Wireless Communications: Principles and Practice
Wireless Communications: Principles and Practice
Capability-Based Computer Systems
Capability-Based Computer Systems
Pre-Authenticated Fast Handoff in a Public Wireless LAN Based on IEEE 802.1x Model
PWC '02 Proceedings of the IFIP TC6/WG6.8 Working Conference on Personal Wireless Communications
Some constraints and tradeoffs in the design of network communications
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Proactive context transfer and forced handover in IEEE 802.11 wireless LAN based access networks
ACM SIGMOBILE Mobile Computing and Communications Review
Reducing Reauthentication Delay in Wireless Networks
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Operating System Concepts
A network-layer soft handoff approach for mobile wireless IP-based systems
IEEE Journal on Selected Areas in Communications
A simple and robust handover authentication between HeNB and eNB in LTE networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
BottleCap: a credential manager for capability systems
Proceedings of the seventh ACM workshop on Scalable trusted computing
GHAP: An Efficient Group-based Handover Authentication Mechanism for IEEE 802.16m Networks
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
Existing handover schemes in wireless LANs, 3G/4G networks, and femtocells rely upon protocols involving centralized authentication servers and one or more access points. These protocols are invariably complex and use extensive signaling on the wireless backhaul since they aim to be be efficient (minimal handover latency) without sacrificing robustness. However, the mobile user has little involvement especially with the so-called context transfer stage; this stage involves the transfer of necessary state to the new access point as well as the enforcement of security goals such as user authentication and single point of access. We propose the incorporation of user capabilities, network-asserted proofs of user identity and access control, as a general mechanism to simplify the context transfer stage. To this end, we have designed CapAuth, a capability-based scheme that has reduced complexity, low overhead, high level of fault tolerance and is general enough to implement a range of security policies.