Secure and scalable roaming support in heterogeneous access networks

Abstract: Mobility support for users connecting to the Internet is an increasing trend. Different types of access networks like WiFi, CDMA, and UMTS are available, creating a heterogeneous access network environment. In the Internet today, there are a number of providers of various sizes supporting different technologies. Moving between such operators different types of authentication methods are often used interrupting ongoing services. This, in combination with lacking roaming agreements makes mobility among them with maintained connectivity and uninterrupted services difficult or even impossible. This thesis proposes an extended functionality to the Authentication, Authorization and Accounting, (AAA) protocol that enables a single AAA infrastructure to exist in a heterogeneous network environment and that enables interconnection between different operators in a tree-like structure of AAA servers. Mobile devices will maintain their IP address while connected to a network different from the home network independent of the network access technology. Furthermore, a scalability study is carried out in order to determine what is required from an AAA system in order for it to perform when dealing with larger numbers of users, service providers as well as supporting new technologies. A method for providing information for handover decisions for intra- and inter-operator mobility is also proposed. The proposed method selects the access network that according to a metric based on jitter and delay shows best performance. Evaluations show that authentication and IP address assignment can be supported in an efficient way in comparison with state of the art for both Ethernet and PPP based access networks using a common AAA infrastructure. CPU, memory and network link capacity in the home AAA server are identified as the primary bottlenecks when discussing scalability in RADIUS based AAA infrastructures and guidelines are proposed to address scalability issues during system design. The metric proposed to support in handover decisions shows that bandwidth can be estimated with more than 90% accuracy for WiFi, CDMA, and UMTS access networks.