DualMAC: A soft handoff mechanism for real-time communications in secured WLANs

Abstract

WLAN has been widely deployed over public and private areas in recent years and has become one of the most popular access technologies for mobile Internet services. Handoffs between WLAN access points (APs) that introduce packet loss and delay during a network session is one of the critical issues for real-time communication services. Unfortunately, most of the previous studies in reducing handoff latency and packet loss in WLANs rely on WLAN infrastructure upgrades, and those solutions suffer from deployment problems in the well-established WLAN hotspots. In this work, a pure station (STA)-side approach which only requires the firmware or software upgrade on WLAN STAs without the enhancements of the WLAN standards and infrastructures is presented. The proposed mechanism developed from a time division duplex concept maintains both connections with the serving and target AP simultaneously using two different medium access control (MAC) addresses. Thus, an STA can perform WLAN association, authentication, security key handshake procedures with the target AP, or further acquires an IP address in a new subnet while transmitting and receiving real-time packets through the serving AP at the same time. Simulation results demonstrate that seamless handoffs for real-time communications in secured WLANs can be easily achieved by the proposed mechanism.

Introduction

The IEEE 802.11 WLAN that has been widely deployed over public and private areas in recent years is considered to be one of the most popular access technologies for mobile Internet services. WLAN handoff that involves a number of link-layer and/or network-layer procedures and introduces packet delay and loss is one of the critical issues for mobile Internet applications and services. In secured WLANs that enable the access control and link-layer encryption, handoff delays further increase since a station (STA) has to negotiate the security context and encryption keys with the target AP after a handoff. The packet delay and loss due to handoffs in secured WLANs may not be acceptable for real-time communications such as voice over IP (VoIP) over WLAN (VoWLAN).

Mishra et al. [1] investigated the latency of a WLAN handoff in a network without the access control and link-layer encryption, and indicated that channel probe contributes a significant portion of the handoff delay. They thus suggested a mobile STA to remember the visited APs and to construct a neighbor relationship graph of these APs. Hence, an STA knows the information of neighboring channels, and can avoid unnecessary scans during a handoff. The scan delay is thus minimized [3]. WLAN scan mechanisms that measure the strength of signals from APs and decide an AP to handoff can be categorized into active and passive scan. For an active scan, an STA actively sends a Probe Request message to a WLAN channel and waits for Probe Response messages from APs. On the other hand, an STA listens passively to beacon messages from APs for a passive scan. Experiments indicate that an STA may spend up to several hundred milliseconds for an active scan of all channels [1]. A complete scan of all channels introduces considerable delay and service disruption for a real-time communication. Ramani et al. [8] thus proposed a new passive scan mechanism, called the SyncScan, which assumes STAs to have timing information of beacons from APs. According to the SyncScan strategy, an STA switches to a specific channel in a proper time interval to listen passively to a beacon from an AP, switches back to the original channel and then resumes packet exchanges with the serving AP. Hence, the scan procedure can be performed without introducing too much packet loss and delay for real-time communications over WLANs.

For WLANs whose access control mechanism such as the IEEE 802.1x and link-layer encryption function such as the IEEE 802.11i are enabled, the authentication and key exchange procedures between an STA and the target AP introduce further delays during a handoff [4], [5]. Mishra et al. [5] applied their neighbor graph concept to implement a proactive key distribution method in secured WLANs. According to the proactive key distribution mechanism, a full IEEE 802.1x authentication with the target AP could be avoided. Moreover, the conventional four-way handshake defined in the IEEE 802.11i for establishing a security key between an AP and STA can be simplified as a two-way handshake. This idea is also adopted in the newly established 802.11 working group, the IEEE 802.11r, for fast base-station switching [10]. The neighbor graph concept can be further employed to pre-assign network resources such as IP address for a network-layer handoff. Then, an STA can acquire an IP address in a new subnet before a handoff so that the handoff delay is reduced [6], [7]. Unfortunately, previous solutions either need all APs and STAs to upgrade to support new protocols, such as the IEEE 802.11k and 802.11r [10], [11], which are still not yet settled or require infrastructure enhancements, and the solutions suffer from deployment problems over the well-established WLAN hotspots. In this work, a pure station (STA)-site approach that only requires the software/firmware enhancement on WLAN STAs without modifying the IEEE standards and WLAN infrastructures is presented. The proposed mechanism, called DualMAC, is developed from a time division duplex concept, and maintains connections with the serving and target AP simultaneously using two medium access control (MAC) addresses. Then, an STA can perform WLAN authentication and association, establish encryption keys with the target AP before disassociating with the serving AP. Thus, a soft handoff between WLAN APs can be achieved and the service disruption time for a real-time communication during a handoff in secured WLANs can be minimized.

Brik et al. [9] proposed a new mechanism called MultiScan which suggests an STA to install two radio interfaces. Therefore, the STA can perform WLAN scan by using the secondary radio interface without influencing the communications with the serving AP. This approach can eliminate the scan and handoff latencies but requires the installation of an additional WLAN interface which is more expensive. To use only one radio interface and time division duplex concept to connect to two different WLAN networks is first presented in the MultiNet [2]. The MultiNet implements a middleware in-between MAC and network layer on a mobile STA to emulate multiple WLAN interfaces. The main goal of the MultiNet is to join several different networks such as an infrastructure and ad hoc network at the same time to extend network coverage. The purposes of the proposed DualMAC that considers a handoff problem and reduces the packet loss and service disruption time for a real-time communication over a secured WLAN infrastructure are different from the MultiNet. Our approach only needs to configure two MAC addresses in a WLAN driver or firmware in order to produce MAC frames with different MAC addresses to communicate with serving and target AP.

The rest of the paper is organized as follows. Section 2 describes the system architecture and delays under different handoff scenarios. Section 3 presents the proposed DualMAC approach. Section 4 provides and discusses the simulation results and finally Section 5 concludes this study.