Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

Slides:

Advertisements

Similar presentations

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Advertisements

Secure Mobile IP Communication

INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.

AUTHENTICATION AND KEY DISTRIBUTION

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

IDMP-based Fast Handoffs and Paging in IP-based Cellular Networks IEEE 3G Wireless Conference, 2001 李威廷 11/22/2001 Telcordia.

A Survey of Key Management for Secure Group Communications Celia Li.

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授：童曉儒教授學生：許益晨 IEEE TRANSACTIONS.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

Non-interactive key establishment in mobile ad hoc networks ► Li, Zhenjiang; Garcia-Luna-Aceves, J.J. ► Ad Hoc Networks Volume: 5, Issue: 7, September,

All-IP distributed (proxy) control model architecture Henrik Basilier, Ericsson ALLIP __ERI_distributed_CM.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.

Authorization of a QoS path based on Generic AAA SC2002 Baltimore NOV Bas van Oudenaarde Advanced Internet Research Group University of Amsterdam.

A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.

An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

1 An Overlay Scheme for Streaming Media Distribution Using Minimum Spanning Tree Properties Journal of Internet Technology Volume 5(2004) No.4 Reporter.

Computer Science Public Key Management Lecture 5.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Study of the Relationship between Peer to Peer Systems and IP Multicasting From IEEE Communication Magazine January 2003 學號 :M 姓名 : 邱秀純.

Multimedia Broadcast/Multicast Service (MBMS)

1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.

Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.

An Integrated QoS, Security and Mobility Framework for Delivering Ubiquitous Services Across All IP-based Networks Haitham Cruickshank University of Surrey.

1 © 1999, Cisco Systems, Inc. AAA/Mobile IP For 3G CDMA Systems Gopal Dommety and Allen Long.

VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.

1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

NTT 2005 © 1 AAA Framework for Multicasting draft-satou-multiaaa-framework-00.txt November 9th, 2005 Hiroaki Satou Hiroshi.

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.

Fast Handoff for Seamless wireless mesh Networks Yair Amir, Clauiu Danilov, Michael Hilsdale Mobisys’ Jeon, Seung-woo.

MOBILE IP GROUP NAME: CLUSTER SEMINAR PRESENTED BY : SEMINAR PRESENTED BY : SANTOSH THOMAS SANTOSH THOMAS STUDENT NO: STUDENT NO:

1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le.

IPSEC : KEY MANAGEMENT PRESENTATION BY: SNEHA A MITTAL(121427)

Security Protection on Trust Delegated Medical Data in Public Mobile Networks Dasun Weerasinghe, Muttukrishnan Rajarajan and Veselin Rakocevic Mobile Networks.

AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.

輔大資工所在職研一報告人：林煥銘學號： Public Access Mobility LAN: Extending The Wireless Internet into The LAN Environment Jun Li, Stephen B. Weinstein, Junbiao.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

1 A VPN based approach to secure WLAN access John Floroiu

Global Roaming in Next-Generation Networks Theodore B. Zahariadis, Konstantinos G. Vaxevanakis, Christos P. Tsantilas, and Nikolaos A. Zervos Ellemedia.

August 2, 2005draft-vidya-mipshop-fast-handover-aaa-00 Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-00.txt) Vidya Narayanan Narayanan.

Problem Scope Objective To demonstrate/determine clearly the need for an edge protocol that allows a user to interact with an agent in the network for.

Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks Haitham Cruickshank University of Surrey workshop on Ubiquitous.

1 © NOKIA FILENAMs.PPT/ DATE / NN AAA-SIP Requirements Current draft: draft-loughney-sip-aaa-req-00.txt draft-calhoun-sip-aaa-reqs-04.txt may not be updated.

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

Cooperation between stations in wireless networks Andrea G. Forte, Henning Schulzrinne Department of Computer Science, Columbia University Presented by:

Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.

An Efficient Quorum-based Fault- Tolerant Approach for Mobility Agents in Wireless Mobile Networks Yeong-Sheng Chen Chien-Hsun Chen Hua-Yin Fang Department.

Routing Information Protocol

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

Mobile IP 순천향대학교 전산학과 문종식

DMAP: integrated mobility and service management in mobile IPv6 systems Authors: Ing-Ray Chen Weiping He Baoshan Gu Presenters: Chia-Shen Lee Xiaochen.

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

A Secure Routing Protocol with Intrusion Detection for Clustering Wireless Sensor Networks International Forum on Information Technology and Applications.

Mobile IP Aamir Sohail NGN MS(TN) IQRA UNIVERSITY ISLAMABAD.

MIPv4-Diameter Update Tom Hiller Lucent Technologies.

Zueyong Zhu† and J. William Atwood‡

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

for IP Mobility Protocols

Application Layer Mobility Management Scheme for Wireless Internet

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

AAA: A Survey and a Policy- Based Architecture and Framework

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen

Outline Introduction AAA-enabled Mobile IP Architecture Forming an AAA-enabled Roaming Alliance U-Mobile Token Conclusion Future Work

1. Introduction Three issues are raised in such a communication environment All IP-based roaming environment Security and Accounting management for mobile Internet AAA will incur extra delay when handoff occur Our design goal To provide fast and secure roaming service across multiple service domain Mobile user carry a U-Mobile Token

2. AAA-enabled Mobile IP Architecture Mobile IP and AAA

A simple AAA+ Mobile IP Protocol (1)

A simple AAA+ Mobile IP Protocol (2) AAA framework need to establish two security relationship in advance Between MN and Home AAA Between Foreign AAA and Home AAA

3. Forming an AAA-enabled Roaming Roaming alliance is pre-configured to share administratively created security associations Roaming alliance have two actors Master domain Creator of the alliance Alliance membership management Member domain Master invite to join the alliance

Two phases to join roaming alliance

4. Alliance U-Mobile Token MN will get the authentication package from its home AAA U-Mobile token U-Mobile token has three tasks Authentication of the issuing party Authentication of the token holder Integrity check

U-Mobile Token Two security mechanisms are proposed Alliance key pair Alliance service key

Alliance key pair Master domain contains three parameters Alliance public key Yalliance Diffie-Hellman q ( a very large prime number) α( a primitive root of q) Master is responsible for rekeying after member join or leave

Alliance Service key Mobile User get the fast roaming authentication package X alliance and q and α AAA server determines a random integer X AAA as private key and Y AAA as public key send Y AAA out in the route advertisement message In the AAA server side K allianceSvckey = (Y alliance )X AAA mod q In the Mobile User side K allianceSvckey = (Y AAA )X alliance mod q

U-Mobile Token content design userID, serviceClass,homeDomainID,{userID} homedomai nKey, {serviceClass, servieLifeTime, alliancePrivateKey,allianceSvcIndex} userPrivateK ey } allianceSvcKey U-Mobile Token = (roamAllianceID, Y AAA, homeDomainID, nonce, {userID, serviceClass,homeDomainID,{userID} homedomai nKey, {serviceClass, servieLifeTime, alliancePrivateKey,allianceSvcIndex} userPrivateK ey } allianceSvcKey )

Fast Roaming Authentication

The alliance key pair update and distribution structure

How to distribute alliance private key to mobile nodes MN’s alliance private key is out of date, when first time to login service AAAF forward the token to MN’s AAAH for update MN periodically send an alliance private key update request to AAAH AAA server keep a window of the valid alliance key pair

Conclusions We proposed a service model called universal roaming service Mobile users belonging to different service operators can fast and securely access network resource with U-Mobile token U-Mobile token successfully achieves the authentication of the AAA server(AAAF,AAAH) and token holder(MN)

6. Future Works Simulation