Abstract
In future wireless networks, mobility-related services, such as candidate access router discovery (CARD), will play a significant role in realizing truly ubiquitous, seamless connectivity. In order for these services to be realized, however, their particular security concerns must be addressed. Moreover, the security solution must be flexible and highly configurable in order to meet the demands of inter-domain roaming agreements. In this paper, we explore a number of alternatives and present a general architecture, iARSec, that provides both authentication as well as explicit authorization for services running between neighboring access routers.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
S. Tabbane, “Location Management Methods for Third-Generation Mobile Systems”, IEEE Communications Magazine, Vol. 35, No. 8, pp. 72–8, 83–4, 1997.
I. Aky`ýld`ýz, J. McNair, J. Ho, H. Usunalio¢glu and W. Wang, “Mobility Management in Current and Future Communications Networks”, IEEE Network, Vol. 12, No. 4, pp. 39–49, 1998.
S.E. Deering and R. Hinden, “Internet Protocol, Version 6 (IPv6) Specification”, RFC 2460, Internet Engineering Task Force, 1998.
J. Saltzer, D. Reed and D. Clark, “End-to-end Arguments in System Design”, ACMTransactions on Computer Systems, Vol. 2, No. 4, pp. 277–88, 1984.
C. Perkins, “Mobile IP”, IEEE Communications, Vol. 35, No. 5, pp. 84–99, 1997.
R. C´aceres and V. Padmanabhan, “Fast and Scalable Wireless Handoffs in Support of Mobile Internet Audio”, Mobile Networks and Applications, Vol. 3, No. 4, pp. 351–63, 1998.
R. Koodli and C. Perkins, “Fast Handovers and Context Transfers in Mobile Networks”, ACM Computer Communication Review, Vol. 31, No. 5, pp. 33–47, 2001.
R. Koodli (ed.), “Fast Handovers for Mobile IPv6”, Technical Report draft-ietf-mobileip-fast-mipv6-*.txt, Internet Engineering Task Force, 2002.
M. Liebsch and A. Singh (ed.), “Candidate Access Router Discovery”, Technical Report draft-ietf-seamoby-card-protocol-*.txt, Internet Engineering Tas Force, 2003.
J. Kempf (ed.), “Problem Description: Reasons for Performing Context Transfers between Nodes in an IP Access Network”, Informational RFC 3374, Internet Engineering Task Force, 2002.
W. Stallings, “Network Security Essentials: Applications and Standards”, Upper Saddle River, NJ: Prentice Hall, 1999.
D. Trossen, G. Krishnamurthi, H. Chaskar, R. Chalmers and E. Shim, “A Dynamic Protocol for Candidate Access-Router Discovery”, Technical Report draft-trossen-seamoby-dycard-*.txt, Internet Engineering Task Force, 2002.
I. Aky`ýld`ýz and J. Ho, “On Location Management for Personal Communications Networks”, IEEE Communications Magazine, Vol. 34, No. 9, pp. 138–145, 1996.
P. Calhoun, J. Loughney, E. Guttman, G. Zorn and J. Arkko, “Diameter Base Protocol”, RFC 3588, Internet Engineering Task Force, 2003.
C. Metz, “AAA Protocols: Authentication, Authorization, and Accounting for the Internet”, IEEE Internet Computing, Vol. 3, No. 6, pp. 75–9, 1999.
C. Perkins, “Mobile IP Joins Force with AAA”, IEEE Personal Communications, Vol. 7, No. 4, pp. 59–61, 2000.
D. Hasan, S. Singh, M. Zander, J. Kulbach and S.B. J¨ahnert, “The Design of an Extended AAAC Architecture”, In: Proceedings of IST Mobile and Wireless Telecommunications Summit, Thessaloniki, Greece, 2002.
W. Diffie and M. Hellman, “New Directions in Cryptography”, IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644–54, 1976.
D. Harkins and D. Carrel, “The Internet Key Exchange (IKE)”, RFC 2409, Internet Engineering Task Force, 1998.
C. Kaufman (ed.), “Internet Key Exchange (IKEv2) Protocol”, Technical Report draft-ietf-ipsec-ikev2-*.txt, Internet Engineering Task Force, 2004.
W. Aiello, S. Bellovin, M. Blaze, R. Canetti, J. Ioannidis, A. Keromytis and O. Reingold, “Efficient, DoS-Resistent, Secure Key Exchange for Internet Protocols”, In: Proceedings of Conference on Computer and Communications Security (CCS'02),Washington DC, USA, 2002.
E. Shim, J.P. Redlich and R. Gitlin, “Secure Candidate Access Router Discovery”, In: Proceedings of IEEE Wireless Communications and Networking Conference (WCNC'03),New Orleans, LA, USA, 2003.
Open Diameter, “Open Diameter Library”, Open Diameter Project, http://www.opendiameter.org, 2003.
FreeS/Wan, “Linux FreeS/Wan”, FreeS/Wan Project, http://www.freeswan.org, 2003.
B. Aboba and M. Beadles, “The Network Access Identifier”, RFC 2486, Internet Engineering Task Force, 1999.
D. Johnson, C. Perkins and J. Arkko, “Mobility Support in IPv6”, Technical Report draft-ietf-mobileip-ipv6-*.txt, Internet Engineering Task Force, 2003.
R.H. Katz, “Adaptation and Mobility in Wireless Information Systems”, IEEE Personal Communications, Vol. 1, No. 1, pp. 6–17, 1994.
P.S. Henry and H. Luo, “WiFi: What 's Next”, IEEE Communications Magazine, Vol. 40, No. 12, pp. 66–72, 2002.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Chalmers, R.C., Almeroth, K.C. A Security Architecture for Mobility-Related Services. Wireless Personal Communications 29, 247–261 (2004). https://doi.org/10.1023/B:WIRE.0000047073.45752.12
Issue Date:
DOI: https://doi.org/10.1023/B:WIRE.0000047073.45752.12