1 / 9

A Scheme of Mobile Firewall in Mobile IPv6

A Scheme of Mobile Firewall in Mobile IPv6. draft-qiu-mip6-mobile-firewall-00.txt Feng BAO, Robert DENG, Ying QIU, Jiangying ZHOU 4 October 2014. What are the features of mobile firewall.

enye
Download Presentation

A Scheme of Mobile Firewall in Mobile IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Scheme of Mobile Firewall in Mobile IPv6 draft-qiu-mip6-mobile-firewall-00.txt Feng BAO, Robert DENG, Ying QIU, Jiangying ZHOU 4 October 2014

  2. What are the features of mobile firewall • The guardians can track and control the activities of guarded person when they visit foreign domain as well as in home domain. • The firewall will run at Mobility Anchor Point(MAP) that the Mobile Node(MN) visited. • The guardians could dynamically monitor and control the mobile node’s (MN) activities through a remote machine. • All operations are transparent to the guarded person. • The guardians could remotely specify the security rules of the firewall.

  3. Where are the firewalls employed HA HA: Home Agent CN: Correspondent Node MAP: Mobility Anchor Point AR: Access Router MN: Mobile Node CN Internet CN Firewall MAP AR2 AR1 movement MN MAP’s Domain

  4. How to implement the mobile firewall • Security Tables (I) Focuses on how to effectively manage the security stuff, such as security keys, security associations, security rules, etc. in order to minimize the overhead on mobile devices and provide strong security. • Trust MAP cache (in Home Agent HA) • Security association cache (in HA) • Security association cache (in MAP)

  5. How to implement the mobile firewall • Security Tables (II) • Security rule cache (in both HA and MAP)

  6. How to implement the mobile firewall

  7. How to implement the mobile firewall • Messages in Mobile Firewall REG_REQ = {Src=HoA, Des=HA, RCoA, MAP, Flag, Ran} MAP_DNY = {Src=HA, Des=RCoA, HoA, MAP, Denial, Ran} IKE Negotiated messages INI_REQ = {Src=HoA, Des=CN, CoA(RCoA), Req, Ran} SEC_RUL = {Src=HoA, Des=MAP, rules*, SIG_h} rules*= e(k_en, security_rules) SIG_h = (S_h, HoA|MAP|rules*) MN_LOG = {Src=MAP, Des=HoA, i, HoA, log*} log*= e(k_en, activity_log)

  8. Conclusion

  9. Q & AThanks

More Related