The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

VPN Traversal Scheme in Hierarchical MIPv4 environment

계층적 이동 IPv4 환경에서 VPN 운영 방안

  • 성수련 (숭실대학교 대학원 컴퓨터학부) ;
  • 강정호 (숭실대학교 대학원 컴퓨터학) ;
  • 신용태 (숭실대학교 컴퓨터학부)
  • Published : 2004.08.01
Download PDF
⟨ Previous Next ⟩

Abstract

This paper presents an efficient interoperation scheme of a VPN(Virtual Private Network) and Mobile IP using a hierarchical structure of a FA(Foreign Agent). In the proposed scheme, the GFA(Gateway Foreign Agent) plays a role of VPN gateway on behalf of the MN(Mobile Node). When the MN moves in the same GFA domain, because the GFA has already an IPsec security association with a VPN gateway in the home network of the MN, the MN does not need an IPsec re-negotiaion. In this way, our mechanism reduces a message overhead and a delay resulted from an IPsec negotiation. And a MN can send a data to a correspondent node without a packet leakage. We show a performance of our scheme by using a discrete analytical model. Analytical results demonstrated that the total processing cost calculated by a registration update cost and a packet delivery cost is significantly reduced through our proposed scheme.

본 논문은 외부 에이전트의 계층적인 구조를 이용하여 VPN과 이동 IPv4의 효과적인 연동 방안을 제시한다. 제안된 방안에서, 대표 외부 에이전트(Gateway Foreign Agent)는 이동 노드를 대신하여 VPN 게이트웨이 역할을 수행한다. 이동 노드가 같은 GFA 영역 내에서 이동 시, GFA가 이동 노드 대신 흠 네트워크에 위치한 VPN 게이트웨이와의 IPsec 보안 협정을 이미 가지고 있기 때문에, 이동 노드는 새로운 IPsec 협정을 맺을 필요 없이 데이터를 전송하면 된다. 이러한 방법으로, 본 논문은 IPsec 재협정으로 인한 메시지 오버헤드와 지연을 감소시키며, 이동 노드가 외부 망에 있을 경우 패킷 누출 없이 안전하게 데이터를 전송할 수 있다 수학적 분석 모델을 이용하여 제안된 방안의 성능을 증명하며, 분석 결과는 제안된 방식이 기존의 연동방식 보다 등록 갱신 비용과 패킷 전송 비용 측면에서 우수하다는 것을 보여준다.

Keywords

References

  1. Perkins, c., 'IP Mobility Support for IPV4,' RFC 3344, August, 2002
  2. F. Adrangi, 'Problem Statement : Mobile IPv4 Traversal of VPN Gateways,' draft-ietf-mobileip-vpn-problem-statement-req-03, June, 2003
  3. Eva Gustafsson, 'Mobile IPv4 Regional Registration,' draft-ietf-mobileip-reg-tunnel-08, November, 2003
  4. S. Vaarala, 'Mobile IPv4 Traversal Across IPsec-based VPN Gateways,' draft-ietf-mobileip-vpn-problem-solution-03, September, 2003
  5. H. Xie, S. Tabbane, and D. J. Goodman, 'Dynamic location area management and performance analysis,' in Proc. 43rd IEEE Vehicular Technology conference, pp.546-539, 1993 https://doi.org/10.1109/VETEC.1993.507529
  6. H. Y. Tzeng, and T. Przygienda, 'On fast address-lookup algorithms,' IEEE Journal on Selected Areas in Communications(JSAC), Vol.17, No.6, pp.1067-1908, June, 1999 https://doi.org/10.1109/49.772436
  7. R. Caceres and V. N. Padmanabhan, 'Fast and scalable handoffs for wireless internetworks,' in Proc. ACM Mobicom '96, pp.55-66, 1996 https://doi.org/10.1145/236387.236405
  8. P. Calhoun, C. Perkins, 'Mobile IP Network Access Identifier Extension for IPv4,' RFC 2794, IETF, March, 2000
  9. Pat R. Calhoun, Charles E. Perkins,'Diameter Mobile IPv4 Application,' Internet draft, Internet Engineer Task Force, November, 2001
  10. Bhagavathula, R, Rhanthry, N, Pendse, R, 'Mobile IP and virtual private networks,' Vehicula Technology Conference, 2002 https://doi.org/10.1109/VETECF.2002.1040654
  11. Aspas, J. P., Arroyo, F. B., 'Design of a mobile VPN able to support a large number of users,' Universal Multiservice Networks, 2002, ECUMN 2002 https://doi.org/10.1109/ECUMN.2002.1002108
  12. Bhagavathula, R, Thanthry, N, Wanyen Lee, Pendse, R, 'Mobility : a VPN perspective [mobile computing],' Circuits and Systems, 2002, MWSCAS-2002
  13. Colin Boyd, Anish Mathuria, 'Key establishment protocols for secure mobile communications : A selective survey,' Lecture Notes in Computer Science, 1998 https://doi.org/10.1007/BFb0053746
  14. Wenchao Ma, Yuguang Fang, 'Dynamic hierarchical mobility management strategy for mobile IP networks,' IEEE Journal on, May, 2004 https://doi.org/10.1109/JSAC.2004.825968
  15. Myung-Cheul Jung, Jung-Shin Park, Dong-Min Kim, Hyo-Soon Park, Jai-Yong Lee, 'Optimized handoff management method considering micro mobility in wireless access network,' High Speed Networks and Multimedia Communications 5th IEEE International Conference on, July, 2002 https://doi.org/10.1109/HSNMC.2002.1032572