A Service-Agent-Based Roaming Architecture for WLAN/Cellular Integrated Networks

IEEE Trans. Veh. Technol.

Shi

et al. 2009

Abstract-Wireless metropolitan area sharing networks (WMSNs) are wide-area wireless networks with nodes owned and managed by independent wireless Internet service providers (WISPs). To support seamless roaming in emerging WMSNs, in this paper, we propose a localized and distributed authentication and billing architecture that aims at enabling efficient and privacy-preserving mutual authentication between mobile users (MUs) and WISPs. User anonymity and identity privacy can be protected, even in the presence of collusion between WISPs and a roaming broker (RB), which is considered to be the strongest user privacy protection. An efficient billing architecture is introduced and performed in the same stage of roaming, where U-tokens are defined and can be purchased by MUs from an RB as authentication credentials for the MUs to access the wireless network. The WISPs, thus, can cash the collected U-tokens in the RB for payment. We show that the proposed authentication and billing architecture can support localized inter-WISP authentication through the divisible blind signature scheme and a local witness strategy. A detailed analysis on a number of performance metrics, such as computation time and power consumption, is given to validate the performance of the proposed architectures.Index Terms-Billing, partially blind signature, privacy protection, roaming, wireless metropolitan area sharing networks (WMSNs).

Section: Related Workmentioning

confidence: 99%

PPAB: A Privacy-Preserving Authentication and Billing Architecture for Metropolitan Area Sharing Networks

IEEE Trans. Veh. Technol.

Shi

et al. 2009

“…In [13], [14], it is suggested to make use of a local AAA server as a buffer for caching the security contexts for each active MU. This scheme can greatly improve the performance since an MU requesting for handoff needs to communicate with the home AAA server only for once and then the subsequent authentication procedure can be performed at a local AAA server.…”

Section: A Related Workmentioning

confidence: 99%

SLAB: A secure localized authentication and billing scheme for wireless mesh networks

IEEE Trans. Wireless Commun.

et al. 2008

Abstract-The future metropolitan-area wireless mesh networks (WMNs) are expected to contain compromise-prone Mesh Access Points (MAPs) with a high frequency of inter-domain roaming/handoff events. This paper introduces a novel secure localized authentication and billing (SLAB) scheme, which aims to address both security guarantee and performance in terms of system compromise resilience capability, inter-domain handoff authentication latency, and workload of the roaming broker (RB). With extensive analysis and simulation, we demonstrate that the proposed scheme can be a practical solution for achieving secure roaming and billing in metropolitan-area WMNs.Index Terms-Wireless mesh networks, security, inter-domain handoff, authentication and billing.

“…Our work is different from (Long et al, 2004;Baek et al, 2006;Shi et al, 2007) in the sense that an embedded two-factor authentication mechanism is implemented to determine whether a roaming MU is authentic without any intervention of the MU's home network as well as exchanging the authentication key in case the MU is authentic. A two-factor authentication mechanism is considered as a much stronger authentication method than the previously reported schemes since two independent authentication methods are adopted to ensure a MU to be a legitimate user, such as 'something you know' as one, and 'something you have' or 'something you are' as the other.…”

mentioning

confidence: 95%

“…In addition to providing mutual authentication, the authors demonstrated that the protocol can defend various threats such as replay attack, man-in-the-middle attack, and key exposure. Shi et al (2007) realised localised authentication by using ticket, which is secrecy kept by MSs and APs after their first time authentication.…”

mentioning

confidence: 99%

A novel localised authentication scheme in IEEE 802.11 based Wireless Mesh Networks

Ling

et al. 2008

IJSN

Abstract:In the paper, we propose an efficient two-factor localised authentication scheme for inter-domain handover and roaming in IEEE 802.11 based service-oriented wireless mesh networks (WMNs). Some important aspects, such as resource-constraint Mobile Stations (MSs) and the ping-pong movement phenomenon when handover roaming across different hotspots occurs, are considered. An analytic model is developed to investigate the efficiency of the proposed scheme. Numerical results are given to demonstrate the superiority of the proposed scheme in terms of the resultant signalling overhead, power consumption, and authentication latency, compared with the legacy authentication schemes without losing the capability of preserving the system security.