Interoperability and Security of TraSH: A Transport Layer Seamless Handover

Similar documents
Extending the Internet of Things to Space

Smart Communication with Space: Protocols and Mobility Management

SCTP: A new networking protocol for super-computing. Mohammed Atiquzzaman Shaojian Fu Department of Computer Science University of Oklahoma.

Architecture and Performance of SIGMA: A Seamless Mobility Architecture for Data Networks

Effect of SCTP Multistreaming over Satellite Links

Performance Comparison between Multihomed Network Mobility Protocols

Telecommunication & Network Research Lab

Mobile SCTP for IP Mobility Support in All-IP Networks

TraSH: A Transport Layer Seamless Handover for Mobile Networks

SCTP for Vertical Handover.

School of Computer Science

A Scheme of Primary Path Switching for Mobile Terminals using SCTP Handover

Novel web agent framework to support seamless mobility for data networks Y.-J. Lee 1 D.-W. Lee 2 M. Atiquzzaman 3

IP Mobility vs. Session Mobility

SEMO6 - A MULTIHOMING-BASED SEAMLESS MOBILITY MANAGEMENT FRAMEWORK

SJTU 2018 Fall Computer Networking. Wireless Communication

Cost Analysis of Mobility Management Entities for SIGMA

Performance Comparison between MIPv6 and SEMO6

nsctp: A New Transport Layer Tunnelling Approach to Provide Seamless Handover for Moving Network

Cost and Efficiency Analysis of Hierarchical SIGMA

Mohammad Hossein Manshaei 1393

Chapter 7 Mobility Management at Transport Layer

A framework to determine the optimal loss rate of RED queue for next generation Internet routers

DualRTT: Enhancing TCP Performance During Delay Spikes

Mobile IP and Mobile Transport Protocols

Advanced Computer Networks. IP Mobility

Mobile IP. Mobile Computing. Mobility versus Portability

Mobility vs Multihoming

ECHO: A Quality of Service based Endpoint Centric Handover scheme for VoIP

ECS-087: Mobile Computing

Mobility Management. Advanced Mobile Communication Networks. Integrated Communication Systems Group Ilmenau University of Technology

Location Management Agent for SCTP Handover in Mobile Network

to-end Mobility Support: Combining Security and Efficiency Christian Vogt,

Novel web agent framework to support seamless mobility for data networks Y.-J. Lee 1 D.-W. Lee 2 M. Atiquzzaman 3

T Computer Networks II. Mobility Issues Contents. Mobility. Mobility. Classifying Mobility Protocols. Routing vs.

LECTURE 8. Mobile IP

School of Computer Science

Performance Analysis of Stream Control Transmission Protocol

IPV6 SIMPLE SECURITY CAPABILITIES.

TCP Multi-homing Support in Heterogeneous Networks

Topics in Computer Networking Switch SS7 PSTN/ISDN. Gatekeeper/ Proxy Server. Topics in Computer Networking Н.

P-SIGMA: Paging in End to End Mobility Management

Analysis of Proxy Mobile IPv6: A Network-based Mobility Solution

OPTIMIZING MOBILITY MANAGEMENT IN FUTURE IPv6 MOBILE NETWORKS

Techological Advantages of Mobile IPv6

Hierarchical Location Management for Transport Layer Mobility

The Y-Comm Framework. A new way

Design and Implementation of Service Migration

Mobility Management Basics

Mobile & Wireless Networking. Lecture 9: Mobile IP. [Schiller, Section 8.1]

SCTP: An innovative transport layer protocol for the web

TSIN02 - Internetworking

Signaling cost and performance of SIGMA: A seamless handover scheme for data networks

Slide 1. Slide 2. Slide 3. Technological Advantages of Mobile IPv6. Outline of Presentation. Earth with 2 Billion Mobile devices

Comparision study of MobileIPv4 and MobileIPv6

MOBILITY AGENTS: AVOIDING THE SIGNALING OF ROUTE OPTIMIZATION ON LARGE SERVERS

Security Issues In Mobile IP

Master Course Computer Networks IN2097

TSIN02 - Internetworking

Stream Control Transmission Protocol - Wikipedia, the free encyclopedia

Bi-directional Route Optimization in Mobile IP Over Wireless LAN

Signalling Cost Analysis of SINEMO: Seamless End-to-End Network Mobility

SCTP. Stream Control Transmission Protocol. François Buntschu. Ecole d Ingénieurs et d Architectes de Fribourg HES-SO

Performance of End-to-End Mobility Management in Satellite IP Networks

Network Security. Security of Mobile Internet Communications. Chapter 17. Network Security (WS 2002): 17 Mobile Internet Security 1 Dr.-Ing G.

SCTP over Satellite Networks

TSIN02 - Internetworking

Comparative Analysis of Mobility Support in Mobile IP and SIP

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Cost Analysis of Mobility Management Entities of SINEMO

Datagram Congestion Control Protocol (DCCP)

Mobile IP. rek. Petr Grygárek Petr Grygarek, Advanced Computer Networks Technologies 1

Mobility Management - Basics

INF3190 A critical look at the Internet / alternative network architectures. Michael Welzl

Internet. 1) Internet basic technology (overview) 3) Quality of Service (QoS) aspects

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Foreword xxiii Preface xxvii IPv6 Rationale and Features

T Network Application Frameworks and XML Routing and mobility Tancred Lindholm. Based on slides by Sasu Tarkoma and Pekka Nikander

Mobile IP. Mobile IP 1

Fixed Internetworking Protocols and Networks. IP mobility. Rune Hylsberg Jacobsen Aarhus School of Engineering

Chapter 6 MOBILE IP AND TCP

The Modified Mobile Concurrent Multipath Transfer for Joint Resource Management

Telecommunication & Network Research Lab

Experiences with IPFIX-based Traffic Measurement for IPv6 Networks. Nakjung Choi, Hyeongu Son*, Youngseok Lee* and Yanghee Choi

Computer Communications

Table 3-1 Joint Staff IPv6 Operational Criteria

Agenda. What are we looking at? Introduction. Aim of the project. IP Routing

Mobility Management Protocols for Wireless Networks. By Sanaa Taha

CSC 4900 Computer Networks: Security Protocols (2)

Experimental Tests on SCTP over IPSec

Shim6: Reference Implementation and Optimization

Table of Contents 1 IKE 1-1

Internet Security: Firewall

msctp for Vertical Handover Between Heterogeneous Networks

Mobility Management using the IP Protocol

A Transport Layer Mobility Support Mechanism

Mobile Communications Chapter 9: Network Protocols/Mobile IP

IP Mobility Support with a Multihomed Mobile Router

Computer Networks, Andrew Tannenbaum, Chapter 5.6. Computer Networking: A Top Down Approach Featuring the

TraSH-SN: A Transport Layer Seamless Handoff Scheme for Space Networks

Transcription:

Interoperability and Security of TraSH: A Transport Layer Seamless Handover Panel Session at 23 rd IEEE International Performance, Computing, and Communications Conference April 16, 2004 Dr. Mohammed Atiquzzaman University of Oklahoma Norman, OK 73019-6151, USA. atiq@ou.edu www.cs.ou.edu/~atiq

TraSH: Transport layer Seamless Handover Basic concepts Decouple location management from handoff Carry out location management and handoff in parallel to data transmission Allow the layer whose performance is to be optimized to take responsibility of the handoff Motivation: Performance problems of Mobile IP Design issues of Mobile IP Implementation: Multihoming to achieve simultaneous communication with multiple access points. Stream Control Transmission Protocol (RFC 2960).

SCTP: A new Transport Protocol for Internet What is SCTP? SCTP: Stream Control Transmission Protocol Originally designed to support SS7 signaling messages over IP networks. Currently supports most of the features of TCP Standardized by IETF RFC 2960 Reliable transport protocol on top of IP TCP and SCTP compared Both of them are reliable transport protocols; Similar Congestion Control algorithms (slow start, congestion avoidance); SCTP has two new features: Multihoming Multistreaming Upper layer applications TCP, UDP, SCTP IP Link Layer Physical Layer

SCTP Multi-homing: Supporting Multiple IP Addresses in an Association. Interface1 Network Path 1 Interface1 Computer A SCTP Association Computer B Interface2 Network Path 2 Interface2

Basic concept of TraSH: Seamless Mobile Handover based on multihoming Mobile IP assumes the upper layer protocol use only one IP address to identify an logical connection. Some buffering or re-routing should be done at the router for seamless handover. SCTP support multiple IP addresses at transport layer naturally via multihoming feature. When mobile host moving between cells, it can setup a new path to communicate with the remote computer while still maintaining the old path. Wireless Access Network1 Advantages: Remote Computer Router Multi-homed Mobile Host One SCTP Association Wireless Access Network2 Reduced packet loss and handover latency Increased throughput No special requirement on Routers

Security Threats in Mobile Networks Mobile communication faces all threats that are present in wired networks. Some specific issues introduced by the nature of wireless communication or user mobility: Wireless communications is more vulnerable to eavesdropping absence of a physical wire connection makes it easier to access services illegally. Security association (SA) has to be re-established every time the mobile host moves into a new network, and secret key management/distribution becomes more difficult as peer identities can not be predetermined.

Only location update/query needs to be directed to Location Manager (LM). Thus LM need not to be located in a specific network. Easy to replicate LM at distributed secure locations to improve survivability. LM can further be integrated with DNS server to reduce system complexity. Survivability of TraSH

More Benefits of Centralized Location Management Security: Storing user location information into a central secure databases is more secure than scattered among various Home Agents located at different sub-networks (in the case of Mobile IP). Scalability: location servers do not intervene with data forwarding task, which adapts to the growth in the number of mobile users gracefully. Manageability: Centralized location management provides for an organization/service provider to control user accesses from a single server.

Interoperate Mobile IP with Ingress Filtering Ingress filtering is heavily used in current Internet to prevent IP spoofing and DoS attack. Ingress filtering border routers enforce topologically correct source IP address. Topological correctness requires MH using COA as the source IP address. Applications built over TCP/UDP requires MH always using its home address as source address. Solution: reverse tunneling

Interoperate TraSH with Ingress Filtering In TraSH, MH uses new CoA address directly to communicate with CN, it is already topologically correct. TraSH can incorporate well with ingress filtering, no need for tunneling.

Increase the security of TraSH by IPSEC TraSH depends on dynamic address reconfiguration makes the association more vulnerable to be hi-jacked. Redirection attack: Bogus message sent by attacker to location manager all further association setup messages will be sent to illegal IP addresses All location update and address reconfiguration messages sent to LM and CN should be protected by IPSEC AH header.

Survivability issues introduced by location management of Mobile IP In Mobile IP, Home Agent must reside in MH s home network to intercept packets sent from CN to MH. In situations where the home network is vulnerable to failure, this becomes a serious problem. It is difficult to replicate the Home Agent at various locations distributed throughout the network in order to achieve survivability.

lksctp reference implementation. Linux OS Kernel 2.6.2. Network adapters Avaya PCMCIA wireless network card and a NETGEAR USB wireless network card. TraSH Testbed Operation of TRaSH: Link Layer is monitored to detect new AP signal strength. When a new AP is detected a new IP address is added to the association. When the new AP signal becomes stronger than the old AP signal, the Mobile Node notifies the Correspondent Node to make the new address the primary.

TraSH: Preliminary Results

Mobile IP Results

Some of the Open Research Issues of TraSH Interoperation of TraSH with firewalls and AAA servers. Efficient secret key management/distribution in TraSH. Apply TraSH into vertical handover. QoS related issues.

Acknowledgements National Aeronautics and Space Administration The following people are participating in the design, development and testing of TraSH: Shaojian Fu Liran Ma Yong-Jin Lee Justin Jones Song Lu William Ivancic Further information: atiq@ou.edu www.cs.ou.edu/~atiq

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback