ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Adaptive traffic filtering for efficient and secure IP-mobility
Full text PdfPdf (317 KB)
Source
International Workshop on Modeling Analysis and Simulation of Wireless and Mobile Systems archive
Proceedings of the 4th ACM symposium on QoS and security for wireless and mobile networks table of contents
Vancouver, British Columbia, Canada
SESSION: Security architectures for wireless/wired access networks table of contents
Pages 43-50  
Year of Publication: 2008
ISBN:978-1-60558-237-5
Authors
Mirco Marchetti  University of Modena and Reggio Emilia, Modena, Italy
Michele Colajanni  University of Modena and Reggio Emilia, Modena, Italy
Sponsors
ACM: Association for Computing Machinery
SIGSIM: ACM Special Interest Group on Simulation and Modeling
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 89,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1454586.1454594
What is a DOI?

ABSTRACT

The Mobile IP (MIP) protocol that supports node mobility in IP networks may be implemented through two routing schemes: triangular routing and reverse tunneling. While triangular routing guarantees better performance because of shorter routing paths, it is not compatible with egress filtering policies enforced by many firewalls. As a result, it is necessary to recur to the slower reverse tunneling routing scheme that causes lower mobile connection throughput and higher round trip times. In this paper, we propose an innovative adaptive traffic filtering technique in which egress filtering rules are dynamically and automatically modified to reflect the presence of mobile nodes inside the protected network. The proposed scheme, called secure triangular routing, guarantees the best trade-off between performance and security because it enables triangular routing without violating network security policies. Viability and performance improvements of the proposed solution have been demonstrated by experiments carried out through a prototype. The proposed solution does not require any modification in correspondent nodes or in their networks, and it fully complies with the MIP protocol specifications.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Torsten Braun , Marc Danzeisen, Secure Mobile IP Communication, Proceedings of the 26th Annual IEEE Conference on Local Computer Networks, p.586, November 14-16, 2001
2
Ramón Cáceres , Venkata N. Padmanabhan, Fast and scalable handoffs for wireless internetworks, Proceedings of the 2nd annual international conference on Mobile computing and networking, p.56-66, November 1996, Rye, New York, United States  [doi>10.1145/236387.236405]
 
3
A.-T. Cheng, C.-H. Wu, J.-M. Ho, and D. Lee. Secure mobile ip communication. In Proc. of the 2004 IEEE International Conference on Networking, Sensing and Control, Taipei, Taiwan, March 2004.
 
4
Dynamics mobile ip. http://dynamics.sourceforge.net.
 
5
E. Fogelstroem, A. Jonsson, and C. E. Perkins. Mobile ipv4 regional registration. Request For Comments 4857 (Experimental), Internet Engineering Task Force, June 2007.
 
6
S. Fu and M. Atiquzzaman. Improving end-to-end throughput of mobile ip using sctp. In Proc. of the 2003 Workshop on High Performance Switching and Routing (HPSR 2003), Turin, Italy, June 2003.
 
7
R. Hsieh, Z. G. Zhou, and A. Sereviratne. S-mip: a seamless handoff architecture for mobile ip. In Proc. of the 22nd Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM 2003), San Francisco, USA, March 2003.
 
8
T. Killalea, Recommended Internet Service Provider Security Services and Procedures, RFC Editor, 2000
 
9
W. Ma and Y. Fang. Dynamic hierarchical mobility management strategy for mobile ip networks. IEEE Journal on Selected Areas in Communications, 22(4):664--676, May 2004.
 
10
Tan Min , Tian Lin , Kang Jianchu, A Seamless Handoff Approach of Mobile IP Based on Dual-Link, Proceedings of the First International Conference on Wireless Internet, p.56-63, July 10-15, 2005  [doi>10.1109/WICON.2005.5]
 
11
G. Montenegro , V. Gupta, Sun's SKIP Firewall Traversal for Mobile IP, RFC Editor, 1998
 
12
Charles E. Perkins, Mobile Networking Through Mobile IP, IEEE Internet Computing, v.2 n.1, p.58-69, January 1998  [doi>10.1109/4236.656077]
 
13
C. E. Perkins. Mobile ip and security issue: an overview. In Proc. of the First IEEE/Popov Workshop on Internet Technologies and Services, Moscow, Russia, November 1999.
 
14
C. E. Perkins. Mobile ip. IEEE Communications Magazine, 40(5):66--82, May 2002.
 
15
C. Perkins, IP Mobility Support for IPv4, RFC Editor, 2002
 
16
C. E. Perkins and D. B. Johnson. Route optimization in mobile ip. IETF Internet Draft, February 2000.
 
17
Optimized Smooth Handoffs in Mobile IP, Proceedings of the The Fourth IEEE Symposium on Computers and Communications, p.340, July 06-08, 1999
 
18
Z. Ren, C.-K. Tham, C.-C. Foo, and C.-C. Ko. Integration of mobile ip and multiprotocol label switching. In Proc. of the 2001 IEEE International Conference on Communications (ICC'2001), Helsinki, Finland, June 2001.
 
19
S. Sharma, N. Zhu, and T. cker Chiueh. Low-latency mobile ip handoff for infrastructure-mode wireless lans. IEEE Journal on Selected Areas in Communications, 22(4):643--652, May 2004.
 
20
M. Song, J. Huang, R. Feng, and J. Song. Simple key managementfot internet protocols (skip). In Proc. of the Internet Society's 1995 International Networking Conference (INET'95), Honolulu, HI, USA, June 1995.
 
21
M. Song, J. Huang, R. Feng, and J. Song. A distributed dynamic mobility management strategy for mobile ip networks. In Proc. of the 6th International Conference on ITS Telecommunications (ITST 2006), Chegdu, China, June 2006.
 
22
A. Wool. Direction-based filtering in firewalls. Elsevier Computers and security, 23(6):459--468, September 2004.
 
23
C.-H. Wu, A.-T. Chen, S.-T. Lee, J.-M. Ho, and D. T. Lee. Bi-directional route optimization in mobile ip over wireless lan. In Proc. of the 56 IEEE Vehicular Technology Conference (VTC 2002), Vancouver, Canada, September 2002.
 
24
Liang Zhang , Jiannong Cao , Sajal K. Das, A Mailbox-Based Scheme for Improving Mobile IP Performance, Proceedings of the 23rd International Conference on Distributed Computing Systems, p.864, May 19-22, 2003
 
25
P. Zhou and O. W. W. Yang. Reverse routing: An alternative to mip and romip protocols. In Proc. of the 1999 IEEE Canadian Conference on Electrical and Computing Engineering, Alberta, Canada, May 1999.

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Network communications

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.3 Network Operations
          Subjects: Network management


General Terms:
Design, Performance, Security


Keywords:
dynamic firewall reconfiguration, egress filtering, mobile IP

Collaborative Colleagues:
Mirco Marchetti: colleagues
Michele Colajanni: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player