Authentication, Authorization, and Accounting (AAA) Framework in Network Mobility (NEMO) Environments
Sangheon Pack (Korea University, South Korea), Sungmin Baek (Seoul National University, South Korea), Taekyoung Kwon (Seoul National University, South Korea) and Yanghee Choi (Seoul National University, South Korea)
Copyright: © 2008
Network mobility (NEMO) enables seamless and ubiquitous Internet access while on-board vehicles. Even though the Internet Engineering Task Force (IETF) has standardized the NEMO basic support protocol as a network layer mobility solution, little studies have been conducted in the area of authentication, authorization, and accounting (AAA) framework that is a key technology for successful deployment. In this article, we first review the existing AAA protocols and analyze their suitability in NEMO environments. After that, we propose a localized AAA framework to retain the mobility transparency as the NEMO basic support protocol and to reduce the signaling cost incurred in the AAA procedures. The proposed AAA framework supports mutual authentication and prevents various threats such as replay attack, man-in-the-middle attack, and key exposure. Performance analysis on the AAA signaling cost is carried out. Numerical results demonstrate that the proposed AAA framework is efficient under different NEMO environments.
Key Terms in this Chapter
Replay Attack: Replay attack is an attack in which a valid data transmission is maliciously or fraudulently repeated or delayed.
Accounting: Accounting is the action of tracking the consumption of network resources by users.
Internet Engineering Task Force (IETF): IETF is an organization to develop, promote, and standardize Internet-related protocols.
Authentication: Authentication is the action of confirming that a user who is requesting services is a valid user of the network services requested.
Authorization: Authorization is the action of granting the specific types of service to a user depending on the authentication.
Network Mobility: Network mobility is the mobility of an entire network that changes its point of attachment to the Internet as a single unit.
Man-in-the-middle Attack: Man-in-the-middle attack is an attack in which an attacker is able to read, insert, and modify messages between two communication parties.