Abstract
Wireless communications have developed rapidly and have been applied for many services. Cellular (the third-generation) mobile networks and wireless local area network (WLAN) are two important technologies for providing wireless communications. The third-generation (3G) networks provide wider service areas, and “always-o” and ubiquitous connectivity with low-speed data rate. WLAN networks offer higher data rate and the easy compatibility of wired Internet, but cover smaller areas. In fact, 3G and WLAN possess complementary properties. Integrating 3G and WLAN networks may offer subscribers high-speed wireless data services and ubiquitous connectivity. For integrating two heterogeneous networks, several issues should be involved, authentication, billing, quality of service, and seamless roaming between 3G and WLAN networks. In this paper, we address the authentication and billing problems and propose two protocols that provide both authentication and billing services. One protocol utilizes a one-time password approach to authenticate subscribers. This protocol is efficient in both computation time and authentication procedures. Because of the restrictions of the password-based approach, this protocol could not offer the non-repudiation property for the billing problem. Another protocol is constructed on a public-key-based system (i.e., certificates). Although it requires more computation time than the password-based approach, non-repudiation is guaranteed. Performance analysis simulation results are given to validate our two protocols.
Similar content being viewed by others
References
International Telecommunication Union (ITU), http://www.itu.int/home/imt.html.
General Packet Radio Services (GPRS) Service Description (Stage 2), ETSI TS 122 060, 2002.
Wireless IP Network Standard, 3GPP2 P.S0001-A-1, 2000.
Wireless LAN media access control (MAC) and physical layer (PHY) specifications, ANSI/IEEE Std. 802.11: 1999 (E) Part 11, ISO/IEC 8802-11, 1999.
J. Ala-Laurila, J. Mikkonen and J. Rinnemaa, “Wireless LANaccess network architecture for mobile operators”, IEEE Communications Magazine, 39(11): 82–89, November 2001.
M. Buddhikot, G. Chandrannmenon, S. Han, Y.W. Lee, S. Miller and L. Salgarelli, “Integration of 802.11 and Third-Generation Wireless Data Networks”, IEEE INFOCOM 2003, Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies,Vol. 1, pp. 503–512, 2003.
H. Luo, Z. Jiang, B. J. Kim, N.K. Shankaranarayanan and P. Henry, “Integrating Wireless LAN and Cellular Data for the Enterprise”, IEEE Internet Computing, Vol. 7, No. 2, pp. 25–33, 2003.
R. Cohen and G. Kaempfer, On the Cost of Virtual Private Networks, IEEE/ACM Transactions on Networking, Vol. 8, No. 6, pp. 775–784, 2000.
R. Venkateswaran, “Virtual Private Networks”, IEEE Potentials,Vol. 20, No. 1, pp. 11–15, 2001.
J. Hill, “An Analysis of the RADIUS Authentication Protocol”, Retrieved from http://www.untruth.org/~josh/security/radius/radius-auth.html, 2001.
A. Stubblefield, J. Ioannidis and A. D. Rubin, “Using the Fluhrer, Mantin, and Shamir Attack to Break WEP”, AT&T Labs Technical Report TD-4ZCPZZ, 2001.
S. Putz, and R. Schmitz, “Secure Interoperation Between 2G and 3G Mobile Radio Networks”, in Proceedings of First International Conference on 3G Mobile Communication Technologies, pp. 28–32, 27–29 March 2000.
3GPP Technical Specification Group Services and System Aspects; 3G Security; Security architecture (Release 6), 3GPP TS 33.102 Version 6.0.0, September 2003.
3GPP Technical Specification Group Services and System Aspects; 3G Security; Wireless Local Area Network (WLAN) Interworking Security (Release 6), 3GPP TS 33.234 V1.0.0, Dec 2003.
C.F. Grecas, S.I. Maniatis and I.S. Venieris, “Introduction of the Asymmetric Cryptography in GSM, GPRS, UMTS, and Its Public Key Infrastructure Integration”, Mobile Networks and Applications,Vol. 8, No. 2, pp. 145–150, 2003.
A.J. Menezes, P.C. van Oorscot and S.A. Vanstone, “Handbook of Applied Cryptography”, Boca Raton, FL: CRC Press, 1997.
Advanced Encryption Standard (AES), http://csrc.nist.gov/CryptoToolkit/aes/, 2001. Advanced Security for Personal Communication Technologies (ASPeCT), http://www.esat.kuleuven.ac.be/ cosic/aspect/aspect.html, 1998.
B.R. Lee, K.A. Chang and T.Y. Kim, “Temporary Mobile User Certificate for Mobile Information Services in UMTS”, IEICE transactions on Communications,Vol. E83-B, No. 8, pp. 1880–1886, August 2000.
Mobile Execution Environment (MExE) service description; Stage 1, 3GPP TS 22.057 Version 5.4.0, July 2002.
Local and metropolitan area networks: Port-based network access control, IEEE Std. 802.1X, 2001.
C. Rigney, S. Willens, A. Rubens and W. Simpson, “Remote Authentication Dial in User Service (RADIUS)”, IETF RFC 2865, June 2000.
L. Blunk and J. Vollbrecht, “PPP Extensible Authentication Protocol (EAP)”, IETF RFC 2284, March 1998.
B. Aboba, and D. Simon, “PPP EAP TLS Authentication Protocol”, IETF RFC 2716, October 1999.
P. Funk and S.B. Wilson, “EAP Tunneled TLS Authentication Protocol”, IETF draft-ietf-pppext-eap-ttls-02, November 2002.
H. Andersson, S. Josefsson, G. Zorn, D. Simon and A. Palekar, “Protected EAP Protocol (PEAP)”, IETF draft-josefsson-pppext-eap-tls-eap-02, February 2002.
H. Haverinen and J. Salowey, “EAP SIM Authentication”, IETF Draft-haverinen-pppext-eap-sim-12, October 2003.
J. Arkko and H. Haverinen. “EAP AKA Authentication”, IETF draft-arkko-pppext-eap-aka-11, October 2003.
de C. Laat, G. Gross, L. Gommans and J. Vollbrecht and D. Spence, “Generic AAA Architecture”, IETF RFC 2903, August 2000.
Y.M. Tseng, J.K. Jan and H.Y. Chien, “On the Security Methods for Protecting Password Transmission”, Informatica,Vol. 12, No. 3, pp. 469–476, 2001.
Y.M. Tseng, “Robust Generalized MQV Key Agreement Protocol Without Using One-way Hash Functions”, Computer Standards & Interfaces,Vol. 24, No. 3, pp. 241–246, 2002.
K. Shim, “Cryptanalysis of Mutual Authentication and Key Exchange for Low Power Wireless Communications”, IEEE Communications Letters, Vol. 7, No. 5, pp. 248–250, May 2003.
L. Lamport, “Password Authentication with Insecure Communication”, Communication of ACM, Vol. 24, No. 11, pp. 770–772, 1981.
H.Y. Lin and L. Harn, “Authentication Protocols with Nonrepudiation Services in Personal Communication Systems”, IEEE Communications Letters,Vol. 3, No. 8, pp. 236–238, 1999.
Charging and billing: 3G call and event data for the Packet Switched (PS) domain, ETSI TS 32.015, 2001.
W.A. Arbaugh, N. Shankar and Y.C.J. Wan, “Your 802.11 Wireless Network Has No Clothes”, IEEE Wireless Communications,Vol. 9, No. 6, pp. 44–51, 2002.
Sun Microsystems, http://java.sun.com Telecommunications and information exchange between systems-Local and metropolitan area networks-Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications: Medium Access Method (MAC) Security Enhancements, IEEE P802.11i/D3.0, http://standards.ieee.org/reading/ieee/std/lanman/drafts/P802.11i.pdf.
M.L. Brereton, “Ewe Virtual Machine”, Retrieved from http://www.ewesoft.com/
H. Dobbertin, “The status of MD5 after a Recent Attack”, CryptoBytes, Vol. 2, No. 2, pp. 1–6, 1996.
The Digital Signature Standard (DSA) proposed by NIST, Communication of ACM, vol. 35, No. 7, pp. 36–40, 1992.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Tseng, YM., Yang, CC. & Su, JH. Authentication and Billing Protocols for the Integration of WLAN and 3G Networks. Wireless Personal Communications 29, 351–366 (2004). https://doi.org/10.1023/B:WIRE.0000047070.38334.5e
Issue Date:
DOI: https://doi.org/10.1023/B:WIRE.0000047070.38334.5e