Efficient Authentication and Authorization of Mobile Users Based on Peer-to-Peer Network Mechanisms

Braun, Torsten; Kim, Hahnsang

doi:10.1109/hicss.2005.226

Cited by 17 publications

(7 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additional protocols must be defined and deployed on top of the framework to actually achieve authentication, authorization, and accounting, such as SAML [16] or Diameter SE extension [11]. Since AAA systems must sustain scalability, AAA entities may be redundant or distributed; in some systems the user account data is itinerant [8,17]. AAA protocols must be generic enough to transport different kind of information, and a peer-to-peer communication model is needed.…”

Section: Aaa Architecture Fundamentalsmentioning

confidence: 99%

Towards a Global AAA Framework for Internet

Decugis¹

2009

2009 Ninth Annual International Symposium on Applications and the Internet

View full text Add to dashboard Cite

A common Authentication, Authorization and Accounting (AAA) framework enables communication between control structures across several interconnected organizations. It is a requirement to allow users mobility or emergence of new distributed services. The path leading to a global framework contains many obstacles, technical and political, that must be overcome to achieve new generation network features such as pervasive computing. While creating a new framework implementation focused on extensibility, we have found some issues in Diameter, the state-of-the-art AAA framework in Internet. This paper summarizes the fundamentals of a AAA architecture, then presents our implementation waaad and our findings on Diameter limitations. It shows that Diameter is suitable for AAA in the future, but some problems must be addressed first. The next phase in our evaluation of the Diameter framework is the deployment of our implementation in a multi-realm environment, one step closer to a global AAA framework.

show abstract

Section: Aaa Architecture Fundamentalsmentioning

confidence: 99%

Towards a Global AAA Framework for Internet

Decugis¹

2009

2009 Ninth Annual International Symposium on Applications and the Internet

View full text Add to dashboard Cite

show abstract

“…A security association is established between the MC and every neighboring APs before the former associates with one of them. Similar mechanisms are employed in AAA context transfer [14] and P2P context transfer [15]. Such proactive authentication mechanisms can further reduce the authentication delay but may cause the problem of heavy traffic and waste of resources induced by redundant information transfer.…”

Section: Related Workmentioning

confidence: 99%

Secured Fast Handoff in 802.11-Based Wireless Mesh Networks for Pervasive Internet Access

Yao

Cao

Yan³

et al. 2010

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYAuthentication issue has been mostly ignored to ensure fast handoff in 802.11 Wireless Mesh Network (WMN). With the proliferation of WMNs in recent years for practical deployment, secured fast handoff has drawn much attention to enforce authenticated access while reduce the extra delay caused by enabling authentication operations. In this paper, we present an overview on the state-of-the-art advance in this field and tackle the problem from a practical perspective based on experiments and analysis on our real-world testbed HAWK. We propose a novel fast handoff scheme Network-assisted Radio Signature to eliminate probing delay by taking advantage of the characteristic of the actual dynamic topology about mesh routers in WMN. Moreover, we apply an optimistic authentication mechanism Dual Re-authentication to counteract the authentication delay while providing the secured wireless access. In this manner, we have reduced the end-to-end handoff delay of WMN back again to a level below 50 ms to achieve secured handoff and support time-sensitive applications. We describe detailed mechanisms, simulation, implementation and experimental results. To our best knowledge, we are the first to achieve such an optimal performance of secured fast handoff. key words: handoff management, fast handoff, secured fast handoff

show abstract

“…The protocol does not address key management operations which are essential in 3G-WLAN interworking systems. Differently from protocols suggested in References [8][9][10][11][12][13][14], LFR attains faster re-authentication and maintains a high state of security. Firstly, it does not require the usage of public key operations.…”

Section: Proposed Local Fast Re-authentication Protocolmentioning

confidence: 99%

“…However, since 3GPP has adopted EAP-AKA as the standard security protocol for 3G-WLAN interworking, adopting other EAP-based solutions might raise interoperability issues. Braun et al [12] proposed retrieving security context (SC) information like AVs from the previously visited security context controller (SCC) instead of retrieving them from the 3GHN. An SCC periodically broadcasts information about UEs within its perimeter to neighbor SCCs.…”

Section: Related Workmentioning

confidence: 99%

Local fast re‐authentication for 3G‐WLAN interworking

Shidhani

Leung

2008

Security Comm Networks

View full text Add to dashboard Cite

SummaryInterworking third-generation (3G) mobile communications systems and wireless local area networks (WLANs) is advantageous for both service providers and end users. However, securing such interworking architectures is a challenging task. EAP-AKA is the security protocol adopted by 3GPP to achieve authentication in 3G-WLAN interworking architectures. This paper proposes enhancements to EAP-AKA to improve performance and security during re-authentication. A novel protocol named local fast re-authentication (LFR) is proposed to replace the reauthentication protocols in EAP-AKA. The EAP-AKA key hierarchy is restructured to suit the needs of LFR. Evaluations show that LFR is superior to the re-authentication protocols in EAP-AKA in terms of performance and security. LFR has been tested by the automated validation of internet security protocols and applications (AVISPA) security verification tool and proved to be secure.

show abstract

Efficient Authentication and Authorization of Mobile Users Based on Peer-to-Peer Network Mechanisms

Cited by 17 publications

References 8 publications

Towards a Global AAA Framework for Internet

Towards a Global AAA Framework for Internet

Secured Fast Handoff in 802.11-Based Wireless Mesh Networks for Pervasive Internet Access

Local fast re‐authentication for 3G‐WLAN interworking

Contact Info

Product

Resources

About