Efficient Authentication and Authorization of Mobile Users Based on Peer-to-Peer Network Mechanisms

This paper presents a peer-to-peer based authentication and authorization infrastructure to minimize authentication delays when mobile users roam across different wireless networks. The basic idea is to avoid exchanging security information between networks visited by a roaming user and the user's home authentication, authorization, and accounting (AAA) server that is typically located in the home network possibly far away from the visited network. Instead, authentication and authorization of a roaming user shall be supported by an AAA server in the visited network. We propose that the AAA server that is responsible for authentication and authorization in a newly visited network locates the AAA server in the previously visited network and retrieves the required security information from that AAA server. The AAA servers can be organized in a peer-to-peer manner and peer-to-peer mechanisms can be applied for searching and transferring security information between them. We propose several mechanisms for quickly locating the previously responsible AAA server in order to decrease authentication delays. The performance of these mechanisms is evaluated by simulations. Real performance measurements show the rather low performance overhead of application level forwarding used in peer-to-peer networks.

[1]  Ben Y. Zhao,et al.  Maintenance-Free Global Data Storage , 2001, IEEE Internet Comput..

[2]  Hahnsang Kim,et al.  Improving mobile authentication with new AAA protocols , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[3]  Fujio Watanabe,et al.  Authentication, Authorization, and Accounting , 2005 .

[4]  Ian T. Foster,et al.  Mapping the Gnutella Network , 2002, IEEE Internet Comput..

[5]  Christos Politis,et al.  AAA context transfer for seamless and secure multimedia services over All-IP infrastructures , 2004 .

[6]  Bruce M. Maggs,et al.  Globally Distributed Content Delivery , 2002, IEEE Internet Comput..

[7]  Ibrahim Matta,et al.  Applications and services in wireless networks , 2005, Comput. Commun..

[8]  Victor Fajardo,et al.  Diameter Base Protocol , 2003, RFC.

[9]  Burkhard Stiller,et al.  AAA: a survey and a policy-based architecture and framework , 2002 .

[10]  Anand R. Prasad,et al.  Security context transfer in vertical handover , 2003, 14th IEEE Proceedings on Personal, Indoor and Mobile Radio Communications, 2003. PIMRC 2003..

[11]  David Mitton,et al.  Authentication, Authorization, and Accounting: Protocol Evaluation , 2001, RFC.

[12]  Mark Handley,et al.  A scalable content-addressable network , 2001, SIGCOMM 2001.