Security For Heterogeneous Wireless Networks

Many wireless technologies nowadays have been standardized and commenced, but each technology has a different coverage area and bandwidth limitations. So that there is need to integrate these technologies to work together in order of benefit of sharing resources. Thus, interworking between heterogeneous wireless networks is tremendously important for ubiquitous and high performance wireless communications.As we know each technology has distinctive security architecture to compare with others, it emerge that to have security architectures that ful-fill the desire of all technologies is a big challenge.In this thesis we shall discuss how we can authenticate a user who want to roams from one type wireless technology to another type of technology that have agreements of roaming between them.Especially when you consider that Handover is essential to user mobility in the network to maintain a traffic connection with a mobile user.Handover occurs when a user moves from the coverage area of one cell to another. A new connection with the new cell must be set up, and the old connection terminated. Handover can be used, in certain circumstances, to distribute load/users to less loaded cells or access technologies.The work will be classified as follows:We shall discuss the traditional methods that are used to reauthenticate the user when roams to different domains, and that methods we shall discuss are Media-Independent Preauthentication (MPA), shadow registration, optimistic access as traditional methods. In our work we shall explain how each one works and it is difficulties that don't help much in decreasing the handoff delay. As we shall see MPA is more secure but it needs to perform pre-configuration and pre-authentication to the target network before the actual handover take place. Shadow registration method, a security association is established between the MN and every neighboring AAA server before the MN handovers to region controlled by the AAA server. The registration will already be completed when MN moves to particular call, and the only necessary AAA operations that are required will be processed locally in the new domain without communicating with the MN's home domain.And another traditional method is optimistic access method, in this method the strong authentication is delayed until the handoff is actually completed. Some how it decrease in large amount the delaying but due to the lack of strong authentication during handoff it is easier for malicious to compromise with network, and might be suitable for private networks where people are more trustworthy.In the proposed method, certificate like-proof tokens are used to complete an EAP-Token authentication method. The use of EAP-token will be beneficial for future heterogeneous wireless networks to achieve fast reauthentication when roaming from one domain to the other. This is especially useful for international travelers who roam across political boundaries, as only major network operators roam internationally.The user can first connect to a major operator in the foreign country which has roaming agreements with his Home Network using that connection, he gets a proof token and establishes a trust path to other wireless networks which may have roaming agreements with major network operator. Once he hops around a few wireless networks, he should be able to connect to almost all of the wireless networks in that country, as most wireless operators have well-connected roaming agreements within a country.