Skip to Main content Skip to Navigation

An authentication architecture for cross-domain mobility

Hahnsang Kim 1
1 PLANETE - Protocols and applications for the Internet
Inria Grenoble - Rhône-Alpes, CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : The rapid growth of wireless device technologies is enabling seamless mobility, but there are still major concerns related to the performance of security. The handoff performance correlates with inter-wireless link switch latency and network layer latency, with security being required at both levels. Authentication latency has a significant impact, especially on the link switch phase, in the case of cross-domain mobility because of the requirement of remote contact with a home authentication server. Providing a solution to minimize the latency impact without degrading the level of security is a major challenge. In this thesis, we propose a high-performance authentication architecture to tackle the latency problem in fast inter-domain handoffs. The architecture consists of three contributions. First, we present a decentralized authentication scheme by introducing a ‘deputy' agent in control of a group of access points. The collaborating deputy agents considerably reduce long-distance traffic of authentication messages. Then, we propose a mobility-adjusted authentication protocol (MAP) dedicated to cross-domain handoffs, cooperating with the deputy agents. The protocol leverages the concept of ‘security context' to achieve minimum handshakes so that one can significantly reduce the authentication latency. Finally, we design a security context router (SCR) that extends the deputy agent to manage security contexts. The SCR realizes seamless cross-domain mobility with the predictive forwarding of security context that is characterized by approximate pattern matching and statistical estimation. The contributions made by this thesis have transparently led to significant improvements in the performance of handoff processes without compromising high-level security.
Complete list of metadatas

Cited literature [60 references]  Display  Hide  Download
Contributor : Estelle Nivault <>
Submitted on : Friday, July 31, 2009 - 2:33:39 PM
Last modification on : Wednesday, April 11, 2018 - 1:56:25 AM
Document(s) archivé(s) le : Monday, October 15, 2012 - 3:55:58 PM


Files produced by the author(s)


  • HAL Id : tel-00408687, version 1



Hahnsang Kim. An authentication architecture for cross-domain mobility. Networking and Internet Architecture [cs.NI]. Institut National des Télécommunications d'Evry, 2006. English. ⟨tel-00408687⟩



Record views


Files downloads