Autosoft Journal

Online Manuscript Access

Adaptive Authentication And Registration Key Management Scheme Based On AAA Architecture



The demand for mobile communications has been increasing significantly while inducing more challenges to security issues, especially in authenticating mobile hosts. In order to provide secure communications in mobile networks, the Authentication, Authorization, and Accounting (AAA) architecture is currently in use within the Internet access service. The AAA architecture is used to establish authentication between the communication hosts. However, the current azchitecture has an inefficient authentication procedure when a mobile host hands off from a home domain to foreign domains because the architecture assumes that the only reliable source of authenticating the mobile host is the AAA server located in the home domain. This problem becomes more significant when the mobile host traveling far way from its home domain establishes a mobility security association with mobility entities. To solve these problems, we propose in this paper an adaptive authentication and registration key management scheme. Within the proposed scheme, the mobile host is authenticated by the AAA server located in the previous domain and obtains the required key material to establish the mobility security association when the mobile host performs the inter-domain handoff. In the infra-domain handoff case, the mobile host is simply authenticated by the AAA server located in the current domain and obtains the required key material. The results of a performance evaluation show that the proposed scheme reduces the authentication failure rate up to 58.46 compared to the current AAA architecture.



Total Pages: 18
Pages: 519-536


Manuscript ViewPdf Subscription required to access this document

Obtain access this manuscript in one of the following ways

Already subscribed?

Need information on obtaining a subscription? Personal and institutional subscriptions are available.

Already an author? Have access via email address?


Volume: 16
Issue: 4
Year: 2010

Cite this document


C. Perkins, “IP Mobility Support for IPv4,” IETF RFC 3344, 2002.

D. Johnson, C. Perkins, and J. Arkko, “Mobility Support in IPv6,” IETF RFC 3775, 2004.

S.P. Miller, B. C. Neuman, J. L Schiller, and J.H. Saltzer, “Kerberos Authentication and Authorization System,” MIT Project Athena Technical Document, 1988.

J. G. Steiner, B. C. Neuman, and J.I. Schiller, “Kerberos: An Authentication Service for Open Network Systems,” In Proceedings of the Winter Usenix Conference 1998, 1998.

J. Kohl and B. C. Neuman, “The Kerberos Network Authentication Service (Version 5),” IETF RFC 1510, 1993.

S. Jacobs and S. Belgard, “Mobile IP Public Key Based Authentication,” draft jacobsmobileip-pki-auth-03.txt, IETF Internet-Draft, 2001.

S. Glass, T. Hiller, S. Jacobs, C. Perkins, “Mobile IP Authentication, Authorization, and Accounting Requirements,” IETF RFC 2977, 2000.

C. Perkins and P. Calhoun, “Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4,” IETF RFC 3957, 2005.

J.H. Lee and T.M. Chung, “Session Key Forwarding Scheme based on AAA Architecture in Wireless Network,” In Proceedings of International Symposium on Parallel and Distributed Processing and Applications (ISPA) 2006, pp. 18–26, 2006.

C. Finseth, “An Access Control Protocol, Sometimes Called TACACS,” IETF RFC 1492, 1993.

D. Carrel and L. Grant, “The TACACS+Protocol Version 1.78,” IETF Internet Draft (expired), 1997.

C. Rigney, S. Willens, A. Rubens, and W. Simpson, “Remote Authentication Dial In User Service (RADIUS), IETF RFC 2865, 2000.

D. Nelson and A. DeKok, “Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes,” IETF RFC 5080, 2007.

IETFAuthentication,Authorization,and Accounting Working Group,, Accessed on June 2008.

P. Calhoun, J. Loughney, E. Guttman, G. Zorn, and J. Arkko, “Diameter Base Protocol,” IETF RFC 3588, 2003.

C. Perkins and P. Calhoun, “Mobile IPv4 Challenge/Response Extensions,” IETF RFC 3012, 2000.

C. Perkins, P. Calhoun, and J. Bharatia, “Mobile IPv4 Challenge/Response Extensions (Revised),” IETF RFC 4721, 2007.

P. Calhoun, C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” IETF RFC 2794, 2000.

H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, 1997.

M. Nakhjiri, M. Parthasarathy, J. Bournelle, H. Tschofenig, and R Marin Lopez, “AAA based Keying for Wireless Handovers: Problem Statement,” draft-nakhjiri-aaa-hokey-ps03, IETF Internet-Draft (expired), 2006.

J.H. Lee, T.M. Chung, S. Pack, and S. Gundavelli, “Shall we apply paging technologies to Proxy Mobile IPv6 ?” In Proceedings of ACM International Workshop on Mobility in the EvolvinglnternetArchitecture (MobiArch) 2008, 2008.

S. Park, N. Kang, and Y. Kim, “Localized Proxy-MIPv6 with Route Optimization in IPBased Networks,” IEICE Transactions on Communications, vol. E90-H, no. 12, 2007.

H. Jeon, J. Lim, H. Choo, and G.L. Park, “Forwarding Scheme Extension for Fast and Secure Handoff in Hierarchical MIPv6,” In Proceedings of International Conference on Computational Science (ICCS) 2005, pp. 468–476, 2005.

J. McNair, LF. Akyldiz, and M.D. Bender, “An inter-system handoff technique for the IMT-2000 system,” In Proceedings of IEEE INFOCOM 2000, pp. 203–216, 2000.

D. Choi and H. Choo, “Partial Dual Unicasting Based Handoff for Real-Time Traffic in MIPv6 Networks,” In Proceedings of International Conference on Computational Science (ICCS) 2003, pp. 443–452, 2003.

H.G. Kim, D. H. Choi, and D. Y. Kim, “Secure Session Key Exchange for Mobile IP Low Latency Handoff,” In Proceedings of International Conference on Computational Science and its Applications (ICCSA) 2003, pp. 230–238, 2003.


ISSN PRINT: 1079-8587
ISSN ONLINE: 2326-005X
DOI PREFIX: 10.31209
10.1080/10798587 with T&F
IMPACT FACTOR: 0.652 (2017/2018)
Journal: 1995-Present


TSI Press
18015 Bullis Hill
San Antonio, TX 78258 USA
PH: 210 479 1022
FAX: 210 479 1048