Optimized ticket distribution scheme for fast re-authentication protocol (fap)
Pages 71 - 77
Abstract
In this paper we introduce a ticket distribution scheme for Fast re-Authentication protocol (FAP) for inter-domain roaming. FAP is designed to reduce the authentication time of a mobile user in a visited administrative domain. The approach eliminates the need for communication between the visited network and the subscriber's home network for credentials verification and uses a short-living lightweight re-authentication ticket, which does not require a revocation mechanism.
To minimize the number of authentication tickets sent to each subscriber, we propose the use of a neighbor table, which is maintained by an authentication server of each network. When the client requests a ticket, the server generates tickets only for the networks contained in the line of the neighbor table corresponding to the current location of the user. This method decreases the number of tickets sent and, consequently, the overhead and the delay of the ticket acquisition phase of the protocol.
To create this neighbor table, we propose a reactive mode for the ticket acquisition phase. In this mode, the server sends tickets on demand of the client and only for the selected target network.
Numerical results obtained from experiments on a test-bed and a series of simulations show that the proposed scheme enhances inter-domain handover parameters such as authentication latency and signaling cost.
References
[1]
ANSI/IEEE, Local and Metropolitan Networks, Std. 802.11 Part 11: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications, 1999
[2]
B. Aboba et al., Extensible Authentication Protocol (EAP), Request for Comments 3748, June 2004
[3]
Bargh, M. S. et al, "Fast authentication Methods for handovers between IEEE 802.11 Wireless LANs", WMASH'04, October 1, 2004
[4]
FreeRadius.org
[5]
Housley, R., Ford, W., Polk, W. and Solo, D., "Internet X.509 Public Key Infrastructure Certificate and CRL Profile", Request for Comments 2459, April 2002
[6]
IEEE Computer Society, IEEE 802.11F Standard, July 2003
[7]
IEEE, Standards for local and metropolitan area networks: Amendment 6: Medium Access Control (MAC) Security Enhancements, IEEE Standard 802.11i, July 2004
[8]
IEEE, Standards for local and metropolitan area networks: Standard for port based network access control, IEEE Standard P802.1X, October 2001
[9]
International Telecommunication Union, "Transmission performance objectives and Recommendations", ITU-TG.102, 1990
[10]
Komarova, M., Riguidel, M., Hecker, A., "Fast re-Authentication Protocol for Inter-Domain Roaming", to appear in proceedings of PIMRC'2007
[11]
Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", Request for Comments 2104, February 1997
[12]
Mishra, A. et al, "Proactive key Distribution Using Neighbor Graphs", IEEE Wireless communications, February 2004
[13]
www.omnetpp.org
[14]
open1x.sourceforge.net
[15]
Pack, S. and Choi, Y., "Fast Inter-AP Handoff using Predictive-Authentication Scheme in a Public Wireless LAN", in Proc. of Networks 2002, August 2002
Index Terms
- Optimized ticket distribution scheme for fast re-authentication protocol (fap)
Recommendations
Fast and Secure Handover Authentication Scheme Based on Ticket for WiMAX and WiFi Heterogeneous Networks
Integrated WiMAX and WiFi networks is of great potential for the future due to the wider coverage of WiMAX and the high data transport capacity of WiFi. However, seamless and secure handover (HO) is one of the most challenging issues in the WiMAX and ...
Kerberos based authentication for inter-domain roaming in wireless heterogeneous network
An increased demand in ubiquitous high speed wireless access has led integration of different wireless technologies provided by different administrative domains creating truly a heterogeneous network. Security is one of the major hurdles in such network ...
A lightweight authentication mechanism in MIP networks
Numerous vulnerabilities threat the security of Mobile IP MIP networks. A variety of methods have been proposed to protect the MIP networks from the attacks. However, most of these methods are heavy and require significant time and resources. MIP is an ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2007
192 pages
Copyright © 2007 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 22 October 2007
Check for updates
Author Tags
Qualifiers
- Article
Conference
MSWiM07: 10th International Symposium on Modeling, Analysis and Simulation of Wireless and Mobile Systems
October 22, 2007
Crete Island, Chania, Greece
Acceptance Rates
Overall Acceptance Rate 46 of 131 submissions, 35%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 248Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 16 Nov 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in