Proposed Solution Conclusion 107

The proposed solution is based on three unique security implementations. Cryptographically Generated Addresses, Return Routability and Authentication Verification.

The first two technologies are well-established techniques. Cryptographically Generated Addresses provide a reasonable assurance that the address of the user is indeed owned by them and not spoofed. Return Routability provides location authentication proving the communicating device is at the IP address claimed and again combats spoofing.

The third aspect of the security protocol provides solid device authentication and can be expanded to include user authentication in case of device theft.

Adding security features means that there will be an increase in processing power needed by devices. To resolve this issue the protocol proposes using a distributed authentication architecture. The home agent itself will perform part of the processing of the authentication data. This should provide several benefits such as lowering the overall time for the authentication to complete, as different parts of the authentication would occur on the mobile node and at the home agent.

The advantages of using a distributed authentication protocol is that there is a predicted increase in processing speed concerning the completion of security techniques which at the same time not over burdening the mobile processor with all the work.

The disadvantage is that there is an increase in network traffic, however optimisation to the protocol may be able to reduce this.

MN CN MHA HA 3, 6 10,15 7 4 9,14 2,5 12 13 7 4 1 6 8,11

The research attempted to discover the different types of future technologies in development, which may be incorporated into the 4G fourth Generation mobile network. One technology stood out which allows multiple phone numbers, or identities, to be simultaneously used on a single sim card. Different wireless transmission technologies were also investigated such as WI-FI and WiMAX. Taking advantage of these technologies, a new security solution was created based on return routability. Secret tokens are sent to the addresses of the mobile node and the home agent of both identities. This provides reasonable reassurance of two things, 1, the mobile node is indeed in the location it claims to be and 2, proves that mobile node has ownership of both identities providing a cheap authentication solution. Dual Identity Return Routability has been designed to be incorporated with the distributed authentication protocol however could be used as a stand-alone security solution. This may be useful for distributed mesh networks, which could be formed with the use of WiMAX. However, no matter which transmission technology is used for 4G networks, Dual Identity Return Routability will be compatible because it works on the IP level making it particularly useful for hybrid networks.

A number of attacks exist which attempt to disrupt or hijack communication by exploiting the vulnerability of the Mobile IPv6 route optimization protocol between the mobile and the correspondent nodes.

The location of the mobile node is sensitive data that can be used to mount attacks. Security solutions, which protect the location data, were researched however these solutions increased the communication latency between the communicating nodes.

Mobile agents technology was used as the basis for the proposed security protocol as it could potentially change the way networks operate. Mobile home agents are autonomous software based programs, which act as a proxy home agent, which follows the mobile node as it moves from point of attachment to point of attachment. Mobile agents can migrate to another node on the network independently of any other process making them suitable to this task.

Even though the solution reintroduces triangle routing, there is a negligible latency increase as the mobile home agent resides on the point of attachment therefore data packets would have to pass via the point of attachment to reach the mobile node.

Mobile agents work well in heterogeneous networks and are capable of managing network messages, this allows the location privacy of the mobile node to remain protected by the mobile home agent as it acts as a proxy, passing all messages to the mobile node via a secure tunnel.

The mobile home agent duplicates itself when migrating from the mobile node to a new point of attachment and is transmitted to the new point of attachment where it continues to act as the proxy for the mobile node. These entities are monitored by the home agent to ensure they are reachable.

The advantage of the proposed solution is that the location of the mobile node is protected without an increase in communication latency, it is entirely software based and no new hardware needs to be introduced, making it a very cost effective option.

The only disadvantages is that every point of attachment may have to be modified to accept mobile agents and the behaviour of the mobile home agent relies heavily on robust A.I programming as they autonomously.

The proposed solution will be tested with the network simulation software Omnet. The results will be gathered and compared to other security solutions in terms of effectiveness and impact on latency and resources. The next chapter will provide the evidence that the proposed unique security solution is robust and effective in protecting the binding updates on the mobile node and this is backed up by the results in section 6.5 of the simulations conducted.

6. Simulation