Schertler, M., Schneider, M., & Turner, J. (1998). Internet security association and key management protocol (ISAKMP), RFC 2408.
MPD. (2009). MPD project from sourceforge. Accessed June 21, 2009, from http://mpd.sourceforge.net/.
OpenSSL. (2008). OpenSSL project website. Accessed October 8, 2008, from http://www.openssl.org.
Patel, B., Aboba, B., Dixon, W., Zorn, G., & Booth, S. (2001). Securing L2TP using IPsec, RFC 3193.
Perkins, C. (1996). Minimal encapsulation within IP, RFC 2004.
Perkins, C. (2002). IP mobility support for IPv4, RFC 3344.
PPTP. (2009). Wikipedia website. Accessed June 20, 2009, from http://en.wikipedia.org/wiki/PPTP.
Prasad A. R., Prasad N. R. (2005) 802.11 WLANs and IP networking: Security, QoS and mobility. Artech House, Boston
Racoon2. (2009). Racoon2 website. Accessed June 21, 2009, from http://www.racoon2.wide.ad.jp/w/.
Rigney, C., Willens Livingston, S., Rubens, M. A., & Simpson Daydreamer, W. (2000). Remote authentication dial in user service (RADIUS), RFC 2865.
Simpson, W. (1996). PPP challenge handshake authentication protocol (CHAP), RFC 1994.
Thayer, R., Doraswamy, N., & Glenn, R. (1998). IP security document roadmap, RFC 2411.
Townsley, W., Valencia, A., Rubens, A., Pall, G., Zorn, G., & Palter, B. (1999). Layer two tunneling protocol (L2TP), RFC 2661.