03-11-2012, 04:27 PM
A Protocol for Re-authentication and Handoff Notification in Wireless Mesh Networks
A Protocol for Re-authentication.pdf (Size: 164.5 KB / Downloads: 42)
Abstract
Mesh technology has captured the interest of university research
and industry, because of its capacity to meet at the same time the
requirements of Internet service provider and users. But, its
architecture and configuration do not ensure a protection against
the unauthorized use of the network since the used basic security
measures do not include the concept of mobility. Our endeavor
in this paper is to introduce a re-authentication scheme for secure
handoff based on an efficient mobility management. First, we
have treated the mobility aspect. Indeed, we applied the
Mobility Notification Message procedure to support an
environment which manages handoff in effective way. Then,
using this technique, we have defined a new scheme to provide
security during handoff. Our study shows that the proposed
protocol can provide more protected network and more effective
re-authentication scheme in term of minimized handoff latency
as well as reduced blocking and loss rates.
Introduction
The last decades have shown a very significant revolution
for wireless networks, which results by the appearance of
several models and techniques. These new technologies,
which bring new services and improve the used processes,
form the next generation of wireless networks. Mainly, we
quote two great families for these techniques; Ad hoc
networks and Mesh networks.
These technologies are characterized by deployment
flexibility, a facility of use and a wider cover. Indeed,
Mesh solutions support a diversity of advantages which
are essentially the minimization of the network installation
cost with a simple maintenance procedure, the robustness
of offered networks services as well as the extension of
the cover without touching with the reliability of the
network.
Related Work
WMN brings several advantages such as the facility and
the flexibility of deployment. The prime objective of this
type of network is to offer a flexible connectivity to the
mobile users. Consequently, the special care must be taken
by handling the mobility. In our study, we are interested in
stations mobility. Due to the importance of this challenge,
various solutions were proposed in the literature in order
to solve the problem of lack of security during handoff.
Among which we quote the example of SMesh (Seamless
Mesh) [2], WMM mechanism [3], Protocol for Macro
Mobility and multi-homing notification and also Geomobility
and location service in spontaneous WMN.
The stations in SMesh are connected automatically to the
network by the standard DHCP. SMesh proposes its own
solution to solve the handoff problem. This suggested
approach can be considered effective since it doesn't
include the client in the procedure of handoff neither
changes its device nor introduced additional software. On
the other hand, the mobile nodes only have localization’s
precision of 2 seconds. Moreover, a heavy signaling
overhead was produced by the diffusion of DHCP requests
by the station at each 2 seconds and also created in case
where several MAP have good connectivity with certain
client, the data packets of this client will be duplicated.
Proposed Scheme
In this section, we describe the principle of our proposed
re-authentication protocol, which is applicable in Wireless
Mesh Network. First of all, we define the adopted
architecture of our study environment to facilitate the
implementation of our suggested solution. Our studied
issue can be divided into two great phases. The first aspect
is the mobility since we will be interested in the nodes
mobility management, which is known as handoff. The
major problem which is derived from mobility is security.
Indeed, this second aspect makes it possible to eliminate
risks, attacks and vulnerable actions in Mesh network.
Network Architecture
In order to be able to apply our re-authentication protocol,
we need to specify the architecture of the adapted
environment. In our study, we have slightly modified the
terminology used in the draft D2.0 of IEEE 802.11s
(described in the introduction section) [13]. Moreover, we
selected the hierarchical architecture because it presents
the most adapted approach for mobility and security
treatment as well as it has the most powerful platform,
which is compatible with Mesh network requirements and
challenges. This choice is based on a comparative study
made between three types of architecture; centralized,
distributed and hierarchical.
Handoff: Mobility Management
After having fixed the architecture of our study on which
we will implement our re-authentication protocol, we will
be interested in the first aspect, which is mobility.
Moreover, we cannot solve the lack of security problem
during handoff without initially ensuring an effective
mobility protocol. Indeed, this aspect facilitates the
integration of the re-authentication protocol and the
preparation of a suitable platform. The purpose of such
mobility protocol is to supervise and follow the location
information change of the various nodes inside the
network.
The prime objective of Wireless Mesh Network is to offer
a supple connectivity to mobile users. However, the ease
of communication should not make forget the new risks
introduced by these techniques. Indeed, in Mesh network
the clients (mobile by definition) are likely to move from a
cell (Mesh node cover) to another. Moreover, the
protocols, intended to manage mobility in wired networks,
give bad results on this new technology. So the installation
of a mobility mechanism (roaming) will be a crucial issue
for services continuity and consequently the special care
must be taken by handling these subjects.
Performances Evaluation
This section is devoted to the evaluation of our protocol
performances. First we have developed a network
simulator to implement our architecture of Mesh network.
This simulator specifies various parameters of this type of
network and to simulate its features to study the effect of
security during the handoff of the mobile stations. The
selected network covers 300m×300m comprising 9 MAPs
and a variable number of clients. To evaluate the
performances of our solution, we will consider two types
of traffic: voice and Web communication. While referring
on these types of communications as well as the
parameters of simulation.
CONCLUSION
To allow users to carry out an effective and reliable
handoff as well as a secure access to WMN a method of
re-authentication, with a reduced delay, should be
executed during the cross of the mobile nodes by different
MAPs and through various clusters. Indeed, a mobility
mechanism cannot prove its effectiveness only if it is
associated to a well defined and studied security
mechanism. In this paper, we have proposed a new
solution to solve this problem of insecurity during handoff
by defining a new protocol for handoff identification and
re-authentication. This solution has been studied for both
types of mobility; inter-cluster and intra-cluster. Then, we
could extract various results following the development of
a network simulator on which we have tested our proposed
protocol.