Magazine文章心得 643430007 學號: 姓名:蘇彥文
Download
Report
Transcript Magazine文章心得 643430007 學號: 姓名:蘇彥文
Magazine文章心得
學號:643430007
姓名:蘇彥文
Abstract
1)
2)
3)
4)
A new method to support UMTS WLAN
vertical handover using SCTP
Interworking techniques and architectures for
WLAN 3G integration toward 4G mobile data
networks
IEEE802.11 roaming and authentication in
wireless LAN cellular mobile networks
心得
Magazine 1
A new method to support UMTS WLAN
vertical handover using SCTP
Note Abstract
UMTS networks and WLANs
Third-generation cellular networks
UMTS/WLAN vertical handover problem
Overview of Mobile SCTP
VERTICAL HANDOVER PROCEDURES
UMTS networks and WLANs
UMTS
WLANs
• wide-area connectivity
• low data rate
• high mobility
• higher data rate
• low mobility
Third-generation cellular networks
Both UMTS and WLANs
• WLAN offer higher bandwidth
• Mobile users accessing the Internet via
UMTS/WLAN are free to move
• Handover between UMTS and WLANs
• MIP from IETF
• provides transparent support for host mobility
• routing architecture of mobile host
• Difficult to maintain the continuity between UMTS
and WLAN
• Point of this article
UMTS/WLAN vertical handover problem
UMTS/WLAN vertical handover support via two
types of SCTP
• single-homing asymmetric configuration
• dual-homing symmetric configuration
Integrated UMTS/WLAN network architecture
• tightly coupled solutions :connect UMTS and WLAN
• loose coupling solutions :separate out UMTS and
•
WLAN
loose coupling offers several advantages over tight
coupling
Overview of Mobile SCTP (1)
Originally for VoIP of 3GPP
Reliability
Multi-homing
• established over multiple interfaces identified
by multiple IP addresses
• An SCTP association between two hosts, say,
A and B, is defined as
• {[a set of IP addresses at A] + [Port-A]}
+ {[a set of IP addresses at B] + [Port-B]}.
Overview of Mobile SCTP (2)
base version of SCTP cannot be used directly
to support UMTS/ WLAN vertical handover
Fortunately, the recently proposed DAR
extension for SCTP enables the endpoints to
add, delete, or change the IP addresses during
an active SCTP association using address
configuration (ASCONF) messages.
•
basis of mSCTP
Overview of Mobile SCTP (3)
mSCTP
• Using for supporting UMTS/WLAN vertical
handover
• capabilities to add, delete, and change the IP
addresses dynamically during an active SCTP
association
Overview of Mobile SCTP (4)
mSCTP Protocol architecture
VERTICAL HANDOVER PROCEDURES (1)
FS can also be configured for:
• Single-homing: The FS provides only one IP address
•
to support handover.
Dual-homing: The FS allows more than one (usually
two) IP addresses to support
Handover procedure has three basic steps:
• Add IP address
• Vertical handover triggering
• Delete IP address
VERTICAL HANDOVER PROCEDURES (2)
single-homing configuration
VERTICAL HANDOVER PROCEDURES (3)
dual-homing configuration
SIMULATION RESULTS AND
DISCUSSIONS (1)
use network simulator ns-2 to perform
the simulations and obtain
• set to be 384 kb/s for the UMTS link and 2
Mb/s for the WLAN link
• delay is set to 100 ms
• FTP traffic is started at the MC at time 1 s
• handover triggering process is activated at
time 5 s
SIMULATION RESULTS AND
DISCUSSIONS (2)
simulation results
• UMTS-to-WLAN handover delay is 533 ms
SIMULATION RESULTS AND
DISCUSSIONS (3)
simulation results
• WLAN-to-UMTS delay is 513 ms
SIMULATION RESULTS AND
DISCUSSIONS (4)
throughput performance for vertical
handover in both directions
Magazine 2
Interworking techniques and
architectures for WLAN 3G integration
toward 4G mobile data networks
Note Abstract
WLAN/3G interworking function
INTERWORKING MODEL AND
REQUIREMENTS
NETWORK SELECTION
INTERWORKING SCENARIOS
3G-Based Access Control and Charging
Access to 3G Packet-Switched Services
CONCLUSIONS
• REFERENCE POINTS
• REFERENCE POINTS
WLAN/3G interworking function
WLAN/3G interworking techniques and
architectures can support
• Authentication
• Authorization
• Accounting
• WLAN sharing
• Consistent service provisioning
INTERWORKING MODEL AND
REQUIREMENTS (1)
high-level WLAN/3G interworking model.
INTERWORKING MODEL AND
REQUIREMENTS (2)
WLAN/3G interworking must
• provide 3G-based authentication
• support 802.1X access control
• support the legacy UAM and open access
control schemes
NETWORK SELECTION
MS needs to perform the following selection
procedures
•
•
Select a WLAN that supports interworking with 3G
PLMNs
MS must select one of the PLMNs
several solutions of network selection problem
•
•
broadcast an SSID with a suitable format
transmitting a probe request including a predefined
well-known (3G-specific) SSID
INTERWORKING SCENARIOS (1)
Scenario 1 — Common Billing and Customer Care
Scenario 2 — 3G-Based Access Control and Charging
Scenario 3 — Access to 3G Packet-Switched Services
Scenario 4 — Access to 3G Packet-Switched-Based Services with Service Continuity
Scenario 5 — Access to 3G Packet-Switched-Based Services with Seamless Service Continuity
Scenario 6 — Access to 3G Circuit-Switched-Based Services with Seamless Mobility
INTERWORKING SCENARIOS (1)
3G-Based Access Control and Charging
(1)
INTERWORKING ARCHITECTURE
3G-Based Access Control and Charging
(2)
AAA SIGNALING
3G-Based Access Control and Charging
(3)
1)
•
•
2)
3)
4)
•
•
AAA SIGNALING
MS sends its identity to the WLAN within an EAPResponse/Identity message
MS’s identity is NAI-1
username@realm
WLAN discovers route AAA messages to the 3G PLMN
corresponding to this realm
AAA access request is sent to the identified 3G PLMN
over the Wr interface
WLAN sends network advertisement data to the MS
use a new EAP method called 3G-Info
XML structure
REFERENCE POINTS (1)
3G internal interfaces
• Wr/Wb
• carries AAA signaling between the WLAN and the
3G / home PLMN in a secure manner
• Support Radius by acrossWr/Wb
• Ws/Wc
• provides the same functionality as Wr/Wb but runs
between a 3G AAA proxy and a 3G AAA server
REFERENCE POINTS (2)
• Wf
• transport charging information toward the 3G
operator’s CGw/CCF located in the visited or home
PLMN
• Wo
• used by the 3G AAA server to communicate with
the 3G OCS
REFERENCE POINTS (3)
• Wx
• between the 3G AAA server and the HSS
• used primarily for accessing the WLAN subscription
profiles of the users
• D/Gr
• used for exchanging subscription information
between the 3G AAA server and the HLR by means
of the MAP protocol
Access to 3G Packet-Switched Services
(1)
INTERWORKING ARCHITECTURE
Access to 3G Packet-Switched Services
(2)
AAA SIGNALING
Access to 3G Packet-Switched Services
(3)
AAA SIGNALING
Access to 3G Packet-Switched Services
(4)
REFERENCE POINTS (1)
several additional interfaces
Wn
• used for transporting tunneled user data
between the WLAN and the WAG
Wm
• located between the 3G AAA server and PDG
• used to enable the 3G AAA server to retrieve
tunneling attributes and an MS’s IP
configuration parameters from/via the PDG
REFERENCE POINTS (2)
Wi
Wg
• provided via the Wi interface based on IP
• used by the 3G AAA proxy to deliver routing
policy enforcement information to the WAG
Wp
• transports tunneled user data traffic between
the WAG and the PDG
CONCLUSIONS
maintain access to the same 3G packetswitched services across several radio
access technologies
•
such as IEEE 802.11, HiperLan/2, UTRAN,
and GERAN
Session mobility is an additional
requirement that needs further
consideration and presents considerable
technical challenges
Magazine 3
IEEE802.11 roaming and authentication
in wireless LAN cellular mobile networks
Note Abstract
Integrate wireless LAN service
IEEE 802.11 WIRELESS LAN ROAMING
RADIUS PROXY
IEEE 802.11 HORIZONTAL ROAMING
MOBILE IP HANDOFF PERFORMANCE IMPROVEMENT
WIRELESS TRANSMISSION PRIVACY
SECURITY ANALYSIS
AUTHENTICATION AND KEY NEGOTIATION
DEMONSTRATION
SUMMARY
Integrate wireless LAN service (1)
Integrate wireless LAN service (2)
IEEE802.11 service integration
functionality
• integrate into cellular networks
Wireless network security
Service quality
• refers to handoff speed and packet loss rate
Integrate wireless LAN service (3)
IEEE 802.11 WIRELESS LAN ROAMING
(1)
IEEE802.11 roaming structure is based on
•
AAA broker with a Remote Authentication Dial-In User
Service (RADIUS) server proxy
CA servers
•
•
are special servers that issue and verify certificates to
fixed nodes or networks upon request so that they
have proofs to identify themselves
are organized in a tree topology and working in a
distributed way
IEEE 802.11 WIRELESS LAN ROAMING
(2)
RADIUS PROXY
RADIUS server retrieves
• remote server’s domain from the user’s
request
• includes the network access identifier
• identifier@domain_name
IEEE 802.11 HORIZONTAL ROAMING (1)
Each network domain is interconnected by
AAABs
In order to provide IP mobility
• foreign agent (FA) is placed into the NAS
The architecture is able to process two horizontal roaming scenarios
• The current IEEE802.11 device connects to the
•
network via the NAS
Seamless roaming
IEEE 802.11 HORIZONTAL ROAMING (2)
IEEE 802.11 HORIZONTAL ROAMING (3)
IEEE 802.11 HORIZONTAL ROAMING (4)
MOBILE IP HANDOFF PERFORMANCE
IMPROVEMENT (1)
roam between a wireless LAN and a cellular
network
•
routed to the mobile station through its HA
HA redirects the data flow to the new IP
address
For typical data applications is not necessary
to use real-time seamless handoff
For real-time Internet applications like voice or
streaming video ,handoff latency and packet
loss performance have become more and
more critical
MOBILE IP HANDOFF PERFORMANCE
IMPROVEMENT (2)
In order to reduce the latency of Mobile
IP handoff
• used to assist Mobile IP handoff
• pre-registration and authentication data can
•
be sent to the mobile station before it moves
Additional flow control should be taken in the
handover perio
WIRELESS TRANSMISSION PRIVACY (1)
built-in WEP encryption cannot guarantee data transmission privacy
User location updates are transparent to
the scheme since user mobility is
handled in the network layer
FA just relays the authentication
message between the mobile station and
its home network
WIRELESS TRANSMISSION PRIVACY (2)
Authenticating parties share a secret key
• stored in either the mobile station or its
Subscriber Identity Module (SIM) card
Authenticating parties do not share a
secret key
• authentication between two mobile stations or
a mobile station and a fixed Internet server
Visit the Internet public resourc
• no authentication is needed
WIRELESS TRANSMISSION PRIVACY (3)
Authentication and key negotiation
protocol between two mobile stations
belonging
WIRELESS TRANSMISSION PRIVACY (4)
Scheme variation in various
authentication scenarios
SECURITY ANALYSIS (1)
MS1 finds MS2’s home address and creates a nonce with
the corresponding hash value
HA1 decrypts the message from MS1; HA1 realizes that
MS1 intends to authenticate with a third party
CA decrypts the message from HA1 and verifies IDHA1
HA1 decrypts the message from CA, and gets the public
key and device ID of HA2. HA1 stores the pubHA2 and
IDHA2 pair
HA2 will buffer the latter if the latter comes
that must not be compromised
SECURITY ANALYSIS (2)
AUTHENTICATION AND KEY
NEGOTIATION DEMONSTRATION
demonstration uses RSA as the public key
algorithm
• DES as the symmetric algorithm
• MD5 as one-way hash functions
If the slowest network connection speed is
14.4 kb/s in the cellular network with overhead
of the transmission considered
• data transmission can be finished in less than 3 s
SUMMARY
The proposed architecture offers a smooth
transition of wireless LAN hot spots from nonroaming-supported to seamless-roam-ingsupported
A fast network switchover mechanism is
available to improve the performance of
streaming applications
wireless transmission security is carefully
considered
心得
自從2000年3G行動網路開放以來,藉由市場發
展與級數上的演進,逐漸發現到單一網路無法
滿足行動上網的全方位需求,於是開行推行雙
網的建佈,但由於3G與無線網路基本運作方式
的不同,加以行動上網對於無縫性通訊與安全
性的要求,導致建構此一大型網路,面臨許多
問題,從此3篇paper中,看到了這些問題的解
決方案,相信對未來行動上網的建設有相當的
助益。
Q&A
Thanks for your listen .