Title: Magazine????
1Magazine????
2Abstract
- A new method to support UMTS WLAN vertical
handover using SCTP - Interworking techniques and architectures for
WLAN 3G integration toward 4G mobile data
networks - IEEE802.11 roaming and authentication in wireless
LAN cellular mobile networks - ??
3Magazine 1
- A new method to support UMTS WLAN vertical
handover using SCTP
4Note Abstract
- UMTS networks and WLANs
- Third-generation cellular networks
- UMTS/WLAN vertical handover problem
- Overview of Mobile SCTP
- VERTICAL HANDOVER PROCEDURES
5UMTS networks and WLANs
- UMTS
- wide-area connectivity
- low data rate
- high mobility
- WLANs
- higher data rate
- low mobility
6Third-generation cellular networks
- Both UMTS and WLANs
- WLAN offer higher bandwidth
- Mobile users accessing the Internet via UMTS/WLAN
are free to move - Handover between UMTS and WLANs
- MIP from IETF
- provides transparent support for host mobility
- routing architecture of mobile host
- Difficult to maintain the continuity between UMTS
and WLAN - Point of this article
7UMTS/WLAN vertical handover problem
- UMTS/WLAN vertical handover support via two
types of SCTP - single-homing asymmetric configuration
- dual-homing symmetric configuration
- Integrated UMTS/WLAN network architecture
- tightly coupled solutions connect UMTS and WLAN
- loose coupling solutions separate out UMTS and
WLAN - loose coupling offers several advantages over
tight coupling
8Overview of Mobile SCTP (1)
- Originally for VoIP of 3GPP
- Reliability
- Multi-homing
- established over multiple interfaces identified
by multiple IP addresses - An SCTP association between two hosts, say, A and
B, is defined as - a set of IP addresses at A Port-A
- a set of IP addresses at B Port-B.
9Overview of Mobile SCTP (2)
- base version of SCTP cannot be used directly to
support UMTS/ WLAN vertical handover - Fortunately, the recently proposed DAR extension
for SCTP enables the endpoints to add, delete, or
change the IP addresses during an active SCTP
association using address configuration (ASCONF)
messages. - basis of mSCTP
10Overview of Mobile SCTP (3)
- mSCTP
- Using for supporting UMTS/WLAN vertical handover
- capabilities to add, delete, and change the IP
addresses dynamically during an active SCTP
association
11Overview of Mobile SCTP (4)
- mSCTP Protocol architecture
12VERTICAL HANDOVER PROCEDURES (1)
- FS can also be configured for
- Single-homing The FS provides only one IP
address to support handover. - Dual-homing The FS allows more than one (usually
two) IP addresses to support - Handover procedure has three basic steps
- Add IP address
- Vertical handover triggering
- Delete IP address
13VERTICAL HANDOVER PROCEDURES (2)
- single-homing configuration
14VERTICAL HANDOVER PROCEDURES (3)
- dual-homing configuration
15SIMULATION RESULTS AND DISCUSSIONS (1)
- use network simulator ns-2 to perform the
simulations and obtain - set to be 384 kb/s for the UMTS link and 2 Mb/s
for the WLAN link - delay is set to 100 ms
- FTP traffic is started at the MC at time 1 s
- handover triggering process is activated at time
5 s
16SIMULATION RESULTS AND DISCUSSIONS (2)
- simulation results
- UMTS-to-WLAN handover delay is 533 ms
17SIMULATION RESULTS AND DISCUSSIONS (3)
- simulation results
- WLAN-to-UMTS delay is 513 ms
18SIMULATION RESULTS AND DISCUSSIONS (4)
- throughput performance for vertical handover in
both directions
19Magazine 2
- Interworking techniques and architectures for
WLAN 3G integration toward 4G mobile data networks
20Note Abstract
- WLAN/3G interworking function
- INTERWORKING MODEL AND REQUIREMENTS
- NETWORK SELECTION
- INTERWORKING SCENARIOS
- 3G-Based Access Control and Charging
- REFERENCE POINTS
- Access to 3G Packet-Switched Services
- REFERENCE POINTS
- CONCLUSIONS
21WLAN/3G interworking function
- WLAN/3G interworking techniques and
architectures can support - Authentication
- Authorization
- Accounting
- WLAN sharing
- Consistent service provisioning
22INTERWORKING MODEL AND REQUIREMENTS (1)
- high-level WLAN/3G interworking model.
23INTERWORKING MODEL AND REQUIREMENTS (2)
- WLAN/3G interworking must
- provide 3G-based authentication
- support 802.1X access control
- support the legacy UAM and open access control
schemes
24NETWORK SELECTION
- MS needs to perform the following selection
procedures - Select a WLAN that supports interworking with 3G
PLMNs - MS must select one of the PLMNs
- several solutions of network selection problem
- broadcast an SSID with a suitable format
- transmitting a probe request including a
predefined well-known (3G-specific) SSID
25INTERWORKING SCENARIOS (1)
- Scenario 1 Common Billing and Customer Care
- Scenario 2 3G-Based Access Control and Charging
- Scenario 3 Access to 3G Packet-Switched
Services - Scenario 4 Access to 3G Packet-Switched-Based
Services with Service Continuity - Scenario 5 Access to 3G Packet-Switched-Based
Services with Seamless Service Continuity - Scenario 6 Access to 3G Circuit-Switched-Based
Services with Seamless Mobility
26INTERWORKING SCENARIOS (1)
273G-Based Access Control and Charging (1)
- INTERWORKING ARCHITECTURE
283G-Based Access Control and Charging (2)
293G-Based Access Control and Charging (3)
- AAA SIGNALING
- MS sends its identity to the WLAN within an
EAP-Response/Identity message - MSs identity is NAI-1
- username_at_realm
- WLAN discovers route AAA messages to the 3G PLMN
corresponding to this realm - AAA access request is sent to the identified 3G
PLMN over the Wr interface - WLAN sends network advertisement data to the MS
- use a new EAP method called 3G-Info
- XML structure
30REFERENCE POINTS (1)
- 3G internal interfaces
- Wr/Wb
- carries AAA signaling between the WLAN and the 3G
/ home PLMN in a secure manner - Support Radius by acrossWr/Wb
- Ws/Wc
- provides the same functionality as Wr/Wb but runs
between a 3G AAA proxy and a 3G AAA server
31REFERENCE POINTS (2)
- Wf
- transport charging information toward the 3G
operators CGw/CCF located in the visited or home
PLMN - Wo
- used by the 3G AAA server to communicate with the
3G OCS
32REFERENCE POINTS (3)
- Wx
- between the 3G AAA server and the HSS
- used primarily for accessing the WLAN
subscription profiles of the users - D/Gr
- used for exchanging subscription information
between the 3G AAA server and the HLR by means of
the MAP protocol
33Access to 3G Packet-Switched Services (1)
- INTERWORKING ARCHITECTURE
34Access to 3G Packet-Switched Services (2)
35Access to 3G Packet-Switched Services (3)
36Access to 3G Packet-Switched Services (4)
37REFERENCE POINTS (1)
- several additional interfaces
- Wn
- used for transporting tunneled user data between
the WLAN and the WAG - Wm
- located between the 3G AAA server and PDG
- used to enable the 3G AAA server to retrieve
tunneling attributes and an MSs IP configuration
parameters from/via the PDG
38REFERENCE POINTS (2)
- Wi
- provided via the Wi interface based on IP
- Wg
- used by the 3G AAA proxy to deliver routing
policy enforcement information to the WAG - Wp
- transports tunneled user data traffic between the
WAG and the PDG
39CONCLUSIONS
- maintain access to the same 3G packet-switched
services across several radio access technologies
- such as IEEE 802.11, HiperLan/2, UTRAN, and
GERAN - Session mobility is an additional requirement
that needs further consideration and presents
considerable technical challenges
40Magazine 3
- IEEE802.11 roaming and authentication in wireless
LAN cellular mobile networks
41Note Abstract
- Integrate wireless LAN service
- IEEE 802.11 WIRELESS LAN ROAMING
- RADIUS PROXY
- IEEE 802.11 HORIZONTAL ROAMING
- MOBILE IP HANDOFF PERFORMANCE IMPROVEMENT
- WIRELESS TRANSMISSION PRIVACY
- SECURITY ANALYSIS
- AUTHENTICATION AND KEY NEGOTIATION DEMONSTRATION
- SUMMARY
42Integrate wireless LAN service (1)
43Integrate wireless LAN service (2)
- IEEE802.11 service integration functionality
- integrate into cellular networks
- Wireless network security
- Service quality
- refers to handoff speed and packet loss rate
44Integrate wireless LAN service (3)
45IEEE 802.11 WIRELESS LAN ROAMING (1)
- IEEE802.11 roaming structure is based on
- AAA broker with a Remote Authentication Dial-In
User Service (RADIUS) server proxy - CA servers
- are special servers that issue and verify
certificates to fixed nodes or networks upon
request so that they have proofs to identify
themselves - are organized in a tree topology and working in a
distributed way
46IEEE 802.11 WIRELESS LAN ROAMING (2)
47RADIUS PROXY
- RADIUS server retrieves
- remote servers domain from the users request
- includes the network access identifier
- identifier_at_domain_name
48IEEE 802.11 HORIZONTAL ROAMING (1)
- Each network domain is interconnected by AAABs
- In order to provide IP mobility
- foreign agent (FA) is placed into the NAS
- The architecture is able to process two
horizontal roaming scenarios - The current IEEE802.11 device connects to the
network via the NAS - Seamless roaming
49IEEE 802.11 HORIZONTAL ROAMING (2)
50IEEE 802.11 HORIZONTAL ROAMING (3)
51IEEE 802.11 HORIZONTAL ROAMING (4)
52MOBILE IP HANDOFF PERFORMANCE IMPROVEMENT (1)
- roam between a wireless LAN and a cellular
network - routed to the mobile station through its HA
- HA redirects the data flow to the new IP
address - For typical data applications is not necessary to
use real-time seamless handoff - For real-time Internet applications like voice
or streaming video ,handoff latency and packet
loss performance have become more and more
critical
53MOBILE IP HANDOFF PERFORMANCE IMPROVEMENT (2)
- In order to reduce the latency of Mobile IP
handoff - used to assist Mobile IP handoff
- pre-registration and authentication data can be
sent to the mobile station before it moves - Additional flow control should be taken in the
handover perio
54WIRELESS TRANSMISSION PRIVACY (1)
- built-in WEP encryption cannot guarantee data
transmission privacy - User location updates are transparent to the
scheme since user mobility is handled in the
network layer - FA just relays the authentication message between
the mobile station and its home network
55WIRELESS TRANSMISSION PRIVACY (2)
- Authenticating parties share a secret key
- stored in either the mobile station or its
Subscriber Identity Module (SIM) card - Authenticating parties do not share a secret key
- authentication between two mobile stations or a
mobile station and a fixed Internet server - Visit the Internet public resourc
- no authentication is needed
56WIRELESS TRANSMISSION PRIVACY (3)
- Authentication and key negotiation protocol
between two mobile stations belonging
57WIRELESS TRANSMISSION PRIVACY (4)
- Scheme variation in various authentication
scenarios
58SECURITY ANALYSIS (1)
- MS1 finds MS2s home address and creates a nonce
with the corresponding hash value - HA1 decrypts the message from MS1 HA1 realizes
that MS1 intends to authenticate with a third
party - CA decrypts the message from HA1 and verifies
IDHA1 - HA1 decrypts the message from CA, and gets the
public key and device ID of HA2. HA1 stores the
pubHA2 and IDHA2 pair - HA2 will buffer the latter if the latter comes
- that must not be compromised
59SECURITY ANALYSIS (2)
60AUTHENTICATION AND KEY NEGOTIATION DEMONSTRATION
- demonstration uses RSA as the public key
algorithm - DES as the symmetric algorithm
- MD5 as one-way hash functions
- If the slowest network connection speed is 14.4
kb/s in the cellular network with overhead of
the transmission considered - data transmission can be finished in less than 3
s
61SUMMARY
- The proposed architecture offers a smooth
transition of wireless LAN hot spots from
non-roaming-supported to seamless-roam-ing-support
ed - A fast network switchover mechanism is available
to improve the performance of streaming
applications - wireless transmission security is carefully
considered
62??
- ??2000?3G????????,?????????????,??????????????????
?????,???????????,???3G??????????????,????????????
????????,??????????,??????,??3?paper?,????????????
,???????????????????
63Q A
64Thanks for your listen .