Institute of Computer Science
Georg-August-Universität Göttingen
| Announcements |
| Information |
| People |
| Positions |
| Publications |
| Research |
| Projects |
| Student Projects |
| Teaching |
MobiAuth - QoS and Authentication Issues in IP Mobility
Staff: Xiaoming Fu, Rene Soltwisch, Florian TegelerSponsors(s): Panasonic Princeton Labs (USA)
The technical focus of this project is research in the area of the QoS signaling, admission control, reservation schemes, authentication and other security issues for achieving seamless handover using IP mobility protocols. Currently we concentrate on QoS-aware authentication issues in mobile IPv6 and micro-mobility schemes like HMIPv6 and fast handover for MIPv6.
In this project we look at two specific problems which are seen as the important aspects in the context of upcoming 4G technologies: Quality of Service (QoS) and security.
Overview
It is expected that the fourth-generation (4G) networks will be built upon all-IP based technologies, where different access networks are seamlessly integrated and node mobility needs to be supported. The first manufacturers have announced cellular phones that can access WiFi (802.11) base stations, which allows higher bandwidth than current 3G. However, without further mobility support, the usage of these devices will most likely be limited to employees of companies using the phones for company internal communications. QoS mechanisms, including resource reservation, admission control and other traffic control functionalities, which allow multimedia applications to get certain guarantee on bandwidth and delay of its packets delivery, should be supported in IP mobility. Furthermore, mobility introduces more security holes especially in QoS support, including authentication, confidentiality, integrity and authorization issues; in order to enable seamless IP mobility, security capabilities (especially authentication) are of particular importance to be part of the integrated framework that allows incremental development and deployment of 4G technologies.
IP mobility schemes (e.g., IETF Mobile IPv6) exhibit lack of intrinsic architectural flexibility in supporting QoS and security needs and requirements. Difficulties arise, for instance, because of the inability of the RSVP protocol to match the changed IP address of a mobile host encountered in 4G networks, or for existing Kerberos, IPSec or TLS mechanisms to provide security capabilities in mobile IP with QoS guarantees. To fill this gap, we apply the integration of QoS, security and mobility to 4G architecture as a way we design, develop, and analyze seamless handover. This work is expected to be conducted through following items:
- Identification of existing authentication and QoS approaches for IP mobility
- Development of authentication method and securing QoS mechanisms for IP mobility
- Simulation study of the proposed scheme.
Team
- Xiaoming Fu
- Dieter Hogrefe
- Rene Soltwisch
- Niklas Steinleitner
- Dirk Lessner
Links:
- D. Johnson, C. Perkins, and J. Arkko, Mobility Support in IPv6, Internet draft, work in progress, June 2003.
- H. Soliman, C. Castelluccia, K. El-Malki, and L. Bellier, Hierarchical Mobile IPv6 Mobility Management (HMIPv6), Internet draft, work in progress, Feb 2004.
- R. Koodli, G. Dommety, A. E. Yegin, C. Perkins, G. Tsirtsis, K. El-Malki, and M. Khalil, Fast Handovers for Mobile IPv6, Internet draft, work in progress, Jan. 2004.
- J. Loughney, M. Nakhjiri, C. Perkins, and K. Koodli, Context Transfer Protocol, Internet draft, work in progress, Jan. 2004.
- M. Liebsch, A. Singh, H. Chaskar, D. Funato, and E. Shim, Candidate Access Router Discovery, Internet draft, working in progress, Dec. 2003.
- J. Arkko, V. Devarapalli, and F. Dupont, Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents, Internet draft, work in progress, June 2003.
- C. Perkins and P. Calhoun, AAA Registration Keys for Mobile IP, Internet draft, work in progress, June 2003.
- R. Braden, L. Zhang, S. Berson, S. Herzog, and S. Jamin, Resource ReSerVation Protocol (RSVP) - Version 1 Functional Specification, RFC 2205, Sept. 1997.
- F. Baker, B. Lindell, and M. Talwar, RSVP Cryptographic Authentication, RFC 2747, Jan. 2000.
- S. Kent and R. Atkinson, Security Architecture for the Internet Protocol, RFC 2401, Nov. 1998.
- T. Dierks and C. Allen, The TLS Protocol Version 1, RFC2246, Jan. 1999.
- J. Kohl and C. Neuman, The Kerberos Network Authentication Service (V5), RFC 1510, Sept. 1993.
- L. Blunk and J. Vollbrecht, Extensible Authentication Protocol (EAP), RFC2284, Mar. 1998.
- R. Housley, Cryptographic Message Syntax, RFC2630, June 1999.
Links
Documents
Publications of this project:
2005
| Formal Specification and Security Verification of the IDKE Protocol using FDR Model Checking, Florian Tegeler, Rene Soltwisch and Dieter Hogrefe, Proceedings of the 13th IEEE International Conference on Networks (ICON), IEEE, ISBN 1-4244-0000-7, November 2005. | ||
| Read abstract | ||
| Review of CasperFDR Analysis of the IDKE Protocol, Florian Tegeler, Rene Soltwisch, Technical Report No. IFI-TB-2005-04, Institute of Computer Science, University of Göttingen, Germany, ISSN 1611-1044, June 2005. | ||
2004
| A Method for Authentication and Key Exchange for Seamless Inter-Domain Handovers, Xiaoming Fu, Dieter Hogrefe, Rene Soltwisch, and Sathya Narayanan, Proceedings of 12th IEEE International Conference on Networks (ICON 2004), Singapore, pp. 463-469, ISBN 0-7803-8783-X, November 2004. | ||
| Read abstract |
PDF [263.1 kB] |
|
| QoS and Security in 4G Networks, Xiaoming Fu, Dieter Hogrefe, Rene Soltwisch, and Sathya Narayanan, Proceedings of the 1st CIC/IEEE Global Mobile Congress (GMC 2004), Shanghai, China, pp. 117-122, October 2004. | ||
| Read abstract |
PDF [369.9 kB] |
|