Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

Published byGretchen Sleeper Modified over 9 years ago

Similar presentations

Presentation on theme: "Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen."— Presentation transcript:

1 Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen

2 Outline Introduction AAA-enabled Mobile IP Architecture Forming an AAA-enabled Roaming Alliance U-Mobile Token Conclusion Future Work

3 1. Introduction Three issues are raised in such a communication environment All IP-based roaming environment Security and Accounting management for mobile Internet AAA will incur extra delay when handoff occur Our design goal To provide fast and secure roaming service across multiple service domain Mobile user carry a U-Mobile Token

4 2. AAA-enabled Mobile IP Architecture Mobile IP and AAA

5 A simple AAA+ Mobile IP Protocol (1)

6 A simple AAA+ Mobile IP Protocol (2) AAA framework need to establish two security relationship in advance Between MN and Home AAA Between Foreign AAA and Home AAA

7 3. Forming an AAA-enabled Roaming Roaming alliance is pre-configured to share administratively created security associations Roaming alliance have two actors Master domain Creator of the alliance Alliance membership management Member domain Master invite to join the alliance

8 Two phases to join roaming alliance

9 4. Alliance U-Mobile Token MN will get the authentication package from its home AAA U-Mobile token U-Mobile token has three tasks Authentication of the issuing party Authentication of the token holder Integrity check

10 U-Mobile Token Two security mechanisms are proposed Alliance key pair Alliance service key

11 Alliance key pair Master domain contains three parameters Alliance public key Yalliance Diffie-Hellman q ( a very large prime number) α( a primitive root of q) Master is responsible for rekeying after member join or leave

12 Alliance Service key Mobile User get the fast roaming authentication package X alliance and q and α AAA server determines a random integer X AAA as private key and Y AAA as public key send Y AAA out in the route advertisement message In the AAA server side K allianceSvckey = (Y alliance )X AAA mod q In the Mobile User side K allianceSvckey = (Y AAA )X alliance mod q

13 U-Mobile Token content design userID, serviceClass,homeDomainID,{userID} homedomai nKey, {serviceClass, servieLifeTime, alliancePrivateKey,allianceSvcIndex} userPrivateK ey } allianceSvcKey U-Mobile Token = (roamAllianceID, Y AAA, homeDomainID, nonce, {userID, serviceClass,homeDomainID,{userID} homedomai nKey, {serviceClass, servieLifeTime, alliancePrivateKey,allianceSvcIndex} userPrivateK ey } allianceSvcKey )

14 Fast Roaming Authentication

15 The alliance key pair update and distribution structure

16 How to distribute alliance private key to mobile nodes MN’s alliance private key is out of date, when first time to login service AAAF forward the token to MN’s AAAH for update MN periodically send an alliance private key update request to AAAH AAA server keep a window of the valid alliance key pair

17 Conclusions We proposed a service model called universal roaming service Mobile users belonging to different service operators can fast and securely access network resource with U-Mobile token U-Mobile token successfully achieves the authentication of the AAA server(AAAF,AAAH) and token holder(MN)

18 6. Future Works Simulation

Download ppt "Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen."

Similar presentations

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.
Secure Mobile IP Communication

Secure Mobile IP Communication
INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.

INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
IDMP-based Fast Handoffs and Paging in IP-based Cellular Networks IEEE 3G Wireless Conference, 2001 李威廷 11/22/2001 Telcordia.

IDMP-based Fast Handoffs and Paging in IP-based Cellular Networks IEEE 3G Wireless Conference, 2001 李威廷 11/22/2001 Telcordia.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.
Non-interactive key establishment in mobile ad hoc networks ► Li, Zhenjiang; Garcia-Luna-Aceves, J.J. ► Ad Hoc Networks Volume: 5, Issue: 7, September,

Non-interactive key establishment in mobile ad hoc networks ► Li, Zhenjiang; Garcia-Luna-Aceves, J.J. ► Ad Hoc Networks Volume: 5, Issue: 7, September,
All-IP distributed (proxy) control model architecture Henrik Basilier, Ericsson ALLIP-20000717-011__ERI_distributed_CM.

All-IP distributed (proxy) control model architecture Henrik Basilier, Ericsson ALLIP __ERI_distributed_CM.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Authorization of a QoS path based on Generic AAA SC2002 Baltimore NOV 16-22 Bas van Oudenaarde Advanced Internet Research Group University of Amsterdam.

Authorization of a QoS path based on Generic AAA SC2002 Baltimore NOV Bas van Oudenaarde Advanced Internet Research Group University of Amsterdam.
A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003

A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.

Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.
An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.

An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Similar presentations

Ads by Google