The untrusted handover security of the S-PMIPv6 on LTE-A

In this paper, we propose a secure scheme, named the Digital-Signature-based Authentication Method (DiSAM for short), in which two authentication methods, called Homogeneous Network Authentication (HoNA for short) and Untrusted Network Authentication (UNA for short), are proposed to enhance the security of the LTE-A on F-PMIPv6 handover. In the HoNA, when UE enters a network, it obtains its representative identify (RI for short) as the user's digital signature, and reuses the code for the later authentications. The purpose is to avoid redundantly performing the whole authentication procedure once UE hands over to the next eNB, thus dramatically lowering the LTE-A's handover delay without scarifying its original security level. Due to creating a special authentication parameter, which contains KASME, the HoNA is suitable for a homogeneous environment provided by the same 4G operator. In the UNA, the MME which is now serving UE, denoted by MME 1, will predict the next eNB/base station (BS) through the assistance of ANDSF. The next eNB/BS can be heterogeneous to the eNB/BS currently serving UE. After that, MME 1 sends an Authentication_Request message to the next eNB/BS's HSS, e.g., HSS 2. HSS 2 will request the HSS of UE's home network, e.g., HSS 0, to authenticate UE. When successful, HSS 2 notifies its MME, e.g., MME 2 which will allow the UE to access its network resources. Of course, the UNA can also be applied to a homogeneous handover if the two systems before and after handover are untrusted.

[1]  Basavaraj Patil,et al.  Proxy Mobile IPv6 , 2008, RFC.

[2]  Jan Newmarch Introduction to stream control transmission protocol , 2007 .

[3]  Masoumeh Purkhiabani Enhanced Authentication and Key Agreement Procedureof Next Generation 3GPP Mobile Networks , 2012 .

[4]  Marc St-Hilaire,et al.  A comparative analysis of predictive and reactive mode of optimized PMIPv6 , 2012, 2012 8th International Wireless Communications and Mobile Computing Conference (IWCMC).

[5]  Stilianos Vidalis,et al.  Assessing Identity Theft in the Internet of Things , 2014 .

[6]  Subir Das,et al.  DHCPv4 and DHCPv6 Options for Access Network Discovery and Selection Function (ANDSF) Discovery , 2011, RFC.

[7]  Paulo F. Pires,et al.  MDCSIM : A method and a tool to identify services , 2015 .

[8]  Lyndon Ong,et al.  An Introduction to the Stream Control Transmission Protocol (SCTP) , 2002, RFC.

[9]  Frank Xia,et al.  Fast Handovers for Proxy Mobile IPv6 , 2010, RFC.

[10]  Randall R. Stewart,et al.  Stream Control Transmission Protocol , 2000, RFC.

[11]  Fang-Yie Leu,et al.  S-PMIPv6: Efficient Handover of Proxy Mobile IPv6 by Using SCTP , 2014, 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications.

[12]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[13]  Younghan Kim,et al.  Flow Mobility Management in PMIPv6-based DMM (Distributed Mobility Management) Networks , 2014, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[14]  Hang Qin,et al.  Research on 3GPP LTE Security Architecture , 2012, 2012 8th International Conference on Wireless Communications, Networking and Mobile Computing.

[15]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[16]  Ahmad Rasem O-PMIPv6: Optimized Proxy Mobile IPv6 , 2011 .

[17]  Marc St-Hilaire,et al.  O-PMIPv6: Efficient Handover with route optimization in Proxy Mobile IPv6 domain , 2012, 2012 IEEE 8th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).