A network-assisted mobile VPN for securing users data in UMTS

نویسندگان

  • Christos Xenakis
  • Christoforos Ntantogian
  • Ioannis Stavrakakis
چکیده

This paper proposes a network-assisted mobile Virtual Private Network (mVPN) security scheme that provides secure remote access to corporate resources over the Universal Mobile Telecommunication System (UMTS). The proposed scheme, which is based on IPsec, distributes the required security functionality for deploying a VPN between the involved user’s device and the mobile network limiting the configuration, computation and communication overheads associated with the user and its device. The network-assisted mVPN addresses the security weaknesses of the UMTS technology in protecting users’ data and satisfies the security requirements of the mobile users. It can be integrated into the UMTS network infrastructure requiring only some limited enhancements to the existing mobile network architecture, and without disrupting the network operation. For the initialization of a network-assisted mVPN and the related key agreement an extension of Internet Key Exchange version 2 (IKEv2) is proposed. The proposed network-assisted mVPN can operate seamlessly and provide security services continuously while the mobile user moves and roams as it binds the UMTS mobility management with the VPN deployment. The deployment cost of the proposed scheme is evaluated analytically and via simulations and is compared to that of the end-to-end (e2e) VPN scheme that protects the data exchanged between the mobile user and the remote server, and a scheme that does not include any additional security mechanism. The proposed scheme increases the cumulative VPN deployment cost compared to the e2e scheme, but on the other hand it limits considerably the VPN deployment cost of the involved MS, which is important due to it resource limitation. Moreover, it does not considerably affect the capacity of the UMTS network. Finally, the deployed network-assisted mVPN hardly has an impact on the total delay of the transmitted user’s packets.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Seamless Mobile Vpn Data Solution for Umts and Wlan Users

Mobile virtual private networks (MVPNs) can provide remote users with easy, secure high-speed access to their enterprise network resources. There is a tremendous market opportunity for operators who can meet the needs of these users. Third-generation (3G) systems, such as Universal Mobile Telecommunications System (UMTS), and IEEE 802.11b wireless local area network (WLAN) systems have compleme...

متن کامل

IPsec-based end-to-end VPN deployment over UMTS

Next generation mobile users require flexible security mechanisms, which provide customized security services to data traffic, take into account end-user mobility and mobile network characteristics, and are available anywhere–anytime. An IPsecbased end-to-end Virtual Private Network (VPN) deployment scheme over the Universal Mobile Telecommunication System (UMTS) is proposed and analysed. The U...

متن کامل

Alternative Schemes for Dynamic Secure VPN Deployment in UMTS

Three alternative schemes for secure Virtual Private Network (VPN) deployment over the Universal Mobile Telecommunication System (UMTS) are proposed and analyzed. The proposed schemes enable a mobile node to voluntarily establish an IPsec-based secure channel to a private network. The alternative schemes differ in the location where the IPsec functionality is placed within the UMTS network arch...

متن کامل

Security in 3 Generation Mobile Networks

In the last few years, we have witnessed an explosion in demand for security measures motivated by the proliferation of mobile/wireless networks, the fixedmobile network convergence, and the emergence of new services, such as ecommerce. 3G-systems play a key role in this network evolution, and thus, all stakeholders are interested in the security level supported in the new emerging mobile envir...

متن کامل

On Demand Network-wide VPN Deployment in GPRS

The Mobile Internet requires enhanced security services available to all mobile subscribers in a dynamic fashion. A network-wide Virtual Private Network (VPN) deployment scenario over the General Packet Radio Service (GPRS) is proposed and analyzed from a security viewpoint. The proposed security scheme improves the level of protection that is currently supported in GPRS and facilitates the rea...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Computer Communications

دوره 31  شماره 

صفحات  -

تاریخ انتشار 2008