AuMID: An Authentication Mechanism based on Identity Tag under Future Internet Architecture

Full Text (PDF, 673KB), PP.55-62

Views: 0 Downloads: 0

Author(s)

Ming Wan 1,* Ying Liu 1 Hongke Zhang 1

1. Beijing Jiaotong University/National Engineering Laboratory for Next Generation Internet Interconnection Devices, Beijing, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijitcs.2010.02.08

Received: 24 May 2010 / Revised: 1 Aug. 2010 / Accepted: 2 Oct. 2010 / Published: 8 Dec. 2010

Index Terms

Sustainable authentication, handoff authentication, Identity Tag, authenticity, ID/locator separation architecture

Abstract

It has been commonly recognized that the current Internet faces serious security and scaling problems. To address these problems, the architecture of ID/locator separation is the focus of future Internet development.
However, the relevant authentication mechanism has not been proposed under this architecture. In this paper, we advance a new authentication mechanism called AuMID under ID/locator separation architecture, and describe the detailed procedures of access authentication and handoff authentication, and simultaneously give the deployment of authentication centers. Besides, AuMID uniquely introduces the Identity Tag which represents the terminal’s identity information to implement the sustainable authentication for the terminal. This mechanism adopts the challenge-response approach and achieves the double-way authentication between the terminal and access network. At the same time, by the use of Identify Tag AuMID successfully guarantees the authenticity of the source under ID/locator separation architecture. In conclusion, this paper gives a qualitative analysis for the scalability and security of this AuMID and an evaluation of handoff authentication delay.

Cite This Paper

Ming Wan, Ying Liu, Hongke Zhang, "AuMID: An Authentication Mechanism based on Identity Tag under Future Internet Architecture", International Journal of Information Technology and Computer Science(IJITCS), vol.2, no.2, pp.55-62, 2010. DOI: 10.5815/ijitcs.2010.02.08

Reference

[1] D. Meyer, L. Zhang, and K. Fall, “Report from the IAB workshop on routing and addressing,” IETF Internet Standard, RFC4984, September 2007.

[2] GENI: Global Environment for Network Innovations, http://www.geni.net.

[3] FIND: Future Interact Network Design, http://find.isi.edu.

[4] B. Zhang, V. Kambhampati, D. Massey, et al. “A secure and scalable Internet routing architecture (SIRA),” ACM SIGCOMM 2006, Pisa, Italy, September, 2006.

[5] R. Moskowitz, P. Nikander, P. Jokela, T. Henderson, “Host identity protocol (HIP),” IETF Internet Standard, RFC 5201, April, 2008.

[6] D. Farinacci, V. Fuller, D. Oran, et al. “Locator/ID separation protocol,” IETF Internet Draft, draft-farinacci-lisp-09.txt, October 2010.

[7] P. Dong, Y. Qin, and H. Zhang, “Research on universal network supporting pervasive services,” Acta Electronica Sinica, vol 35, China, 2007, pp. 599-606.

[8] P. Dong, D. Yang, Y. Qin and Hongke Zhang, “Research on the Mobility Management Scheme in Future Internet,” Acta Electronica Sinica, vol 36, China, 2008, pp. 1916-1922.

[9] Y. Lin, M. Chang, M. Hsua and L. Wul, “One-pass GPRS and IMS authentication procedure for UMTS,” IEEE Journal on Selection Areas in Communications, vol 23, 2005, pp. 1233-1239.

[10] A. AL Shidhani and V.C.M. Leung, “Local fast re-authentication protocol for 3G-WLAN interworking architecture,” Wireless Telecommunications Symposium, WTS 2007, California, 2007, pp. 1-8.

[11] Byeong-Thaek Oh, Sang-Bong Lee and Ho-Jin Park, “A Peer Mutual Authentication Method using PKI on Super Peer based Peer-to-Peer Systems,” 10th International Conference on Advanced Communication Technology, ICACT 2008, Gangwon-Do, 2008, pp. 2221-2225.

[12] C. Metz, “AAA protocols: authentication, authorization and accounting for the internet,” IEEE Internet Computing, vol 3, 1999.

[13] IEEE 802.1 Working Group, “Standard for port-based network access control,” IEEE Draft P802.1x, New York, 2001.

[14] H. Zhang and W. Su. Fundamental Research on the Architecture of New Network—Universal Network and Pervasive Services. Acta Electronica Sinica, vol 35, China, 2007, pp. 593-598.

[15] F. Tegeler and X. Fu, “SybilConf: computational puzzles for confining sybil attacks,” IEEE Conference on Computer Communications Workshops, 2010 INFOCOM, San Diego, USA, 2010, pp.1-2.

[16] R. Housley, W. Ford, W. Polk and D. Solo, “Internet X.509 public key infrastructure certificate and CRL profile,” IETF Internet Standard, RFC2459, January 1999.

[17] B. Lee, Y. Tan, Y. Sekiya, Y Sekiya, A. Narishige and S. Date, “Availability and effectiveness of root DNS servers: a long term study,” 2010 IEEE Network Operations and Management Symposium (NOMS), Osaka, Japan, 2010, pp.862-865.

[18] P. Lam, S. Liew and J. Lee, “Cellular universal IP: a low delay mobility scheme based on universal IP addressing,” MSWiM’05, Montreal, October 2005, pp.323-332.