Luca Salgarelli

HAWAII: a domain-based approach for supporting mobility in wide-area wireless networks

Mobile IP is the current standard for supporting macromobility of mobile hosts. However, in the case of micromobility support, there are several competing proposals. In this paper, we present the design, implementation, and performance evaluation of HAWAII, a domain-based approach for supporting mobility. HAWAII uses specialized path setup schemes which install host-based forwarding entries in specific routers to support intra-domain micromobility. These path setup schemes deliver excellent performance by reducing mobility related disruption to user applications. Also, mobile hosts retain their network address while moving within the domain, simplifying quality-of-service (QoS) support. Furthermore, reliability is achieved through maintaining soft-state forwarding entries for the mobile hosts and leveraging fault detection mechanisms built in existing intra-domain routing protocols. HAWAII defaults to using Mobile IP for macromobility, thus providing a comprehensive solution for mobility support in wide-area wireless networks.

Integration of 802.11 and third-generation wireless data networks

The third-generation (3G) wide area wireless networks and 802.11 local area wireless networks possess complementary characteristics. 3G networks promise to offer always-on, ubiquitous connectivity with relatively low data rates. 802.11 offers much higher data rates, comparable to wired networks, but can cover only smaller areas, suitable for hot-spot applications in hotels and airports. The performance and flexibility of wireless data services would be dramatically improved if users could seamlessly roam across the two networks. In this paper, we address the problem of integration of these two classes of networks to offer such seamless connectivity. Specifically, we describe two possible integration approaches - namely tight integration and loose integration and advocate the latter as the preferred approach. Our realization of the loose integration approach consists of two components: a new network element called IOTA gateway deployed in 802.11 networks, and a new client software. The IOTA gateway is composed of several software modules, and with cooperation from the client software offers integrated 802.11/3G wireless data services that support seamless intertechnology mobility, Quality of Service (QoS) guarantees and multiprovider roaming agreements. We describe the design and implementation of the IOTA gateway and the client software in detail and present experimental performance results that validate our architectural approach.

Design and implementation of a WLAN/cdma2000 interworking architecture

The combination of 3G and WLAN wireless technologies offers the possibility of achieving anywhere, anytime Internet access, bringing benefits to both end users and service providers. We discuss interworking architectures for providing integrated service capability across widely deployed 3G cdma2000-based and IEEE 802.11-based networks. Specifically, we present two design choices for integration: tightly coupled and loosely coupled, and recommend the latter as a preferred option. We describe in detail the implementation of a loosely coupled integrated network which provides two kinds of roaming services, a SimpleIP service and a Mobile-IP service. We present, in detail, two new components used to build these services: a network element called a WLAN integration gateway deployed in WLAN networks; a client software on the mobile device. For a mobile device with interfaces to both technologies, our system supports seamless handoff in the presence of overlapping radio coverage.

IP-based access network infrastructure for next-generation wireless data networks

Next-generation wireless network standards are currently being defined. The access network architectures have several specialized components tailored for their respective wireless link technologies, even though the services provided by these different wireless networks are fairly similar. We propose a homogeneous IP-based network as a common access network for the different wireless technologies. The IP-based access network uses the Internet standard, Mobile IP, to support macro-mobility of mobile hosts, and HAWAII to support micro-mobility and paging functionality of current wireless networks. We also illustrate how the proposed IP-based solution can interwork with existing infrastructure so that deployment can be incremental.

Efficient authentication and key distribution in wireless IP networks

Emerging broadband access technologies such as 802.11 are enabling the introduction of wireless IP services to an increasing number of users. Market forecasts suggest that a new class of network providers, commonly referred to as wireless Internet service providers, will deploy public wireless networks based on these new technologies. In order to offer uninterrupted IP service combined with ubiquitous seamless mobility, these multiprovider networks need to be integrated with each other, as well as with wide-area wireless technologies such as third-generation cdma2000 and UMTS. Therefore, efficient authentication and dynamic key exchange protocols that support heterogeneous domains as well as networks with roaming agreements across trust boundaries are key to the success of wide-area wireless IP infrastructures. In this article we first describe a simple network model that accounts fro heterogeneity in network service providers, and put forward the requirements any authentication and key exchange protocol that operates in such a model should satisfy, in terms of network efficiency, security, and fraud prevention. We then introduce a new authentication and key exchange protocol, wireless shared key exchange (W-SKE). We characterize properties and limitations of the W-SKE against the requirements discussed earlier. Finally, we contrast W-SKE against other well-known and emerging approaches.

Mobile IP and wide area wireless data

In this paper we present techniques for allowing Mobile IP to interwork with wide area cellular networks. As an example, we illustrate a network consisting of a GSM general packet radio service (GPRS) air interface and a Mobile IP backbone network. The advantage of such a solution is that the backbone network may easily be used to support integrated wireless and wired data transfer, and the leveraging of standard data networking protocols and equipment will reduce the cost of wireless data networks. We present issues and suggested solutions for mobility management functions, such as detecting changes in points of attachment to a network, micromobility, roaming, and paging, and security functions, such as authentication and ciphering. We show which elements of each network, GSM and Mobile IP, may be re-used, combined, or eliminated to provide a single, unified network.

A scheme for authentication and dynamic key exchange in wireless networks

Despite significant shortcomings in the initial security architecture, 802.11 wireless LANs have experienced explosive growth in recent years. Ongoing work in IEEE standards bodies is currently attempting to fix these shortcomings. One specific topic that has received extensive attention is how to enable these networks to authenticate users and to dynamically establish per-user per-session cryptographic keys. The IEEE 802.1x Port-Based Access Control standard, which formalizes a new EAP-over-LAN (EAPOL) protocol, has emerged as the preferred way to achieve this. The EAPOL protocol employs the extensible authentication protocol (EAP), standardized by the Internet Engineering Task Force, to allow the use of existing and new authentication methods and authentication, authorization, and accounting (AAA) infrastructure. In this paper we present a new EAP scheme — called shared key exchange (SKE) — suitable for use in 802.11 private or public access wireless LANs. The scheme relies on secure pre-shared secret keys in wireless LAN mobile nodes devices and AAA servers. When instantiated with relatively minor changes to RADIUS and EAP, the resulting protocol is provably secure and offers a full set of security features. A second, simplified protocol results from minimal modifications to existing RADIUS and EAP standards, but it provides a lower level of security. Both protocols efficiently support roaming scenarios wherein an end user roams across different networks and requires frequent re-authentication with low latency. The protocols can easily be extended to support migration to new AAA protocols such as DIAMETER.

Dynamic Configuration of Mobile Devices for Wireless Internet Access

The dynamic configuration of devices plays a pivotal role in supporting plug-and-play operation in IP networks. For devices that are not mobile, dynamic configuration is typically supported by the widespread Dynamic Host Configuration Protocol (DHCP) [5], which replaces burdensome manual configuration procedures and enables the address space to be managed efficiently. The configuration state allocated to devices by DHCP includes the device’s IP address and a series of DHCP options [7] such as routing parameters (e.g., a subnet mask and default gateway), identity information (e.g., the device’s domain name) or service related parameters (e.g., server addresses for DNS, IMAP, HTTP proxy, NTP, etc.). However, since DHCP was designed to serve the configuration needs of trusted clients in a local LAN, it does not support the configuration of devices connected to a remote network, a situation that arises when the devices are mobile.