Use this URL to cite or link to this record in EThOS:
Title: Security mechanisms for next generation mobile IP networks
Author: Sheng, Yingli
ISNI:       0000 0004 2706 6237
Awarding Body: University of Surrey
Current Institution: University of Surrey
Date of Award: 2011
Availability of Full Text:
Access from EThOS:
Access from Institution:
With the advent of various access technologies and increasing number of applications, a set of challenges concerning efficient delivery of ubiquitous services to heterogeneous users and devices have been posed. Mobile IP protocol can be used to enable roaming across different access technologies. One of the important challenges in Mobile IP is security. The service delivery should be secured and efficient, which implicates that security should be integrated with mobility management (MM), Quality-of-Service (QoS) to minimise the negative impact of security mechanisms. It is proposed in the thesis an architectural framework, which uses Hierarchical Mobile IPv6 (HMIPv6) protocols interworking with Authentication, Authorization, Accounting (AAA) framework. The concept of Enhanced Node (EN) is introduced in the framework. The EN is empowered with intelligence to integrate security, MM and QoS. The focal point of the work is to address security challenges based on the framework and to evaluate the impact of security mechanisms on the mobile networks in terms of extra signalling load introduced. Three security mechanisms are proposed in the thesis, according to the handover domains. For handover across two access networks, an enhanced AAA solution is proposed to provide the mobile node authenticated network access. It establishes keys between serving access network and target access network for the purpose of securing context transfer. Also keys are established between mobile node and the target access network for future use after mobile node (MN) roams to the target access network. For micro-mobility handover within one EN domain, an enhanced key management scheme is proposed to generate a bunch of handover keys for all of the access routers (AR) within one EN domain instead of generating key every single time the mobile node changes the AR in the previous mechanism. The enhanced key management scheme reduces the handover disruption time introduced by security. For fast handovers within one EN domain (micro-mobility handover) and across EN domains (macro-mobility handover), the security mechanism is proposed to secure the fast handover between ARs/enhanced nodes. The fast handover key is established between previous AR/EN and new AR/EN, thus, the fast handover registration messages between ARs/ENs can be secured. More importantly, the context transfer messages between previous EN and new EN for the purpose of prompting "smooth handover", can be protected using the fast handover keys. The performance of three proposed solutions is evaluated using analytical models. Signalling cost is the main parameter to be evaluated. Discussions on advantage and disadvantage of each proposed mechanisms are also provided at the end of chapter 4, 5 and 6 respectively.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available