World Library  


Add to Book Shelf
Flag as Inappropriate
Email this Book

Mobile Ip Version 6 Route Optimization Security Design Background

By Nikander, P.

Click here to view

Book Id: WPLBN0000694087
Format Type: PDF eBook
File Size: 92.25 KB.
Reproduction Date: 2005
Full Text

Title: Mobile Ip Version 6 Route Optimization Security Design Background  
Author: Nikander, P.
Volume:
Language: English
Subject: Critical Thinking, Logic, Language
Collections: Technical eBooks Collection
Historic
Publication Date:
Publisher:

Citation

APA MLA Chicago

Nikander, P. (n.d.). Mobile Ip Version 6 Route Optimization Security Design Background. Retrieved from http://www.worldebookfair.com/


Description
Technical Reference Publication

Excerpt
Introduction: Mobile IPv4 is based on the idea of supporting mobility on top of existing IP infrastructure, without requiring any modifications to the routers, the applications, or the stationary end hosts. However, in Mobile IPv6 [6] (as opposed to Mobile IPv4), the stationary end hosts may provide support for mobility, i.e., route optimization. In route optimization, a correspondent node (CN) (i.e., a peer for a mobile node) learns a binding between the mobile node's stationary home address and its current temporary care-of address. This binding is then used to modify the handling of outgoing (as well as the processing of incoming) packets, leading to security risks. The purpose of this document is to provide a relatively compact source for the background assumptions, design choices, and other information needed to understand the route optimization security design. This document does not seek to compare the relative security of Mobile IPv6 and other mobility protocols, or to list all the alternative security mechanisms that were discussed during the Mobile IPv6 design process. For a summary of the latter, we refer the reader to [1]. Even though incidental implementation suggestions are included for illustrative purposes, the goal of this document is not to provide a guide to implementors. Instead, it is to explain the design choices and rationale behind the current route optimization design. The authors participated in the design team that produced the design and hope, via this note, to capture some of the lessons and reasoning behind that effort.

Table of Contents
Table of Contents 1. Introduction ....................................................3 1.1. Assumptions about the Existing IP Infrastructure ...........4 1.2. The Mobility Problem and the Mobile IPv6 Solution ..........6 1.3. Design Principles and Goals ................................8 1.3.1. End-to-End Principle ..................................8 1.3.2. Trust Assumptions .....................................8 1.3.3. Protection Level ......................................8 1.4. About Mobile IPv6 Mobility and its Variations ..............9 2. Avenues of Attack ...............................................9 2.1. Target ....................................................10 2.2. Timing ....................................................10 2.3. Location ..................................................11 3. Threats and Limitations ........................................11 3.1. Attacks Against Address 'Owners' (Address Stealing).. ...12 3.1.1. Basic Address Stealing ...............................12 3.1.2. Stealing Addresses of Stationary Nodes ...............13 3.1.3. Future Address Sealing ...............................14 3.1.4. Attacks against Secrecy and Integrity ................15 3.1.5. Basic Denial-of-Service Attacks ......................16 3.1.6. Replaying and Blocking Binding Updates ...............16 3.2. Attacks Against Other Nodes and Networks (Flooding) .......16 3.2.1. Basic Flooding .......................................17 3.2.2. Return-to-Home Flooding ..............................18 3.3. Attacks against Binding Update Protocols ..................18 3.3.1. Inducing Unnecessary Binding Updates .................19 3.3.2. Forcing Non-Optimized Routing ........................20 3.3.3. Reflection and Amplification .........................21 3.4. Classification of Attacks .................................22 3.5. Problems with Infrastructure-Based Authorization ..........23 4. Solution Selected for Mobile IPv6 ..............................24 4.1. Return Routability ........................................24 4.1.1. Home Address Check ...................................26 4.1.2. Care-of-Address Check ................................27 4.1.3. Forming the First Binding Update .....................27 4.2. Creating State Safely .....................................28 4.2.1. Retransmissions and State Machine ....................29 4.3. Quick expiration of the Binding Cache Entries .............29 5. Security Considerations ........................................30 5.1. Residual Threats as Compared to IPv4 ......................31 5.2. Interaction with IPsec ....................................31 5.3. Pretending to Be One's Neighbor ...........................32 5.4. Two Mobile Nodes Talking to Each Other ....................33 6. Conclusions ....................................................33 7. Acknowledgements ...............................................34 8. Informative References .........................................34

 

Click To View

Additional Books


  • The Elements of Inductive Logic : Design... (by )
  • The Elements of Inductive Logic : Design... (by )
  • Guide to the Study of Moral Evidence : O... (by )
  • The Evolution of Parallel Logic Programm... (by )
  • The Elements of Geometry, In Eight Books... (by )
  • Doctrine of Formal Logic, Being a Transl... (by )
  • Folsom's Logical Bookkeeping : The Logic... (by )
  • Deductive Logic (by )
  • The English Language: Its Grammar, Histo... (by )
  • The English Language: Its Grammar, Histo... (by )
  • The English Master; Or Student's Guide t... (by )
  • De Quincey's Writings (by )
Scroll Left
Scroll Right

 



Copyright © World Library Foundation. All rights reserved. eBooks from World eBook Fair are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.