Handover mechanisms in next generation heterogeneous wireless ...

More documents

Recommendations

Info

PROXY BASED AUTHENTICATION LOCALISATION SCHEME FOR HANDOVER the local authentication key LAK shared between the MH and the FAP. The AN acts just as a pass-through, and can not view or modify the two passed nonces. After receiving the key renew request, the AN forwards it with the encrypted E LAK ( N m '|| N s ) to the FAP. E LAK ( N m '|| N s ) is decrypted at the FAP later using the cached LAK. The FAP verifies whether N s provided by the MH is the same as what has been included in the original FAT. If the MH could pass this request origination check, the FAP generates a new proxy nonce N p ' , and computes the new PMK (PMK’) as follows: PMK ' � prf ( LAK , PMK || N m '|| N p ' ) (Equation 6.7) The new PMK’ along with the encrypted proxy nonce E ') will be delivered to the - 126 - ( p LAK N AN through the FAP-sAN connection (protected by K pa as shown in Figure 6.6). The AN keeps the PMK’ for renewing the related session key, and forwards LAK ( p ') N E to the MH. With the decryption, the MH obtains the new proxy nonce N p ' from E LAK ( N p ') , and can derive the new pairwise master key PMK’ according to Equation 6.7. E LAK ( Nm '|| Ns ) ELAK ( N p ') EK pa { ELAK ( Nm '|| N s )} E LAK p K pa { E ( N '), PMK '} Figure 6.6 Session key renewal procedure initiated by MH The sAN can start the session key renewal procedure. This is started by sending a Key Renew Request to the FAP. Then, the FAP generates the new proxy nonce N p ' , and sends this nonce N p ' along with the received original mobile nonce N m to the MH for verification by the MH. The N p ' and N m are encrypted using the LAK so that they can
PROXY BASED AUTHENTICATION LOCALISATION SCHEME FOR HANDOVER not be overheard by the sAN. The sAN forwards these session key renew credentials to the MH. If N m that is included in the key renew response is valid, the MH generates another mobile nonce N m ' , and establishes the new session key PMK’ according to Equation 6.7. The newly issued nonce N m ' will be delivered to the FAP as shown in Figure 6.7. Based on the two new nonces N m ' and N p ' , the FAP can derive the corresponding PMK’. Later on, the derived PMK’ is provided to the AN for updating the session key. E LAK ( Nm || Ns ') ELAK ( Nm ') - 127 - E pa E { ELAK ( Nm || Ns ')} pa { ELAK ( Nm ')} EK (PMK' ) pa Figure 6.7 Session key renewal procedure initiated by AN In this thesis, it is assumed that the communications between a MH and an AN are always protected by other link layer security mechanisms. For example, IEEE 802.11i [42] defines how the PMK can be utilised to ensure a secure association with an access point. 6.4 Security Analysis for the PBAL In the proposed PBAL scheme, the authentication authority is temporarily relayed to a third-party entity FAP when a mobile subscriber roams outside the territory of its home network. The FAP plays a similar role as the Visitor Location Register (VLR) of 3GPP in verifying a mobile user’s identity using the home-supplied authentication vectors, as
Page 1 and 2:
Handover Mechanisms in Next Generat
Page 3 and 4:
ACKNOWLEDGMENT First of all, I woul
Page 5 and 6:
TABLE OF CONTENTS 4.4.2 Power Save
Page 7 and 8:
LIST OF FIGURES LIST OF FIGURES Fig
Page 9 and 10:
LIST OF FIGURES Figure 7.2 A generi
Page 11 and 12:
ABSTRACT New access technologies su
Page 13 and 14:
Chapter 1 INTRODUCTION New access t
Page 15 and 16:
INTRODUCTION becomes available. Han
Page 17 and 18:
INTRODUCTION The above multipliciti
Page 19 and 20:
INTRODUCTION network trust pattern
Page 21 and 22:
INTRODUCTION 1.3 Related Publicatio
Page 23 and 24:
INTRODUCTION TECHNICAL REPORTS XIII
Page 25 and 26:
HANDOVER MANAGEMENT horizontally. H
Page 27 and 28:
HANDOVER MANAGEMENT The objective o
Page 29 and 30:
HANDOVER MANAGEMENT air interface,
Page 31 and 32:
HANDOVER MANAGEMENT proposed archit
Page 33 and 34:
HANDOVER MANAGEMENT Access point (A
Page 35 and 36:
HANDOVER MANAGEMENT users. Moreover
Page 37 and 38:
HANDOVER MANAGEMENT For IEEE 802.11
Page 39 and 40:
HANDOVER MANAGEMENT The two schemes
Page 41 and 42:
HANDOVER MANAGEMENT When a MH is mo
Page 43 and 44:
3.1 Introduction Chapter 3 HANDOVER
Page 45 and 46:
SECURITY FOR HANDOVER ACROSS HETERO
Page 47 and 48:
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
DYNAMIC NEIGHBOUR TRUST INFORMATION
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88: DYNAMIC NEIGHBOUR TRUST INFORMATION
Page 93 and 94: Chapter 5 TRUST ASSISTED HANDOVER A
Page 95 and 96: TRUST ASSISTED HANDOVER ALGORITHM F
Page 123 and 124: Chapter 6 PROXY BASED AUTHENTICATIO
Page 125 and 126: PROXY BASED AUTHENTICATION LOCALISA
Page 137: PROXY BASED AUTHENTICATION LOCALISA
Page 147 and 148: MULTI-INTERFACE MOBILE MODEL FOR ME
Page 169 and 170: CONCLUSIONS AND FUTURE RESEARCH WOR
Page 175 and 176: ABBREVIATIONS 3G 3rd Generation Wir
Page 177 and 178: ABBREVIATIONS LS Location Server MH
Page 179 and 180: ABBREVIATIONS THOA Trust Assisted H
Page 181 and 182: REFERENCES [12] C. Politis, T. Oda,
Page 183 and 184: REFERENCES [37] Wi-Fi Alliance, "Wi
Page 185 and 186: REFERENCES presented at IEEE Intern
Page 187 and 188: REFERENCES [90] R. Verdone and A. Z
Page 189:
REFERENCES [116] K. E. Malki and H.
show all

Handover mechanisms in next generation heterogeneous wireless ...

Create successful ePaper yourself

Delete template?

Save as template?