University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Security mechanisms for next generation mobile IP networks.

Sheng, Yingli. (2011) Security mechanisms for next generation mobile IP networks. Doctoral thesis, University of Surrey (United Kingdom)..

Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (37MB) | Preview


With the advent of various access technologies and increasing number of applications, a set of challenges concerning efficient delivery of ubiquitous services to heterogeneous users and devices have been posed. Mobile IP protocol can be used to enable roaming across different access technologies. One of the important challenges in Mobile IP is security. The service delivery should be secured and efficient, which implicates that security should be integrated with mobility management (MM), Quality-of-Service (QoS) to minimise the negative impact of security mechanisms. It is proposed in the thesis an architectural framework, which uses Hierarchical Mobile IPv6 (HMIPv6) protocols interworking with Authentication, Authorization, Accounting (AAA) framework. The concept of Enhanced Node (EN) is introduced in the framework. The EN is empowered with intelligence to integrate security, MM and QoS. The focal point of the work is to address security challenges based on the framework and to evaluate the impact of security mechanisms on the mobile networks in terms of extra signalling load introduced. Three security mechanisms are proposed in the thesis, according to the handover domains. For handover across two access networks, an enhanced AAA solution is proposed to provide the mobile node authenticated network access. It establishes keys between serving access network and target access network for the purpose of securing context transfer. Also keys are established between mobile node and the target access network for future use after mobile node (MN) roams to the target access network. For micro-mobility handover within one EN domain, an enhanced key management scheme is proposed to generate a bunch of handover keys for all of the access routers (AR) within one EN domain instead of generating key every single time the mobile node changes the AR in the previous mechanism. The enhanced key management scheme reduces the handover disruption time introduced by security. For fast handovers within one EN domain (micro-mobility handover) and across EN domains (macro-mobility handover), the security mechanism is proposed to secure the fast handover between ARs/enhanced nodes. The fast handover key is established between previous AR/EN and new AR/EN, thus, the fast handover registration messages between ARs/ENs can be secured. More importantly, the context transfer messages between previous EN and new EN for the purpose of prompting "smooth handover", can be protected using the fast handover keys. The performance of three proposed solutions is evaluated using analytical models. Signalling cost is the main parameter to be evaluated. Discussions on advantage and disadvantage of each proposed mechanisms are also provided at the end of chapter 4, 5 and 6 respectively.

Item Type: Thesis (Doctoral)
Divisions : Theses
Authors :
Date : 2011
Contributors :
Depositing User : EPrints Services
Date Deposited : 09 Nov 2017 12:14
Last Modified : 15 Mar 2018 20:45

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800