论文信息 - Authentication and Authorization Method in Multi-domain, Multi-provider Networks

Authentication and Authorization Method in Multi-domain, Multi-provider Networks

One of the open issues of the all-IP network Integrating wireless and wired technologies is the definition of an authentication, authorization solution running on multi-domain networks with different technologies that has a high security level and addresses the time requirements for real-time multimedia applications. At the same time, the increasing popularity of the voice-over-IP (VoIP) services requires call authorization solutions that allow to charge only one of the users involved in a multimedia session for the payment of all the resources used for it. In this paper, we propose a consortium-based trust model between providers of network resources and providers of voice-over-IP services that allows them to share information for the authentication and the authorization of their users. We define a new model for authentication and authorization of roaming users and a signaling solution for it based on the Extensible Authentication Protocol (EAP) and the Network Access Control Protocol (NACP). We also define a new authorization model for multi-domain VoIP calls and we propose a signaling solution for it based on the Next Steps in Signaling protocol (NSIS).

S.G. Polito | H. Schulzrinne | H. Schulzrinne | S. G. Polito

[1] Jeff Hodges,et al. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .

[2] C. M. Sperberg-McQueen,et al. eXtensible Markup Language (XML) 1.0 (Second Edition) , 2000 .

[3] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[4] N. Rajendran,et al. Reducing delay during handoff in multi-layered security architecture for wireless LANs in the corporate network , 2005, Proceedings. 2005 International Conference on Wireless Communications, Networking and Mobile Computing, 2005..

[5] Jari Arkko,et al. Diameter Base Protocol , 2003, RFC.

[6] Universal Mobile Telecommunications System (umts); Lte; 3g Security; Security Architecture (3gpp Ts 33.102 Version 8.2.0 Release 8) , .

[7] Larry J. Blunk,et al. PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[8] John Loughney,et al. Next Steps in Signaling (NSIS): Framework , 2005, RFC.

[9] Susan Thomson. Network Access Control Protocol (NACP) , 2006 .

[10] Hovav Shacham,et al. Fast-Track Session Establishment for TLS , 2002, NDSS.

[11] Alan O. Freier,et al. The SSL Protocol Version 3.0 , 1996 .

[12] C. M. Sperberg-McQueen,et al. Extensible Markup Language (XML) , 1997, World Wide Web J..

[13] Dan Simon,et al. PPP EAP TLS Authentication Protocol , 1999, RFC.

[14] Tim Berners-Lee,et al. Hypertext transfer protocol--http/i , 1993 .