Please use this identifier to cite or link to this item:
標題: 認證、授權架構下802.11與行動網際網路協定之整合
Integration of 802.11 and Mobile IP in Authentication, Authorization, and Accounting (AAA) Architecture
作者: 賴思耀
關鍵字: 802.11f;802.11f;IAPP;Mobile IP;AAA;Wireless LAN;行動網際網路協定;無線區域網路;認證;授權架構
出版社: 電機工程學系
IEEE 802.11是目前廣為使用的無線區域網路標準,許多廠商都積極投入製造符合802.11標準的無線區域網路產品。但是802.11並沒有規範該如何實做Distribution System(DS),當使用者要在不同廠牌的AP間漫遊時會因為DS的實現方式不同而造成AP間彼此無法傳遞保持連線時所需的資訊。這將會是廣泛建置802.11無線區域網路的一大障礙。802.11f就是為了解決這個問題而提出的協定,它提供了許多服務讓不同廠牌的AP間能夠互相溝通、傳遞訊息。然而802.11f只能提供使用者在同一子網域時的漫遊服務,一但使用者進入了不同的子網域後網路連線便會中斷。Mobile IP就是為解決無線區域網路間的漫遊問題而制定,它提供了使用者在不同網域間漫遊時還能保持網路連線的服務。此外網際網路服務供應商必須要有一套認證、授權、計費( Authentication, Authorization, and Accounting, AAA)的架構來處理使用者在不同網域間漫遊時的安全與計費問題。對於一些較大型的網路而言,使用者所到的網域可能會因為離本地代理者(Home Agent, HA)很遠而使得Mobile IP註冊時間的延遲情形更為嚴重。
在本論文中我們先對802.11f做簡單的介紹並且分析802.11f與Mobile IP協同工作的情況。我們從理論上提出了一個在認証、授權
架構下802.11與Mobile IP整合的模型來改善無線區域網路同網域與跨網域的漫遊效能並說明這個模型如何運作以及可能遇到的問題。在同一子網域漫遊時我們利用”context pre-transfer model ”來預先建立802.11的連線環境。在跨網域情形下我們利用”Simultaneous Handoff of Mobile IPv4 and 802.11, [SIMIP]“ 來同時處理802.11與Mobile IP 的註冊訊息。此外為了縮短Mobile IP註冊的時間我們利用了Diameter協定裡的新功能來指定一個新的本地代理者給使用者。

IEEE 802.11 Wireless LAN standard was ratified a few years ago and lots of vendors have engaged in the manufacture of Wireless LAN products compliant with 802.11. However, 802.11 did not specify how to implement Distribution System (DS).When mobile nodes roam among access points (AP) of different vendors, the context transfer used to keep connection uninterrupted may be failed. This will become a hurdle to widely deploy 802.11 Wireless LAN. In order to overcome this problem, 802.11f was proposed and specified a set of services that will enable multi-vendor access points to interoperate with each other. However, 802.11f only works when a mobile node roams in the same subnet. Once the mobile node moves across different subnets, data connection between terminals will break down. Originally engineered as a solution for Wireless LAN, Mobile IP enables a mobile node to move freely from one subnet to another without disrupting end-to-end connectivity. Besides, the AAA (Authentication, Authorization, and Accounting) architecture is essential for Internet Service Provider (ISP) to handle security and accounting considerations, especially when users roam among different administrative domains. For some big network domains, the mobile node's current network attach point could be far away from its static home agent and would cause a long delay when registration request is processed.
In this thesis, we first give an introduction to 802.11f and analyze the situation as 802.11f cooperates with Mobile IP. In order to improve both intra and inter domain roaming efficiency, we propose a theoretical model which integrates 802.11 and Mobile IP in AAA environment. We analyze the operation of the model and discuss what kinds of problem this model faces. In intra domain roaming, we make use of the “context pre-transfer model” to pre-establish 802.11 services for the user. In inter domain roaming, we also utilize “Simultaneous Handoff of Mobile IPv4 and 802.11” (SIMIP) to process 802.11 reassociation and Mobile IP registration at the same time. Furthermore, we use a new function of next generation AAA protocol, Diameter, to allocate a new home agent for the user to process subsequent Mobile IP registration locally.
Appears in Collections:電機工程學系所

Show full item record

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.