Adaptive traffic filtering for efficient and secure IP-mobility

  • Authors:

  • Mirco Marchetti;Michele Colajanni

  • Affiliations:

  • University of Modena and Reggio Emilia, Modena, Italy;University of Modena and Reggio Emilia, Modena, Italy

  • Venue:
  • Proceedings of the 4th ACM symposium on QoS and security for wireless and mobile networks
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

The Mobile IP (MIP) protocol that supports node mobility in IP networks may be implemented through two routing schemes: triangular routing and reverse tunneling. While triangular routing guarantees better performance because of shorter routing paths, it is not compatible with egress filtering policies enforced by many firewalls. As a result, it is necessary to recur to the slower reverse tunneling routing scheme that causes lower mobile connection throughput and higher round trip times. In this paper, we propose an innovative adaptive traffic filtering technique in which egress filtering rules are dynamically and automatically modified to reflect the presence of mobile nodes inside the protected network. The proposed scheme, called secure triangular routing, guarantees the best trade-off between performance and security because it enables triangular routing without violating network security policies. Viability and performance improvements of the proposed solution have been demonstrated by experiments carried out through a prototype. The proposed solution does not require any modification in correspondent nodes or in their networks, and it fully complies with the MIP protocol specifications.