MIP6 Route Optimization Enhancements
|
|
- Ellen Chase
- 8 years ago
- Views:
Transcription
1 MIP6 Route Optimization Enhancements draft-arkko-mip6-ro-enhancements-00 Jari Arkko, Christian Vogt, IETF 61, Washington D.C. Mobopts Meeting, November 10, 2004 Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
2 Outline Where we are Goals Toolbox Categorization Analysis Conclusion and future work Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
3 Where We Are MIP6 as part of the entire stack Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
4 Where We Are: The Big Picture MN Beacon AP/AR HA CN Attachment L Authentication 802.1X & EAP i L3 IP6 Router Discovery IP6 DAD MIP6 Home Registration DNA ODAD Mobopts L3.5 MIP6 Correspondent Reg. L4 Transport-proto. proto. adjustment varies Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
5 Where We Are: MIP6 Route Optimization Registration issues Prove MN s ownership of HoA (authentication) Verify MN s presence at new CoA (flooding-attack prevention) Register new CoA No problem with home registration Security association authentication HoA ownership Trust relationship supersedes CoA test But how about correspondent registration? No security association How to authenticate unknown principals? (Certificates bind ID to public key, but ID typically HoA) No trust relationship How to ensure e presence at CoA? Solution adopted in MIP6: Return Routability Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
6 Where We Are: Return Routability RR is a compromise Efficiency Security under the pre-condition of universal applicability (low requirements, zero-configurability) RR may not be optimal in all scenarios Real-time applications reduce latency Confidential communications increase security Resource constraints relax signaling, processing overhead Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
7 Goals Improving and enhancing MIP6 RO Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
8 Goals Latency optimizations Security enhancements Signaling optimizations Applicability enhancements Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
9 Goals: Latency Optimizations 4 msg. exchanges IETF 61, Washington D.C. Register w/ HA Prove HoA ownership Verify presence at new CoA Register w/ CN 2 end-to to-end paths (longest governs delay) Chris Jari Chris HA Karlsruhe,, Germany Jari s HA Kauniainen, Finland Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
10 Goals: Security Enhancements RR narrows the windows of vulnerability to on-path, on-time attackers Off-path attacker cannot impersonate MN Off-path attackers cannot flood 3rd parties (through faked data-stream subscriptions) On-path attacker must be present constantly RR raises security level of mobile Internet to that of today s s Internet But we may still want to have a stronger, cryptographic mechanism Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
11 Goals: Signaling Optimizations 3 out of 4 msg. exchanges pertain to correspondent registration In HO case and periodically (Prevent time/space-shift shift attacks; limit attack to on-path, on-time) Overhead is not a problem for a communicating, moving MN but may be an issue for an idle,, temporarily non-moving MN Overhead issue in core network providing HA functionality? Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
12 Goals: Applicability Enhancements Since HoA and CoA are carried in each packet, pseudonymity, anonymity,, and location privacy are not provided. Reducing processing overhead at MNs by using cheaper authentication algorithms (Be careful of bidding-down down attacks!) or delegation. Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
13 Toolbox Strategies used in existing proposals Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
14 Toolbox: Latency Optimization Optimistic home registration (= Parallel home registration, correspondent reg. = Don t t wait for HA s Ack) Optimistic correspondent reg. (= Parallel correspondent reg., data exchange = Don t t wait for CN s Ack) Parallel HoA, CoA tests (send HoTI, CoTI simultaneously) Proactive HoA test (periodically, in anticipation) Proactive CoA test (requires 2 I/F) Diverting packets through HA (intermediate binding cancellation) Anticipated registration (new CoA through external mechanism) Concurrent CoA test (Heuristics, Credit-Based Authorization) RFC conformant Modifications Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
15 Toolbox: Security Enhancements Encrypted tunnel secures signaling close to the MN Links close to the MN are likely to involve wireless links Stateless HoA, CoA tests Make the CN resilient to resource-exhaustion exhaustion attacks Cryptographically bound identifiers Bind MN s s identity to public key (routable MIP6 HoA,, CGA, or non-routable HIP HI) Pre-configuring shared keys MN and CN must know each other Adopted in RFC 3775 Modifications Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
16 Toolbox: Signaling Optimization Local mobility management Spare global signaling (plus the associated latency) Gradual binding-lifetime extension Relax binding-refreshment interval for non-moving MNs Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
17 Toolbox: Applicability Enhancements Reducing processing through alternative cryptographic algorithms E.g., use MD5 instead of SHA-1, ECC instead of RSA or through delegating authentication and vouching HA is less constrained than MN and may do expensive processing or signaling Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
18 Categorization and Analysis Looking at existing proposals Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
19 Categorization Local vs. End-to to-end Pre-conf conf. keys HMIP6 FMIP6 PKI DNSSEC RR CGA-OMIP6 EBU/CBA Pre-Configuration vs. Zero-Configuration Local support eliminates global signaling but implies investments in the access network and does not support cross-domain handovers Pre-configuration eliminates signaling and latency,, too but limits applicability End-to to-end approaches are cost-effective effective and work w/ any access network but require longer RTTs Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
20 Analysis Reasonable relationship btw. efficiency, security gain and deployment cost Proposals usually use more than one strategy from the toolbox Community analysis is paramount for any new proposal E.g. early RR, CGA, EBU had no sufficient protection against 3rd-party flooding Early BUB, OMIP6 were subject to Kilroy-was was-here-first attack Many of the existing proposals are mature Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
21 Conclusion and Future Work Lots more remains to be done Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
22 Conclusion and Future Work RR is the default; enhancements mainly for special usage scenarios (Fast movements, real-time applications, MNs in stand-by mode) No single enhancement, but a variety Future work Local enhancements w/o network support CoA verifications using lower-layer layer assistance or SEND Further enhancements that increase the cost for a particular attack to an unacceptable level (like CBA) Combining mobility and multi-homing Applying enhancements to other mobility protocols Experimental data (How usable are proposals as part of the complete stack?) Publication as RFC (Wider deployment can yield more insight as well) Jari Arkko, Christian Vogt, IETF 61, Washington D.C., Mobopts Meeting, November 10,
Early Binding Updates for Mobile IPv6
Early Binding Updates for Mobile IPv6 Christian Vogt, chvogt@tm.uka.de Roland Bless, bless@tm.uka.de Mark Doll, doll@tm.uka.de Tobias Küfner, kuefner@tm.uka.de IEEE Wireless and Communications and Networking
More informationBoosting mobility performance with Multi-Path TCP
Boosting mobility performance with Multi-Path TCP Name SURNAME 1, Name SURNAME 2 1 Organisation, Address, City, Postcode, Country Tel: +countrycode localcode number, Fax: + countrycode localcode number,
More informationEarly Binding Updates and Credit-Based Authorization A Status Update
Status update New drafts Implementation Experimentation results Early Binding Updates and Credit-Based Authorization A Status Update Why Do We Need Enhancement? Mobile IPv6 Route Optimization uses return-routability
More informationProactive DAD: An L2-assisted Fast Address Acquisition. Strategy for Mobile IPv6 Networks
Proactive DAD: An L2-assisted Fast Address Acquisition Strategy for Mobile IPv6 Networks Chien-Chao Tseng Department of Computer Science and Information Engineering National Chiao-Tung University Hsinchu,
More informationSecurity Sensor Network. Biswajit panja
Security Sensor Network Biswajit panja 1 Topics Security Issues in Wired Network Security Issues in Wireless Network Security Issues in Sensor Network 2 Security Issues in Wired Network 3 Security Attacks
More informationSHISA: The IPv6 Mobility Framework for BSD Operating Systems
SHISA: The IPv6 Mobility Framework for BSD Operating Systems Keiichi Shima Internet Initiative Japan Inc. Ryuji Wakikawa, Koshiro Mitsuya, Keisuke Uehara Keio University Tsuyoshi Momose NEC Corporation
More informationMobility on IPv6 Networks
Mobility on IPv6 Networks Pedro M. Ruiz Project Manager Agora Systems S.A. Global IPv6 Summit Madrid 13-15 March 2002 Pedro M. Ruiz (c) Agora Systems S.A, 2002 1 Outline Motivation MIPv6 architecture MIPv6
More informationIEEE P802 Handoff ECSG Handoff for Multi-interfaced 802 Mobile Devices. Abstract
IEEE P802 Handoff ECSG Handoff for Multi-interfaced 802 Mobile Devices Date: May 12, 2003 Authors: Huai-An (Paul) Lin Intel Corp. 2111 NE 25 th Avenue, OR 97124 Phone: +1 503-264-6726 E-mail: huai-an.lin@intel.com
More informationEfficient End-to-End Mobility Support in IPv6
Efficient End-to-End Mobility Support in IPv6, Mark Doll, doll@tm.uka.de, Communicating Anywhere, Anytime 1 Mobile IPv6 Basics mobile node @ home address Internet visited network home network correspondent
More informationPacket Level Authentication Overview
Packet Level Authentication Overview Dmitrij Lagutin, Dmitrij.Lagutin@hiit.fi Helsinki Institute for Information Technology HIIT Aalto University School of Science and Technology Contents Introduction
More informationDeploying IPv6, Now. Christian Huitema. Architect Windows Networking & Communications Microsoft Corporation
Deploying IPv6, Now Christian Huitema Architect Windows Networking & Communications Microsoft Corporation Agenda The Opportunity Key Problems The Promise of IPv6 What is Microsoft doing Call to Action
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationREDUCING PACKET OVERHEAD IN MOBILE IPV6
REDUCING PACKET OVERHEAD IN MOBILE IPV6 ABSTRACT Hooshiar Zolfagharnasab 1 1 Department of Computer Engineering, University of Isfahan, Isfahan, Iran hoppico@eng.ui.ac.ir hozo19@gmail.com Common Mobile
More informationMobile Internet Protocol v6 MIPv6
Mobile Internet Protocol v6 MIPv6 A brief introduction Holger.Zuleger@hznet.de 13-dec-2005 Holger Zuleger 1/15 > c Defined by MIPv6 RFC3775: Mobility Support in IPv6 (June 2004) RFC3776: Using IPsec to
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationMobile IP Part I: IPv4
Mobile IP Part I: IPv4 Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/ 12-1 q Mobile
More informationAn Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks
An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks Avesh K. Agarwal Wenye Wang Department of Electrical and Computer Engineering North Carolina State University,
More informationNetwork Mobility Support Scheme on PMIPv6 Networks
Network Mobility Support Scheme on PMIPv6 Networks Hyo-Beom Lee 1, Youn-Hee Han 2 and Sung-Gi Min 1 1 Dept. of Computer Science and Engineering, Korea University, Seoul, South Korea. sgmin@korea.ac.kr
More informationThe Layering Principle and Mobility Performance
The Layering Principle and Mobility Performance Teemu Rinta-aho 30.11.2005 T-110.7190 Research Seminar on Datacommunications Software Contents Introduction Mobility Network Architectures
More informationPerformance Evaluation of a QoS-Aware Handover Mechanism
Performance Evaluation of a QoS-Aware Handover Mechanism 1.Introduction Background Requirements in mobile communication Seamless mobility support Guarantee certain levels of QoS Mobile communications over
More informationA Mobile Ad-hoc Satellite and Wireless Mesh Networking Approach for Public Safety Communications
A Mobile Ad-hoc Satellite and Wireless Mesh Networking Approach for Public Safety Communications G. Iapichino, C. Bonnet Mobile Communications Department Eurecom Sophia Antipolis, France {Iapichin, Bonnet}@eurecom.fr
More informationThreats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security
Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security Yvette E. Gelogo 1, Ronnie D. Caytiles 1 and Byungjoo Park 1 * 1Multimedia Engineering Department,
More informationMobility Management Advanced
Mobility Management Advanced Summer Semester 2011 Integrated Communication Systems Group Ilmenau University of Technology Outline Motivation Mobility Management Approaches in the TCP/IP Reference Model
More informationLoad Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents
1 Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents Albert Cabellos-Aparicio, Jordi Domingo-Pascual Abstract A foreseeable scenario is where on the Internet Mobile IPv6 is deployed
More informationITL BULLETIN FOR JANUARY 2011
ITL BULLETIN FOR JANUARY 2011 INTERNET PROTOCOL VERSION 6 (IPv6): NIST GUIDELINES HELP ORGANIZATIONS MANAGE THE SECURE DEPLOYMENT OF THE NEW NETWORK PROTOCOL Shirley Radack, Editor Computer Security Division
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationSecurity Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)
Security Protocols Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationQuick NAP - Secure and Efficient Network Access Protocol
Quick NAP - Secure and Efficient Network Access Protocol Jari Arkko, Pasi Eronen, Hannes Tschofenig, Seppo Heikkinen and Anand Prasad Ericsson Research NomadicLab, E-Mail: Jari.Arkko@ericsson.com Nokia
More informationMOBILITY MANAGEMENT FOR ALL-IP MOBILE NETWORKS: MOBILE IPV6 VS. PROXY MOBILE IPV6
ARCHITECTURES AND P ROTOCOLS FOR MOBILITY MANAGEMENT IN ALL-IP MOBILE N ETWORKS MOBILITY MANAGEMENT FOR ALL-IP MOBILE NETWORKS: MOBILE IPV6 VS. PROXY MOBILE IPV6 KI-SIK KONG AND WONJUN LEE, KOREA UNIVERSITY
More informationMobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744. The problem
Mobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744 The problem How to support mobile users What do we mean by support? Make it easy and convenient to effectively
More information13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode
13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) PPP-based remote access using dial-in PPP encryption control protocol (ECP) PPP extensible authentication protocol (EAP) 13.2 Layer 2/3/4
More informationHow To Create A Virtual Network With A Router And Network Operating System (Ip) For A Network (Ipv) (Ip V2) (Netv) And A Virtualization) (Network) (Wired) (Virtual) (Wire)
Post-IP technologies virtualization and security Guy Pujolle 1 Virtualization for a post-ip network 2 Geni Intel would like to propose a generic router Intel proposes to have a generic hardware with virtual
More informationPerformance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc
(International Journal of Computer Science & Management Studies) Vol. 17, Issue 01 Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc Dr. Khalid Hamid Bilal Khartoum, Sudan dr.khalidbilal@hotmail.com
More informationIP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP
IP and Mobility Chapter 2 Technical Basics: Layer Methods for Medium Access: Layer 2 Chapter Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Telecommunication Networks: GSM, GPRS, UMTS
More informationSecurity Policy. Security Policy. www.clickmeeting.com
Security Policy www.clickmeeting.com 1 Introduction ClickMeeting is a worldwide, solid and easy to use SaaS platform. It s core was constructed with the hi-end technology. Data security the highest priority
More informationMOBILE VIDEO WITH MOBILE IPv6
MOBILE VIDEO WITH MOBILE IPv6 DANIEL MINOLI WILEY A JOHN WILEY & SONS, INC., PUBLICATION CONTENTS PREFACE ABOUT THE AUTHOR xi xiii 1 THE MOBILE USER ENVIRONMENT: SMART PHONES, PORTABLE MEDIA PLAYERS (PMPs),
More informationNetwork Security Part II: Standards
Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1 Overview
More information6 Mobility Management
Politecnico di Milano Facoltà di Ingegneria dell Informazione 6 Mobility Management Reti Mobili Distribuite Prof. Antonio Capone Introduction Mobility management allows a terminal to change its point of
More informationDedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.
Dedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.2 COMPARISONS OF IP HEADER FORMATS 2.3 EXTENSION HEADERS 2.3.1 Options
More informationTomás P. de Miguel DIT-UPM. dit UPM
Tomás P. de Miguel DIT- 15 12 Internet Mobile Market Phone.com 15 12 in Millions 9 6 3 9 6 3 0 1996 1997 1998 1999 2000 2001 0 Wireless Internet E-mail subscribers 2 (January 2001) Mobility The ability
More informationResearch Article A Two-Layered Mobility Architecture Using Fast Mobile IPv6 and Session Initiation Protocol
Hindawi Publishing Corporation EURA Journal on Wireless Communications and Networking Volume 2008, Article ID 348594, 8 pages doi:10.1155/2008/348594 Research Article A Two-Layered Mobility Architecture
More informationIntroducing Reliability and Load Balancing in Mobile IPv6 based Networks
Introducing Reliability and Load Balancing in Mobile IPv6 based Networks Jahanzeb Faizan Southern Methodist University Dallas, TX, USA jfaizan@engr.smu.edu Hesham El-Rewini Southern Methodist University
More informationSecure SCTP against DoS Attacks in Wireless Internet
Secure SCTP against DoS Attacks in Wireless Internet Inwhee Joe College of Information and Communications Hanyang University Seoul, Korea iwjoe@hanyang.ac.kr Abstract. The Stream Control Transport Protocol
More informationIdentity Management in Federated Telecommunication Systems
Identity Management in Federated Telecommunication Systems Christian Hauser Institute of Communication Networks and Computer Engineering University of Stuttgart christian.hauser@ikr.uni-stuttgart.de 07/07/2006
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationG.Vijaya kumar et al, Int. J. Comp. Tech. Appl., Vol 2 (5), 1413-1418
An Analytical Model to evaluate the Approaches of Mobility Management 1 G.Vijaya Kumar, *2 A.Lakshman Rao *1 M.Tech (CSE Student), Pragati Engineering College, Kakinada, India. Vijay9908914010@gmail.com
More informationINTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli 4-25-2002
INTERNET SECURITY: FIREWALLS AND BEYOND Mehernosh H. Amroli 4-25-2002 Preview History of Internet Firewall Technology Internet Layer Security Transport Layer Security Application Layer Security Before
More informationEXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C. 20503. June 8, 2015
EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C. 20503 June 8, 2015 M-15-13 MEMORANDUM FOR THE HEADS OF EXECUTIVE DEP FROM: SUBJECT: Tony Scott Federal Chief Information
More informationBest Practices for SIP Security
Best Practices for SIP Security IMTC SIP Parity Group Version 21 November 9, 2011 Table of Contents 1. Overview... 33 2. Security Profile... 33 3. Authentication & Identity Protection... 33 4. Protecting
More informationCHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs
CHAPTER 6 VOICE COMMUNICATION OVER HYBRID MANETs Multimedia real-time session services such as voice and videoconferencing with Quality of Service support is challenging task on Mobile Ad hoc Network (MANETs).
More informationCommunication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009
16 th lecture Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009 1 25 Organization Welcome to the New Year! Reminder: Structure of Communication Systems lectures
More informationSecurity Overview on Mobile IP Networks
Security Overview on Mobile IP Networks Osama Ali Abdelgadir 1, Amin Babiker A.Nabi 2, Ashraf Gasim Elsid Abdalla 3 1 Alneelain University, Department of Electronics & Communication Engineering, Faculty
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationProxy Mobile IPv6-Based Handovers for VoIP Services in Wireless Heterogeneous Networks
IACSIT International Journal of Engineering and Technology, Vol. 4, No. 5, October 12 Proxy Mobile IPv6-Based Handovers for VoIP Services in Wireless Heterogeneous Networks N. P. Singh and Brahmjit Singh
More informationLoad Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents
Load Balancing in Mobile IPv6 s Correspondent Networks with Mobility Agents Albert Cabellos-Aparicio, Jordi Domingo Pascual Departament d Arquitectura de Computadors Universitat Politècnica de Catalunya
More informationInfrastructure-less networks
Infrastructure-less networks Csaba Simon Dept. of Telecommunications and Media Informatics simon@tmit.bme.hu Convergent Networks and Services (VITMM156) 1 Mobility management 2 Mobility Mobile station,
More informationSOFTWARE-DEFINED NETWORKING IN HETEROGENEOUS RADIO ACCESS NETWORKS
SOFTWARE-DEFINED NETWORKING IN HETEROGENEOUS RADIO ACCESS NETWORKS Hao Yu Technical University of Denmark (DTU), Oersteds Plads 343, Kgs. Lyngby, 2800, Denmark e-mail: haoyu@fotonik.dtu.dk Paper type Research
More informationAn Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework
An Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework Zutao Zhu Zhenjun Li YunYong Duan Department of Business Support Department of Computer Science Department of Business
More informationOPTIMUM EFFICIENT MOBILITY MANAGEMENT SCHEME FOR IPv6
OPTIMUM EFFICIENT MOBILITY MANAGEMENT SCHEME FOR IPv6 Virender Kumar Department of Electronics & Communication Engineering, HCTM Technical Campus, Kaithal, India gangotrahctm@gmail.com ABSTRACT Mobile
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationAPNIC elearning: IPSec Basics. Contact: training@apnic.net. esec03_v1.0
APNIC elearning: IPSec Basics Contact: training@apnic.net esec03_v1.0 Overview Virtual Private Networks What is IPsec? Benefits of IPsec Tunnel and Transport Mode IPsec Architecture Security Associations
More informationMobility Management in Next Generation Networks: Analysis of Handover in Micro and Macro Mobility Protocols
International Journal of Computing and Network Technology ISSN 2210-1519 Int. J. Com. Net. Teach. 2, No. 3 (Sept. 2014) Mobility Management in Next Generation Networks: Analysis of Handover in Micro and
More informationTarget Network Selection and Network Assisted Roaming for Heterogeneous Access Networks. Jouni Korhonen / 30-Sep-2005
Target Network Selection and Network Assisted Roaming for Heterogeneous Access Networks Jouni Korhonen / 30-Sep-2005 Topics Background General requirements Open issues Topics for Work/Research Thoughts
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationSecurity Considerations for DirectAccess Deployments. Whitepaper
Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift
More information3G/Wi-Fi Seamless Offload
Qualcomm Incorporated March 2010 Table of Contents [1] Introduction... 1 [2] The Role of WLAN... 2 [3] 3G/Wi-Fi Seamless Offload Pathway... 2 [4] Application-Based Switching... 3 [5] Wi-Fi Mobility...
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationLinux Based Implementation and Performance Measurements of Dual Stack Mobile IPv6
Linux Based Implementation and Performance Measurements of Dual Stack Mobile IPv6 CHAMAN SINGH 1 K.L.BANSAL 2 1 Assistant Professor 2 Associate Professor chaman83mca@gmail.com kishorilalbansal@yahoo.co.in
More informationMANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationRohde & Schwarz R&S SITLine ETH VLAN Encryption Device Functionality & Performance Tests
Rohde & Schwarz R&S Encryption Device Functionality & Performance Tests Introduction Following to our test of the Rohde & Schwarz ETH encryption device in April 28 the European Advanced Networking Test
More informationA. Hot-Standby mode and Active-Standby mode in High Availability
High Availability (HA) is the feature that ensures the business continuity for your organization. IT staff can take HA as a simple solution for the disaster recovery. DrayTek utilizes the Common Address
More informationIPv6 Moving Network Testbed with Micro-Mobility Support
IPv6 Moving Network Testbed with Micro-Mobility Support Miklós Aurél Rónai 1, Kristóf Fodor 1, Ralf Tönjes 2 Ericsson Research, 1 Traffic Lab (Hungary), 2 Eurolab (Germany) {Miklos.Ronai, Kristof.Fodor,
More informationIPv6 mobility and ad hoc network mobility overview report
Institut Eurecom 1 Department of Mobile Communications 2229, route des Crêtes B.P. 193 06904 Sophia Antipolis FRANCE Research Report RR-08-217 IPv6 mobility and ad hoc network mobility overview report
More informationChapter 5. Simple Ad hoc Key Management. 5.1 Introduction
Chapter 5 Simple Ad hoc Key Management 5.1 Introduction One of the most important consequences of the nature of the MANET networks is that one cannot assume that a node that is part of a network will be
More informationIntroduction to Mobile IPv6
1 Introduction to Mobile IPv6 III IPv6 Global Summit Moscow Dr. Dimitrios Kalogeras dkalo@grnet.gr GRNET Outline Introduction Relevant Features of IPv6 Major Differences between MIPv4 and MIPv6 Mobile
More informationIP Flow Mobility: Smart Traffic Offload for Future Wireless Networks
1 IP Flow Mobility: Smart Traffic Offload for Future Wireless Networks Antonio de la Oliva, Carlos J. Bernardos, Maria Calderon, Telemaco Melia and Juan Carlos Zuniga Universidad Carlos III de Madrid,
More informationVPN Lesson 2: VPN Implementation. Summary
VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users
More informationNIST Test Personal Identity Verification (PIV) Cards
NISTIR 7870 NIST Test Personal Identity Verification (PIV) Cards David A. Cooper http://dx.doi.org/10.6028/nist.ir.7870 NISTIR 7870 NIST Text Personal Identity Verification (PIV) Cards David A. Cooper
More informationFigure 1: Application scheme of public key mechanisms. (a) pure RSA approach; (b) pure EC approach; (c) RSA on the infrastructure
A Low Power Security Architecture for Mobile Commerce Peter Langendoerfer +, Zoya Dyka +, Oliver Maye + and Rolf Kraemer + Abstract: Mobile devices have limited resources in terms of computational power
More informationMultimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS
Multimedia Communication in the Internet SIP: Advanced Topics Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS SIP and NAT NAT Concept NAT = Network Address Translation Share one IP address
More informationA Study of Dynamic Addressing Techniques in Mobile Ad hoc Networks
A Study of Dynamic Addressing Techniques in Mobile Ad hoc Networks Yuan Sun Elizabeth M. Belding-Royer Department of Computer Science University of California, Santa Barbara suny, ebelding @cs.ucsb.edu
More informationCS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK AN OVERVIEW OF MOBILE ADHOC NETWORK: INTRUSION DETECTION, TYPES OF ATTACKS AND
More informationCPNI VIEWPOINT. SECURITY IMPLICATIONS OF IPv6. Disclaimer: MARCH 2011
CPNI VIEWPOINT SECURITY IMPLICATIONS OF IPv6 MARCH 2011 Abstract: IPv6 is coming to a network near you. CPNI has extracted salient points from recently published documents to highlight some of the major
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More information10 Secure Electronic Transactions: Overview, Capabilities, and Current Status
10 Secure Electronic Transactions: Overview, Capabilities, and Current Status Gordon Agnew A&F Consulting, and University of Waterloo, Ontario, Canada 10.1 Introduction Until recently, there were two primary
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationVoice over IP (VoIP) Vulnerabilities
Voice over IP (VoIP) Vulnerabilities The Technical Presentation Diane Davidowicz NOAA Computer Incident Response Team N-CIRT diane.davidowicz@noaa.gov "Security problems in state of the art IP-Telephony
More informationMobile Security Wireless Mesh Network Security. Sascha Alexander Jopen
Mobile Security Wireless Mesh Network Security Sascha Alexander Jopen Overview Introduction Wireless Ad-hoc Networks Wireless Mesh Networks Security in Wireless Networks Attacks on Wireless Mesh Networks
More informationIETF DPRIVE WG: Encrypting DNS
IETF DPRIVE WG: Encrypting DNS Sara Dickinson Sinodun ICANN 54 - Tech Day October 2015 DPRIVE WG Focus is stub to recursive Group created IETF91 IETF92 IETF93 A ID: problem-statement RFC7626 ID: dns-tls-newport
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationFixed-Mobile Convergence: Critical Issues for Wireline and Wireless Carriers
certicom application notes Fixed-Mobile Convergence: Critical Issues for Wireline and Wireless Carriers For traditional wireline carriers, Fixed-Mobile Convergence (FMC) represents an opportunity to reclaim
More informationNetwork Authentication - 802.1X Secure the Edge of the Network - Technical White Paper
Bosch Security Systems Video Systems Network Authentication - 802.1X Secure the Edge of the Network - Technical White Paper 4 July 2016 Secure the edge of the network Security devices are mostly located
More informationIPv6 Transition Work in the IETF
IPv6 Transition Work in the IETF Ralph Droms, Internet Area Director Thanks to Jari Arkko, Fred Baker and many others for contributions to these slides 1 IPv6 Transition Work in the IETF Outline of Presentation
More information