Monday, October 14, 2019

Authentication Mechanism for Fast Handover PMIPv6 Networks

Authentication Mechanism for Fast Handover PMIPv6 Networks N.S.Nandhinee S.Kayalvizhi Abstract—The Internet Engineering Task Force (IETF) proposed a host-based mobility management protocol, called Mobile IPv6 (MIPv6) protocol for mobile nodes (MNs) to maintain continuous service when they move among different foreign networks. However, Mobile IPv6 does not provide good service for real-time applications because it causes longer disruptions when the handoff takes place. Recently, the IETF NETLMM working group developed a network-based localized mobility management protocol called Proxy Mobile IPv6 (PMIPv6) to reduce the handoff latency of MIPv6. PMIPv6 still suffers from packet loss problem and signaling overhead. This paper performs a Bicasting scheme to reduce packet loss, use the piggyback technique to reduce the signaling overhead, also provides Authentication mechanism for protecting valid user from attacks in PMIPv6 networks. Keywords—Authentication, bicasting, handover, piggyback, Proxy Mobile IPv6 (PMIPv6) 1. Introduction As wireless technologies have grown, all the people want to use wireless networks while moving from one place to another. At the same time Mobile MIPv6 was developed by the internet Engineering Task Force (IETF) to support the Mobile Node. Even after introducing the Mobile IPv6 Mobile Nodes (MNs) did not receive any data packets when it performs the handover that involves , IP address configuration, movement detection and location update latencies. To reduce the handover latency, Fast Handover has been developed. Fast handover performs the movement detection and IP address whenever the Mobile Nodes move from one location to another. Therefore Fast handover protocol reduces the handover latency. However , MIPv6 cannot satisfy all the requirements of real time applications such as video streaming service and voice over internet protocol (VoIP) service due to its high handover latency. To address this problem, the Internet Engineering Task Force (IETF) NETLMM working group developed a network based localized mobility management protocol called Proxy Mobile IPv6 (PMIPv6) to reduce the handoff latency of MIPv6.Moreover, PMIPv6 provides the IP with the mobility to support MNs without requiring its participation in any mobility-related signaling. Although PMIPv6 reduces lots of handoff latency compared with MIPv6, it still suffers from packet loss, signaling overhead and inefficient authentication procedure problems during handoff. This is because PMIPv6 does not use any buffer mechanism during the handoff procedure and performs the authentication and registration phases separately. Therefore this paper used a bicasting scheme for packet loss and piggybacking technique for signaling overhead. 2. Related works 2.1. survey on fast handover Chaung and Lee [2] proposed handoff schemes for PMIPv6 networks perform the authentication and registration phases separately, resulting in longer handoff latency. A. Pre-Handoff procedure The movements of an MN is detected using the MAG and it performs mobility-related signaling with the LMA in place of the MN. The pre-handoff phase starts only when the MN is going to leave the range of the serving MAG (i.e., MAG1). First, MAG1 sends a handoff initial (HI) message to the target MAG(i.e., MN-ID) and the address of the target MAG. Then , MAG2 sends back a handoff acknowledgement (HACK) message to MAG1, and then a bi-directional tunnel is built between MAG1 and MAG2. After the bi-directional tunnel is built , the buffer of MAG2 prepares to buffer. B. Fast Handoff procedure When the MN moves out of the transmission range of the MAG1, the MAG1 immediately starts sending the MN’S packets to MAG2 at the same time it buffers the packets to prevent from packet loss. After that MAG2 can start the authentication phase immediately. Now, MAG2 sends the AAA request which includes the profile of Mobile Node (i.e., MN-ID) to authenticate the MN and simultaneously sends the PBU message which piggybacks DeReg PBU message to refresh the binding cache entry of LMA. That is , the target MAG (i.e., MAG2) performs the registration phase on behalf of the Deregistration phase of previous MAG (i.e., MAG1).MAG1 stops the service and MAG2 takes the position of MAG2. Moreover, the authentication and registration phases are simultaneously performed so the executing time of these phases are overlapped. On receipt of the PBU message, the LMA sends a PBA message, which includes the HNP of the MN, deletes the old binding cache entry, establishes a new binding cache entry, and sets up a bi-directional tunnel between the LMA and new MAG (i.e., MAG2). Afterward through the new path the LMA transmits the packet to MAG2 and MAG2 buffers these packets for the MN. At the same time, the AAA server starts to authenticate. The MN sends the AAA response to MAG2. MAG2 also immediately sends an RA message to the MN when it detects the MN’s attachment. After receiving the RA message, the MN checks the RA message for finding where the MN locates in. The MN retains the original address if the MN moves in the same LMD. Otherwise, the MN configures the global IPv6 address on its interface from the HNP. Finally, the MN downloads the buffered packets from MAG2. Kim et al [4] The ERP exchange is not necessarily a full EAP method between the EAP peer and the EAP authenticator. It uses MSK sent from EAP server. In this paper, the EAP peer is the MN, the EAP authenticator is a Access Pointer (AP), EAP server is a AAA server and the LMA includes the AAA server. A. EAP authentication in PMIPv6 The MN sends the EAP-Request/Identity to previous AP (p-AP) and receives EAP Response/Identity from the EAP authentication. After the AP performs the EAP method exchange using AAA protocol, it performs the EAP method exchange with the MN. In the case of successful authentication, a MSK is sent by the AAA server to the AP. TSK is made using the MSK after when the MSK is received. TSK is shared with the MN and the TSK is used for per-packet access enforcement by the MN. B. Fast Handover scheme with ERP exchange in PMIPv6 In Proxy MIPv6, whenever the MN moves from its attachment AP to a new attachment AP within the Access Router, it delivers the MSK and performs the re-authentication process. However, the MN performs the Full EAP Method when the MN moves from one attachment MAG network to another new MAG network. In Fast Handover of PMIPv6, the MN performs the Full EAP Method. During Fast Handover period the full EAP method is delayed. The ERP Exchange scheme is used in Fast Handover of PMIPv6 to reduce the full EAP delay. In PMIPv6, Fast Handover schemes are under the propounded phase. Therefore we select the best Scheme of the Fast Handover schemes after the MN performs the Full EAP Method, MSK is received from EAP server and uses the MSK. When the movement of the MN is detected by p-AP, it sends a HO initiate message which includes the MN Identifier (MN ID), new-AP ID and the MSK to the p-MAG. The p-MAG sends a Fast PBU message to the LMA which also receives the HO initiate message. Note that the F ast PBU message includes the information of the HO initiate message. Once the LMA sends back the Fast PBA to the p-MAG it establishes a binding between the HNP which is assigned to the MN and its new PCoA. A Reverse PBU message is sent to the n-MAG by the LMA. The Reverse PBU message consists of the MN ID, HNP of the MN used in the p-MAG, n-AP ID, and the MSK sent from the EAP server. The RA message consists of the HNP, and the MSK which is sent by the n-MAG. MN does not perform a new EAP Method and AAA (EAP Method) scheme when it performs fast handover. Therefore the MSK used in the n-MAG network can also be used in the p-MAG network and the MN is not necessary to complete EAP Method and AAA (EAP Method) between the AAA server and AP. Ryu et al [6] PFMIPv6 to reduce the handover latency occurred in PMIPv6 . PFMIPv6 has two mode: one is the predictive mode and the other is the reactive mode. The solution for handover is described in the following steps : First: The MN reports the identifications of its own (MN ID) and the access point (New AP ID) to which the Mobile Node is most likely to move and also detects that a handover is immediate. The NMAG receives the HI from PMAG which is sent by it. The HI message must include the MN ID and should include the MN-HNP, the MN-ID and the address of the LMA that is currently serving the MN Second: A bi-directional tunnel is built between the PMAG and NMAG and the packets decided for the MN are forwarded from the PMAG to the NMAG over this tunnel. The packets may be buffered at the NMAG after the decapsulation process. If the connection between the N-AN and NMAG has already been established, then those packets may be forwarded towards the N-AN. Third: The MN establishes a connection (e.g., radio channel) with the N-AN, which in turn initiates the establishment of the connection between the N-AN and NMAG if it has not been established already. The NMAG starts to forward packets destined for the MN via the N-AN. The uplink packets from the MN are sent to the NMAG and the NMAG forwards them to the PMAG. The PMAG then sends the packets to the LMA that is currently serving the MN. Final: The NMAG sends the PBU message to the LMA, in which address is provided in HI message from the PMAG to NMAG. Ryu et al [5] Mobile IPv6 needs client functionality in the IPv6 stack of a mobile node (MN). Exchange of signaling messages between the MN and a home agent (HA) enables the creation and maintenance of binding between the MN’s home address and its care-of address. Mobility as specified in Mobile IPv6 requires the IP host to send IP mobility management signaling messages to the HA, which is located in the network. MIPv6 is a approach of host-based mobility to solve the IP mobility challenge. However, it takes a very long time to process handover and there is much packet loss during handover, since there are many signaling messages through wireless link which occurs longer delay during handover process. Network-based mobility is another approach to solve the IP mobility challenge. By extending Mobile IPv6 signaling messages and reusing the HA it is possible to support mobility for IPv6 nodes without host involvement. This approach to support mobility does not require the Mobile Node to be involved in the exchange of signaling messages between itself and the Home Agent (HA). A Mobile Access Gateway (MAG) does the mobility management on behalf of the MN attached to the network and also performs the signaling with the HA . This protocol is known as Proxy Mobile IPv6 (PMIPv6) in Network-based Localized Mobility Management (NETLMM) working group of Internet Engineering Task Force (IETF). Since the proxy mobility agent on behalf of the Mobile Node performs handover process,PMIPv6 can reduce handover latency. That is, there are some signaling message via wireless link. Heavy packet loss occurs during handover in PMIPv6, although PMIPv6 reduces handover latency.This paper propose a Packet- Lossless PMIPv6 (PL-PMIPv6) with authentication to reduce the packet loss problem in PMIPv6. The similar kind of scheme was studied to reduce packet loss and handover latency in Mobile IPv6, such as fast handovers for MIPv6 (FMIPv6) . In PL-PMIPv6, a previous MAG (pMAG) register s to a Local Mobility Anchor (LMA) on behalf of a new MAG (nMAG) during layer 2 handoff. Then, during handover after registration nMAG buffers. Compared to MIPv6 and PMIPv6, PL-MIPv6 can reduce more packet loss. To receive the MN’s profile securely we use Also, we use Authentication, Authorization and Accounting (AAA) infrastructure to authenticate the MN and to receive MN’s profiles securely. We show the performance of PL-PMIPv6 through the comparison of packet loss during handover of MIPv6, PMIPv6 and PLPMIPv6. Authentication with Packet-Lossless PMIPv6 (PL-PMIPv6), to reduce packet loss in PMIPv6. The order of signaling flow in PMIPv6 is followed by PL-PMIPv6 and reduces packet loss. Once the pMAG is aware of the MN’s detachment, it sends the DeReg PBU message to the LMA in PMIPv6. When pMAG sends the DeReg PBU message, nMAG’s PBU message is included in DeReg PBU message in PL-PMIPv6. That is, the pMAG registers on behalf of the nMAG in advance to reduce handover latency. As a result, the tunnel between the nMAG and the LMA is built in advance. Also, the nMAG begins to buffer packets to the MN after it receives the PBA message. After layer 2 handoff, the MN sends the RS message and receives the RA message including the MN’s home network prefix. 3. APPLICATIONS 1) Selective IP Traffic Offload Support with Proxy Mobile IPv6 2) Network-based Mobility Management in a local domain (Single Access Technology Domain) 3) Inter-technology handoffs across access technology domains (Ex: LTE to WLAN, eHRPD to LTE, WiMAX to LTE) 4) Access Aggregation replacing L2TP, Static GRE, CAPWAP based architectures, for 3G/4G integration and mobility 4. ABBREVIATIONS 5. CONCLUSION Fast handovers are transferring of ongoing calls from one channel to another without interruption. Here , Fast Handover analysis reduces the latency in sending the packets from one node to another. In this paper techniques like piggybacking is used to reduce the signaling overhead , bicasting scheme reduces the packet loss by storing all the packets in a buffer and whenever the packet is lost ,the packets are retransmitted from the buffer. Previous papers used only ID for authentication process, this paper used a password authentication mechanism. The result analysis showed that these schemes provide a better solution than existing schemes. 6. REFERENCES Chowdhury K., Koodli R and Yokota H., (2010) ‘Fast Handovers for Proxy Mobile IPv6’, IETF Draft, draft-yokota-mipshop-pfmipv6-13 (work in progress). Chuang M.-C. and Lee J.-F., (2011) ‘FH-PMIPv6: A fast handoff scheme in proxy mobile IPv6 networks’, in Proc. IEEE CECNET, pp. 1297–1300. Chuang M.-C. and Lee J.-F, (2011) ‘A lightweight mutual authentication mechanism for network mobility in IEEE 802.16e wireless networks’, Comput. Netw., vol. 55, no. 16, pp. 3796–3809. Chung T.-M., Kim S.-D., and Lee J.-H., (2009) ‘Secure fast handover scheme of proxy mobile IPv6’, in Proc. IEEE Int. Joint Conf. INC IMS IDC NCM, pp. 555–558. Kim B., Kim G-Y, Mun Y. and Ryu s., (2008) ‘A scheme to reduce packet loss during PMIPv6 handover considering authentication’, in Proc. IEEE Int.Conf. Comput. Sci. Its Applicat., pp. 47-51. Kim M., Mun Y. and Ryu S., (2009) ‘Enhanced fast handovers for proxy mobile IPv6’ , in Proc. IEEE Int. Conf. Comput. Sci. Its Applicat. (ICCSA), pp.39-43. Zhang H. and Zhou H., (2008) ‘An authentication protocol for Proxy Mobile IPv6’ ,in Proc. IEEE Int. Conf. Mobile Ad-Hoc Sensor Network, pp. 129-136.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.