| In recent years, the rapid development of Internet technology and mobilecommunication technology promote the development of IP based mobile Internettechnology. Mobile IPv6technology becomes the preferred networking protocols ofmobile Internet for its excellent mobility support. However, the openness for mobileenvironment and dynamic topology makes MIPv6network suffer from serious securitythreats, such as man-in-middle attack, DoS attack and so on. On the other hand, MIPv6protocol does not provide any security protection for mobile handover and datatransmission process. As a result, security problem in MIPv6network is veryconspicuous. Moreover, the mobility management such as handover and binding updateprocess of MIPv6caused by its dynamic topological structure degrade the overallnetwork performance, which affects the QoS of the network further. Hence, it is of greatsignificant to research secure mobility management technology of MIPv6networktheoretically and practically.In this thesis, security mechanisms in MIPv6network, MIPv6handovermanagement and performance optimization, the security and handover performance ofmobile network, traffic control of multi-homed mobile network are analyzed firstly.Then a security framework in IP layer is designed for MIPv6network, and securemobility management issues such as handover for node and mobile network, routingselection in multi-homed mobile network are studied in-depth based on this securityarchitecture. Main content and contributions in this paper are summarized as follows:1. A novel mobile IPsec protocol (MIPSec) for MIPv6network environment isproposed to solve the security issues for MIPv6network mobility management. MIPSecis a new IP layer security architecture extended from IPSec protocol which is embeddedin IPv6. In the proposed protocol, several aspects are designed to improve MIPv6network security, including traffic protocols security enhancement, security policyoptimization, contextual support for mobility, authentication protocol enhancement andextension. Security analysis indicates that the proposed MIPSec can not only meet theneeds of MIPv6mobility, but also provide end to end security protection to resistagainst almost all kinds of attacks effectively.2. A secure fast MIPv6handover scheme is proposed to solve the handover delayissues caused by the introduction of security mechanisms in MIPv6. Based on MIPSecarchitecture, the scheme combines FMIPv6signaling and authentication information to achieve handover and authentication simultaneously, which diminishes the handovercomplexity and thus reduces its handover delay greatly.3. A secure asynchronous handover scheme is proposed to solve the secure andperformance issues caused by handover process of network mobility (NEMO). Nestednetwork architecture and tunneling mechanism are used to deal with handover problemsin NEMO basic protocol. As a result, triangle routing process caused by nestedarchitecture and extra authentication process may increase the handover delay anddegrade the quality of service further. To solve the problems, an asynchronous handoverscheme is proposed, in which handover of mobile router and inner nodes are carried outasynchronously, and routing optimization is considered as well. Compared with thebasic NEMO protocol, the proposed scheme can not only achieves route optimizationand guaranteed handover safety, but also reduces handover delay.4. Multi-homed mobile network is appeared in order to improve the reliability ofthe mobile network with more than one mobile router. A trusted based routing selectionalgorithm in IPv6multi-homed mobile networks is proposed to avoid overloadingproblem caused by the concentration of a large quantity of data in a few mobile routers.The proposed algorithm establishes a multi-attribute decision model by introducingmultiple decision attribute information, and uses the combination weighting method tocalculate the trust value of each router. A mobile node can access to an optimal mobilerouter to avoid single point of failure problem and balance network traffic, thus improveoverall network performance and security. |
PDF Full Text Request