An authentication architecture for cross-domain mobility

Abstract : The rapid growth of wireless device technologies is enabling seamless mobility, but there are still major concerns related to the performance of security. The handoff performance correlates with inter-wireless link switch latency and network layer latency, with security being required at both levels. Authentication latency has a significant impact, especially on the link switch phase, in the case of cross-domain mobility because of the requirement of remote contact with a home authentication server. Providing a solution to minimize the latency impact without degrading the level of security is a major challenge. In this thesis, we propose a high-performance authentication architecture to tackle the latency problem in fast inter-domain handoffs. The architecture consists of three contributions. First, we present a decentralized authentication scheme by introducing a ‘deputy' agent in control of a group of access points. The collaborating deputy agents considerably reduce long-distance traffic of authentication messages. Then, we propose a mobility-adjusted authentication protocol (MAP) dedicated to cross-domain handoffs, cooperating with the deputy agents. The protocol leverages the concept of ‘security context' to achieve minimum handshakes so that one can significantly reduce the authentication latency. Finally, we design a security context router (SCR) that extends the deputy agent to manage security contexts. The SCR realizes seamless cross-domain mobility with the predictive forwarding of security context that is characterized by approximate pattern matching and statistical estimation. The contributions made by this thesis have transparently led to significant improvements in the performance of handoff processes without compromising high-level security.
Document type :
Theses
Networking and Internet Architecture. Institut National des Télécommunications d'Evry, 2006. English


https://tel.archives-ouvertes.fr/tel-00408687
Contributor : Estelle Nivault <>
Submitted on : Friday, July 31, 2009 - 2:33:39 PM
Last modification on : Friday, July 31, 2009 - 2:43:00 PM

File

kim.pdf
fileSource_public_author

Identifiers

  • HAL Id : tel-00408687, version 1

Collections

Citation

Hahnsang Kim. An authentication architecture for cross-domain mobility. Networking and Internet Architecture. Institut National des Télécommunications d'Evry, 2006. English. <tel-00408687>

Export

Share

Metrics

Consultation de
la notice

226

Téléchargement du document

109