Abstract
In an Open Broadband Access Network consisting of multiple Internet Service Providers, delay due to multi-hop processing of authentication credentials is a major obstacle to fast handover between access points, effectively preventing delay-sensitive interactive applications such as Voice over IP. By exploiting existing trust relationships between service providers and access points, it is possible to pre-authenticate a mobile terminal to an access point, creating a Kerberos-style ticket that can be evaluated locally. The terminal can thus perform a handover and be authenticated to the new access point, without incurring communication and processing delays by involving other servers.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
OBAN Consortium. [Online]. Available: http://www.ist-oban.org
J. F. Huber, D. Weiler, and H. Brand, “UMTS, the mobile multimedia vision for IMT 2000: a focus on standardization,” IEEE Communications Magazine, vol. 38, no. 9, pp. 129–136, 2000.
IEEE Standard for Local and metropolitan area networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems, IEEE Std. 802.16-2004, 2004.
F. Steuer, M. Elkotob, S. Albayrak, H. Bryhni, and T. Lunde, “Seamless Mobility over Broadband Wireless Networks,” in Proceedings of 14th 1ST Mobile & Wireless Communications Summit, 2005.
E. Edvardsen, T. G. Eskedal, and A. Årnes, “Open Access Networks,” in INTERWORKING, ser. IFIP Conference Proceedings, C. McDonald, Ed., vol. 247. Kluwer, 2002, pp. 91–107.
M. G. Jaatun, I. A. Tøndel, M. B. Dahl, and T. J. Wilke, “A Security Architecture for an Open Broadband Access Network,” in Proceedings of the 10th Nordic Workshop on Secure IT Systems (Nordsec), 2005.
C. Rigney, S. Willens, A. Rubens, and W. Simpson, “Remote Authentication Dial In User Service (RADIUS),” RFC 2865, June 2000.
J. F. Kurose and K. W. Ross, Computer Networking-A Top-Down Approach Featuring the Internet. Addison-Wesley, 2001.
Port-Based Network Access Control, IEEE Std. 802.1X-2001, 2001.
C. Neuman, T. Yu, S. Hartman, and K. Raeburn, “The Kerberos Network Authentication Service (V5),” RFC 4120, July 2005.
T. Aura and M. Roe, “Reducing Reauthentication Delay in Wireless Networks,” in Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm), 2005.
H. Haverinen and J. Salowey, “Extensible Authentication Protocol Method for Global System for Mobile Subscriber Identity Modules (EAP-SIM),” RFC 4186, January 2006.
D. Stanley, J. R. Walker, and B. Aboba, “Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs,” RFC 4017, March 2005.
H. Chaskar, D. Funato, M. Liebsch, E. Shim, and A. Singh, “Candidate Access Router Discovery (CARD),” RFC 4066, July 2005.
W. Stallings, Cryptography and Network Security-Principles and Practices. Prentice Hall, 2003.
B. Aboba, L. J. Blunk, J. R. Vollbrecht, J. Carlson, and H. Levkowetz, “Extensible authentication protocol (EAP),” RFC 3748, June 2004.
B. Aboba and P. R. Calhoun, “RADIUS (Remote Authentication Dial In User Service) support for Extensible Authentication Protocol (EAP),” RFC 2865, June 2000.
C. E. Perkins, “Mobile IP,” IEEE Communications Magazine, vol. 40, no. 5, pp. 66–82, 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Jaatun, M.G., Tøndel, I.A., Paint, F., Johannessen, T.H., Francis, J.C., Duranton, C. (2006). Secure Fast Handover in an Open Broadband Access Network using Kerberos-style Tickets. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds) Security and Privacy in Dynamic Environments. SEC 2006. IFIP International Federation for Information Processing, vol 201. Springer, Boston, MA. https://doi.org/10.1007/0-387-33406-8_33
Download citation
DOI: https://doi.org/10.1007/0-387-33406-8_33
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-33405-9
Online ISBN: 978-0-387-33406-6
eBook Packages: Computer ScienceComputer Science (R0)