Skip to Main content Skip to Navigation

Fast authentication and trust-based access control in heterogeneous wireless networks

Abstract : The development of wireless technologies grants a user equipped with a portable wireless device the possibility to access services any time and anywhere. Different network access technologies have been designed for different purposes. Today's digital universe is heterogeneous in various meanings of the word. Multiple IP-based services are offered for users who subscribe to multiple service providers, and have multiple roles and identities. These users are equipped with multi-interface, handheld devices with different capabilities and thus they are able to access a wide range of services over multiple access networks managed by multiple authorities. The limited scope of each access technology forces a user to gain connectivity through a verity of network technologies. For the same reasons, different technologies coexist in the same geographical areas. There is a great need for new paradigms and approaches to manage this heterogeneous universe and to deliver to users services adapted to their current terminals and access modes. In this thesis, we study the current situation and trends in wireless technologies development. We discuss the problems related to security mechanisms specific to each technology, and in particular the possibilities for integration and interworking. Security solutions always have trust models beneath them. In the modern, dynamic, wireless world there is a strong need for trust establishment procedures. Security mechanisms to be implemented under ubiquitous mobility scenarios should be flexible and independent of operator, infrastructure and the underlying wireless technology. The key challenges to ubiquitous, secure mobility have been identified and the advantages and shortcomings of existing solutions have been analyzed. We first study the possibility of authentication latency decreasing in a scenario where the network access authentication is decoupled from the service access authentication. An authorized user is granted network and service access as a result of a single authentication process that combines 802.1X and PANA operations. Then we introduce the Fast re-Authentication Protocol (FAP) for inter-domain roaming, which aims to reduce the authentication delay for a mobile user in a visited administrative domain. The approach eliminates the need for communication between the target and the user's home networks for credentials verification. We develop the Fast re-Authentication Protocol by suggesting a ticket distribution scheme for inter-domain roaming. This method decreases the number of tickets sent and consequently the overhead and delay of the ticket acquisition phase of the protocol. Numerical results obtained from experiments on a test-bed and a series of simulations show that the proposed scheme enhances inter-domain handover parameters such as authentication latency and signalling cost. To improve the access control to network resources we propose the adjustable trust model. The purpose of this work is to provide the network with the opportunity to react to user behaviour. The network is able to observe the activity of each user and to calculate corresponding trust. Clients having low trust due to illicit behaviour are not allowed to access the network. Users are motivated to gain higher trust because trusted users have access to a larger set of services with higher quality of service. Validation of the proposed trust-based access control method has been done via simulations. Finally, we discuss how the proposed solutions can be implemented in a single framework.
Document type :
Domain :
Complete list of metadatas

Cited literature [51 references]  Display  Hide  Download
Contributor : Ecole Télécom Paristech <>
Submitted on : Friday, January 9, 2009 - 8:00:00 AM
Last modification on : Friday, July 31, 2020 - 10:44:05 AM
Long-term archiving on: : Sunday, November 27, 2016 - 1:13:06 AM


  • HAL Id : pastel-00003793, version 1



Maryna Komarova. Fast authentication and trust-based access control in heterogeneous wireless networks. domain_other. Télécom ParisTech, 2008. English. ⟨pastel-00003793⟩



Record views


Files downloads