Authentication, Authorization, and Accounting (AAA) Goals for Mobile IPv6

Giaretta, Gerardo; Guardini, I.; Demaria, E.; Bournelle, Julien; López, Rafael

doi:10.17487/rfc5637

Cited by 5 publications

(3 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This fulfills one of the requirement described in [RFC5637]. When the HA receives the ASR message, it MUST terminate the corresponding SA.…”

Section: Abort-session-requestmentioning

confidence: 74%

“…The purpose of this specification is to provide Diameter support for the interaction between the HA and the Authentication, Authorization, and Accounting (AAA) server. This specification satisfies the requirements defined in [RFC5637] for the bootstrapping problem in the split scenario [RFC5026] and also specifies Diameter support for the Authentication Protocol for Mobile IPv6 [RFC4285]. The Diameter support defined in this specification also applies to Dual Stack Mobile IPv6 [RFC5555].…”

Section: Introductionmentioning

confidence: 98%

See 1 more Smart Citation

Diameter Mobile IPv6: Support for Home Agent to Diameter Server Interaction

Bournelle¹,

Giaretta²,

Nakhjiri³

et al. 2010

Self Cite

View full text Add to dashboard Cite

“…This fulfills one of the requirement described in [RFC5637]. When the HA receives the ASR message, it MUST terminate the corresponding SA.…”

Section: Abort-session-requestmentioning

confidence: 74%

Section: Introductionmentioning

confidence: 98%

Diameter Mobile IPv6: Support for Home Agent to Diameter Server Interaction

Bournelle¹,

Giaretta²,

Nakhjiri³

et al. 2010

Self Cite

View full text Add to dashboard Cite

“…The IMS centralized an Authentication Authorization and Accounting (AAA) server [24] that will be the responsible for generating, managing, and distributing the MIPv6 authentication keys required in the BU procedures. Therefore, increasing security and mobility-related information will be accessible to mobile network operator.…”

Section: Related Workmentioning

confidence: 99%

Improved IPSec tunnel establishment for 3GPP–WLAN interworking

Samoui

Bouabidi

Obaidat

et al. 2014

Int J Communication

View full text Add to dashboard Cite

Interworking between wireless local area network (WLAN) and the 3rd Generation Partnership Project (3GPP) such as Long Term Evolution (LTE) is facing more and more problems linked to security threats. Securing this interworking is a major challenge because of the vastly different architectures used within each network. Therefore, security is one of the major technical concerns in wireless networks that include measures such as authentication and encryption. Among the major challenges in the interworking security is the securing of the network layer. The goal of this article is twofold. First, we propose a new scheme to secure 3GPP LTE-WLAN interworking by the establishment of an improved IP Security tunnel between them. The proposed solution combines the Internet Key Exchange (IKEv2) with the Host Identity Protocol (HIP) to set up a security association based on two parameters, which are location and identity. Our novel scheme, which is called HIP_IKEv2, guarantees better security properties than each protocol used alone. Second, we benefit from Mobile Internet Key Exchange protocol (MOBIKE) in case of mobility events (handover). And we extend HIP_IKEv2 to HIP_MOBIKEv2 protocol in order to reduce the authentication signaling traffic. The proposed solution reinforces authentication, eliminates man-in-the-middle attack, reduces denial-of-service attack, assures the integrity of messages, and secures against reply attack. Finally, our proposed solution has been modeled and verified using the Automated Validation of Internet Security Protocols and Applications and the Security Protocol Animator, which has proved its security when an intruder is present.First, the UE authenticates 3GPP_AAA server on AUTN and MAC sever . Then the 3GPP_AAA server authenticates the UE on RES. These three parameters are derived from the random number RAND. Thus, we have modeled this goal in HLPSL as follows:The same procedure is adopted to authenticate the UE by 3GPP_AAA server. Then, in the goal section of the protocol, we write the following: 8.2.2.2 Secrecy of the shared key The Diffie-Hellman shared key must only be known by the UE and the ePDG entities. The secret is the goal fact related to secrecy.This goal has been modeled in HLPSL as follows:Also, the Cipher Key CK and the Integrity Key IK must be a secret between UE and the 3GPP_AAA server to guarantee the secrecy of the Master Session Key MSK.This goal has been modeled in HLPSL, as follows:Then, in the goal section of the protocol, we write the following: 1195 3GPP-WLAN INTERWORKING some other types of attacks such as connection hijacking or impersonation, and trying to give solution for securing new mobility management protocols, such as FHMIPv6 and PMIPv6.

show abstract

Security Considerations for MIPv6

Minoli¹

2012

Mobile Video With Mobile IPv6

View full text Add to dashboard Cite

Authentication, Authorization, and Accounting (AAA) Goals for Mobile IPv6

Cited by 5 publications

References 2 publications

Diameter Mobile IPv6: Support for Home Agent to Diameter Server Interaction

Diameter Mobile IPv6: Support for Home Agent to Diameter Server Interaction

Improved IPSec tunnel establishment for 3GPP–WLAN interworking

Security Considerations for MIPv6

Contact Info

Product

Resources

About