160 likes | 245 Views
Re-thinking Security in Network Mobility Jukka Ylitalo Ericsson Research NomadicLab NDSS '05 Workshop - February 2 . Outline. Nodes in the Architecture Problem description Identifier – locator split in HIP Identifier multiplexed locator translation Signaling delegation between identifiers
E N D
Re-thinking Security in Network Mobility Jukka Ylitalo Ericsson Research NomadicLab NDSS '05 Workshop - February 2
Outline • Nodes in the Architecture • Problem description • Identifier – locator split in HIP • Identifier multiplexed locator translation • Signaling delegation between identifiers • Conclusions
Nodes in the Architecture Correspondent Node (CN) Internet Rendezvous Server (RS) Access Router (AR) Mobile Router (MR) Mobile network MR Nested mobile network Mobile Node (MN)
Problem Statement • How to inform peers about MN's new location in a secure and efficient way? • How to sustain optimal routing? CN • Address Binding Update (BU) • Challenge-response Test AR AR MR ? MN
Related Problems • Signaling explosion in highly populated networks. • Suboptimal routing. • Authorizing MR to signal on behalf of the MN. • Address assignment inside mobile network.
Identifier - Locator Split in HIP • A new public-key based Host Identifier (HI) name space • Sockets bound to HIs, not to IP addresses. • HIs translated to IP addresses by kernel Process Transport <HI,port> Host Identity Host ID Dynamic binding IP Layer IP Address Link Layer
Advantage of Cryptographic HIs • Public-key based end-point identifiers (HIs) vs. untrustworthy IP addresses. • Possible to authorize and delegate signaling rights between HIs in a secure way. • Possible to use authorization certificates, e.g., SPKI certificates.
HI multiplexed Locator Translation • MN registers its HI and local unicast address to MR. • MN learns MR's HI during the registration. • MR implements HI multiplexed locator translation. Internet MR Registration MN Local unicast address space
Authorizing MR to send BUs • MR hides the network mobility from MNs. • MNs authorizeMRto send Binding Update messages on behalf of them to CNs. RS CN CN BU signaling from MR AR AR MR-CoA1 MR-CoA2 MR MR MN-CoA1 MN-CoA1 Authorization MN MN
Delegating Rights to Signaling Proxy • MR may delegate the signaling rights to a trusted signaling proxy. Internet Signaling proxy Delegation AR MR Authorization MN
Optimizing MR-to-CNs Signaling • The signaling proxy sends BUs on behalf of the MNs to CNs. CN CN RS Signaling proxy BU signaling from Sig. Proxy Single BU from MR Internet AR AR CoA1 CoA2 MR MR MN MN
Reach-ability Test • The peer nodes must verify that the MN is in the MR’s location where the signaling proxy claims the MN to be. CN CN RS Signaling proxy Internet Challenge-Response AR AR CoA1 CoA2 MR MR MN MN
Optimizing CNs-to-MR Signaling • The signaling proxy may hide the regional mobility, acting as an on-the-path Mobility Anchor Point (MAP). CN CN RS Internet Signaling proxy & MAP MAP Domain Single BU from MR AR AR MR MR MN MN
Many Roles of a Mobile Router • Access router (AR) • HI multiplexed locator translation device • Mobility Anchor Point (MAP) • Mobility signaling proxy
Conclusions • The solution is based on the HIP and signaling rights delegation between public-key based HIs. • Optimized over-the-air mobility signaling inside a mobile network, and between the mobile network and the Internet. • Optimized routing between MNs and peer nodes.
Thank You! Questions, comments?