ABSTRACT
Contents 18.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 18.2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 18.3 Authentication in Wireless Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
18.3.1 Secret Key-Based and Public Key-Based Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
18.3.2 Authentication Protocols in Wireless Networks. . . . . . . . . . 555 18.4 Effects of Authentication on Security and QoS . . . . . . . . . . . . . . . . . . . 556
18.4.1 Overview of Challenge-Response Authentication . . . . . . . 556 18.4.1.1 Intra-Domain Handoff Authentication . . . . . . . . . 557 18.4.1.2 Session Authentication . . . . . . . . . . . . . . . . . . . . . . . . . 557 18.4.1.3 Inter-Domain Handoff Authentication . . . . . . . . . 559
18.4.2 Effects of Authentication on Security and QoS Metrics . . 559 18.5 Analytical Model and Performance Evaluation . . . . . . . . . . . . . . . . . . . 560
18.5.1 System Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 18.5.1.1 Scenario. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 18.5.1.2 Mobility Pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 18.5.1.3 Traffic Pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562
18.5.2 Performance Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562 18.5.2.1 Security Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563 18.5.2.2 Average Authentication Cost . . . . . . . . . . . . . . . . . . . 563 18.5.2.3 Average Authentication Delay . . . . . . . . . . . . . . . . . 564
18.5.3 Numerical Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 18.5.3.1 Assumptions and Parameters . . . . . . . . . . . . . . . . . . 565 18.5.3.2 Effects of Mobility Pattern at Different
Security Levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 18.5.3.3 Effect of Traffic Load at Different
Security Levels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 18.6 Experimental Studies on Authentication Mechanisms
in WLANs with IP Mobility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570 18.6.1 Security Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 18.6.2 Experimental Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574
18.6.2.1 Authentication Time. . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 18.6.2.2 Authentication Cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574
18.7 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
18.1 Overview The emergence of public access wireless networks enables ubiquitous Internet services, whereas inducing more challenges on security concerns due to a shared transmission medium. As one of the most widely used security mechanisms, authentication is used to provide secure communications by preventing unauthorized usage and negotiating credentials for verification. However, authentication protocols can cause large signaling overhead and end-to-end delay of communications, further deteriorating overall system performance. Therefore, we study the effects of authentication on quality-of-service (QoS) of roaming mobile users with Internet protocol (IP) mobility because, ultimately, the goal of using security protocols is to provide users with reliable services. In this chapter we first provide an introduction to authentication mechanisms in mobile wireless networks. Then we describe a simple classification of security levels based on security functions, that is, information secrecy, data integrity, and resource availability. More importantly, we focus on the network security protocols that are applicable to wireless local area networks (WLANs) because WLANs are currently being used widely for wireless access to the Internet. After that, we present an analytical model to evaluate the effects of authentications on QoS in different mobile environments. Finally, we provide real-time measurements of authentication delays and overhead through an experimental study to manifest the significant effects of authentication protocols in wireless networks.
