Hyungon Kim

Mobile IP and WLAN with AAA authentication protocol using identity-based cryptography

The Mobile IP application of AAA (Diameter protocol) provides authentication, authorization, and accounting (AAA) services to a mobile ISP network for achieving legitimate mobility using e-mail-styled NAI and MAC valued keys in wireless IP access. In the rapidly expanding mobile environment, the introduction of identity-based cryptographic schemes has many advantages ranging from easy migration to public key cryptography. Accordingly, the current paper proposes a secure wireless Internet roaming service and WLAN service using identity(ID)-based cryptography. To support secure Mobile IP authentication between a mobile node and the authentication server, Mobile IP with an AAA protocol of mutual authentication is proposed using an ID-based signature scheme instead of a conventional MAC valued, symmetric, and single authentic protocol. Furthermore, the proposed protocol can also be implemented using algorithms based on elliptic curves.

Concatenated wireless roaming security association and authentication protocol using ID-based cryptography

The mobile IP application of AAA (diameter protocol) provides authentication, authorization, and accounting (AAA) services in a wireless roaming Internet service. As such, the current paper proposes the application of identity-based cryptography to mobile IP with AAA authentication, thereby facilitating the introduction of public key cryptography through allowing a mobile IP entitys public key to be derived from an arbitrary identification value, such as e-mail styled NAI (network access identity). The diameter security association (DSA) provides a PKI-based key delivery between AAA server of the visited and home ISP network. Therefore, the proposed method combines the use of the DSA with an identity (ID)-based cryptographic security association (ISA). Consequently, the proposed concatenated security association of the DSA for an inter-ISP trust chain and an ISA for mobile IP user authentication can alleviate the problem of ID-based private distribution for visited network entities and greatly reduce the need for an reliance on public key certificates for mobile nodes. Furthermore, the proposed protocol can also establish a security association among all mobile IP related nodes and AAA related nodes.

A secure mobile IP authentication based on identification protocol

Mobile IP, which was designed at the working group of IETF, intended to enable nodes to move from one IP subnet to another. That is, it can support node mobility across heterogeneous networks. For this mobility support, a mobile node (MN) must achieve registration at a home agent (HA) when the MN is away from home. In this article, we propose a mobile IP authentication that is based on an identification scheme using a one-way function. It ensures a secure mobile IP authentication against replay attack and man-in-the-middle attack. Furthermore, its implementation is expected to be efficient, since it does not use any public key cryptography operations.

Threat Analysis on NEtwork MObility (NEMO)

NEMO (NEtworks in MOtion), currently being standardized under IETF, addresses issues such as connectivity, reachability and session continuity for nodes in a mobile network (i.e., the whole network or subnet moving from one Internet attached point to another). While the current NEMO basic proposal is based on the MobileIPv6 standard (and therefore, it is based on the security in MIPv6 as well) and relatively stable, in this paper, we study the security issues related to the NEMO basic protocol as well as its operation. After carefully analyzing various pieces of related standard protocols (for example, MIPv6 and IPsec) and their integration under the NEMO framework, we present here a list of interesting practical attacks against NEMO and their potential security damages. Finally, we examine two simple solutions to handle some of the attacks and describe their limitations.

Interactive remote controller for IPTV

This paper deals with a motion-based remote control system to improve the menu control of IPTV. A 6-DOF motion sensor and hybrid vibrators are embedded into the device. With wrist motion, a user controls the position of the pointer on the screen intuitively. Haptic feedback is provided in response to the manipulation of a GUI element. From the usability test, we observed that the motion sensing and haptic feedback improve the speed of the menu control and decrease the manipulation load. Particularly, a remote controller adopting a combination of gyroscope-based motion sensing and impact feedback showed the best performance.

Design of Sub-session Based Accounting System for Different Service Level of Mobile IP Roaming User

An authentication, authorization and accounting (AAA) system is one of the most important components for internet service providers (ISPs) and wireless service providers (WSPs). For QoS management of accounting data in a Diameter-based AAA system, the current paper proposes an updated accounting protocol based on a sub-session state machine, instead of the original (RFC) stateless accounting framework on the server side. As such, the proposed design and implementation strategy can effectively apply the Diameter AAA system to a Mobile IP roaming user with different service levels. For co-operation between authentication, the authorization state machine, and the base protocol state machine on the AAA client side, the current paper proposes an updated accounting state machine (current standard is not clearly defined). For the interface between the Mobile IP protocol part and the AAA client of the accounting state machine, an new designed sub-session based accounting state machine is also proposed on the client side and a sub-session-based scenario demonstrated using the accounting protocol. This paper enhance new IP based accounting techniques to support soft-guaranteed QoS in a wireless Internet architecture.

A fixed channel assignment plan for three-dimensional cellular system

A three-dimensional channel assignment algorithm in an indoor cellular communication system is described. The design is required to meet the objective of providing continuous communication within an area with maximum protection from adjacent interference for a given channel set and frequency reuse pattern. If this channel assignment algorithm based on a number theoretic approach is applied to two-dimensional 7-cell 21-sector channels, it becomes the channel assignment plan currently used in the US TIA (Telecommunication Industry Association) system. The channel assignment algorithm can also be applied to the code division multiple access (CDMA) system where the time/phase offset of the pseudo-random noise (PN) binary codes is used to distinguish signals received at a mobile station from different base stations. A method that can easily estimate the time/phase offset from the received PN code with respect to the receiver-stored replica of the PN code is described.