• Journal of KIISE:Information Networking
• /
• v.32 no.5
• /
• pp.551-560
• /
• 2005

To reduce the amount of the signaling messages occurred in movement, HMIPv6 has been introduced as the hierarchical mobility management architecture tor MIPv6 by regarding the locality of movements. When approaching the visited link, the authentication procedure should be done successfully prior to any motility support message exchanges. The AAA(Authentication, Authorization and Account) authentication service is applied gradually to the wireless LAN and Cellular networks. However, It may bring about the service latency for the sessions of requiring the real-time processing due to not providing the optimized signaling in local and frequent movements. In this paper, we propose the authentication architecture with 'delegation' scheme to reduce the amount of signaling message and latency to resume for local movements by integrating it with HMIPv6 architecture. We provide the integrated authentication model and analyze the performance and effectivity of our proposal and finally offer the analysis materials comparing to the exiting authentication scheme. It cuts down the cost to $33.6\%$ at average measurement.

• Journal of Internet Computing and Services
• /
• v.8 no.6
• /
• pp.21-28
• /
• 2007

Hierarchical Mobile IPv6 improves performance of Mobile IPv6 by managing Binding Update in terms of location, With improved handover delay, realization of delay-sensitive services (e,g, VoIP or video streaming) has become more persuadable, Comparing with Mobile IPv6, however, Hierarchical Mobile IPv6 brings security threats related to Local Binding Update to mobile network, In the RFC 4140, specific methods to authenticate Local Binding Update message are not explicitly presented. It is essential that design secure architecture to address problems related to authenticating Local Binding Update, Many secure suggestions for Local Binding Update, however, concentrate on infrastructure-based solutions such as AAA PKI. These approaches may cause scalability problem when the suggested solutions are applied to real network. Therefore we suggest authentication method that doesn't require infrastructure, In addition to authentication of Local Binding Update, our method also provides mobile node with power saving ability.

• Journal of Internet Computing and Services
• /
• v.6 no.5
• /
• pp.11-25
• /
• 2005

In MIPv6 environment, an important design consideration for public key based binding update protocols is to minimize asymmetric cryptographic operations in mobile nodes with constraint computational power, such as PDAs and cellular phones, For that, public key based protocols such as CAM-DH. SUCV and Deng-Zhou-Bao's approach provides an optimization to offload asymmetric cryptographic operations of a mobile node to its home agent. However, such protocols have some problems in providing the optimization. Especially, CAM-DH with this optimization does not unload all asymmetric cryptographic operations from the mobile node, while resulting in the home agent's vulnerability to denial of service attacks. In this paper, we improve the drawbacks of CAM-DH. Furthermore, we adopt Aura's two hash-based CGA scheme to increase the cost of brute-force attacks searching for hash collisions in the CGA method. The comparison of our protocol with other public key based protocols shows that our protocol can minimize the MN's computation overhead, in addition to providing better manageability and stronger security than other protocols.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.5
• /
• pp.21-30
• /
• 2005

Recently, a mobile IPv6 binding update protocol using Address Based Keys (BU-ABK) was proposed. This protocol applies Address Based Keys (ABK), generated through identity-based cryptosystem, to enable strong authentication and secure key exchange without any global security infrastructure. However, because it cannot detect that public cryptographic parameters for ABKs are altered or forged, it is vulnerable to man-in-the-middle attacks and denial of service attacks. Furthermore, it has heavy burden of managing the public cryptographic parameters. In this paper, we show the weaknesses of BU-ABK and then propose an enhanced BU-ABK (EBU-ABK). Furthermore, we provide an optimization for mobile devices with constraint computational power. The comparison of EBU-ABK with BU-ABK shows that the enhanced protocol achieves strong security while not resulting in heavy computation overhead on a mobile node.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.42 no.3 s.303
• /
• pp.1-8
• /
• 2005

At IETF (Internet Engineering Task Force), recently RFC3775, RFC3776 documents about the mobile IPv6 were standardized by IETF (Internet Engineering Task Force). Those specifications propose that during the roaming, the mobile node sends securely the binding update to the home agent and the correspondent node after setting the security association between Mobile Node and Home Agent. But there is no secure bootstrapping method between a mobile node and a home agent at the two RFC documents. This paper proposed a method for the secure bootstrapping between a mobile node and a home agent. This makes the authentication, binding update, home agent assignment, security association distribution through the AAA-based secure channel between mobile node and home agent. And the proposed method was analyzed in the view of the procedure, round trip and security strength.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.5
• /
• pp.1117-1124
• /
• 2010

PMIPv6 is a network-based mobility support scheme, proposed and standardized by NetLMM WG of IETF. It is proposed to solve problems of conventional mobility schemes, and to improve inefficiency of those. The standard document describes network components and detailed procedures to provide mobility to MN. But it describes only a handover procedure between MAGs, not between LMAs. In order to support seamless connectivity of MN efficiently, a handover procedure between LMAs is necessary. The proposed scheme in this paper utilizes a route optimization procedure to prevent inefficiency of inter-LMA tunneling scheme. At the same time, the proposed scheme utilizes a pre-authentication scheme to reduce handover latency. According to the result of performance evaluations, the proposed scheme greatly reduces handover latency, compared to conventional mobility support schemes.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.29-41
• /
• 2008

Currently, IETF MANEMO(Mobile Adhoc for NEMO) working group is working on standardization supporting internal routing in nested NEMO networks. Nested NEMO has a independent topology feature that Mobile IP and basic NEMO protocol did not caused. This is the reason that causes exceptional mobility pattern. Such mobility patterns also trigger each other reconfiguration requirements. This paper classified and analyzed probable new mobility patterns in nested NEMO network. In concludion, we derived configuration problem from the new mobility patterns and suggested differential reconfiguration requirements through analytical approach.

• International Journal of Computer Science & Network Security
• /
• v.22 no.3
• /
• pp.236-244
• /
• 2022

Network Mobility Basic Support (NEMO BS) protocol has been accredited and approved by Internet Engineering Task Force (IETF) working group for mobility of sub-networks. Trains, aircrafts and buses are three examples of typical applications for this protocol. The NEMO BS protocol was designed to offer Internet access for a group of passengers in a roaming vehicle in an adequate fashion. Furthermore, in NEMO BS protocol, specific gateways referred to Mobile Routers (MRs) are responsible for carrying out the mobility management operations. Unfortunately, the main limitations of this basic solution are pinball suboptimal routing, excessive signaling cost, scalability, packet delivery overhead and handoff latency. In order to tackle shortcomings of triangular routing and Quality of Service (QoS) deterioration, the proposed scheme (Diff-FH NEMO) has previously evolved for end-users in moving network. In this sense, the article focuses on an exhaustive analytic evaluation at Home Agent (HA) entity of the proposed solutions. An investigation has been conducted on the signaling costs to assess the performance of the proposed scheme (Diff-FH NEMO) in comparison with the standard NEMO BS protocol and MIPv6 based Route Optimization (MIRON) scheme. The obtained results demonstrate that, the proposed scheme (Diff-FH NEMO) significantly improves the signaling cost at the HA entity in terms of the subnet residence time, number of mobile nodes, the number of DMRs, the number of LFNs and the number of CNs.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.13 no.6
• /
• pp.1-16
• /
• 2013

Smartphones and tablets including phone, calendar are the necessities of modern man. They are one of the MN(Mobile Node), each with wireless network capabilities. Necessities of modern human MNs are almost included cellular module available in LTE/3G and Wi-Fi module for high-speed Internet. Until now, MN mobility management is handled, but using network-based mobility management in this paper. Then, carriers can manage and maintain the network for low-cost. In addition, it was considered that use a lot of modern people with Wi-Fi and LTE/3G, and using Cross-Layer-Based handoff.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.6B
• /
• pp.608-617
• /
• 2011

ubiquitous network management system (u-NMS) is the network management system based on smartphone which are recently of wide use. The purpose of the u-NMS is to provide convenience for network administrator utilizing the mobility of smartphone and to manage the network efficiently. This paper proposes the smart NMS agent and the mobility management server (MMS). The smart NMS agent enables to use the monitoring web server and remote control application on the smartphone in wireless network. The MMS is developed to reduce the problems such as handover latency and packet loss, which can be taken place in wireless network. The network manager can monitor traffic in real time through the smart NMS agent and remotely control the network efficiently when sudden failures happen in the u-NMS. In this paper, performance evaluation is carried out with our test-bed system implemented. We focus on the measurement of the MMS performance. When the MMS is compared to previous mobility management protocol, our mobility management server reduces the average latency up to 65% in initial access, handover latency and processing delay to the network management center.