FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1471449807> ?p ?o ?g. }

• W1471449807 abstract "A survey of NEMO route optimization protocols has been conducted, with the result that a correspondent router based approach, where a tunnel for traffic forwardingis established between a mobile router and a correspondent router, is the most adequate approach for the safety related aeronautical communicationsenvironment. This protocol provides several benefits, which are (1) a short end-to-end communications delay, (2) an optimized route to several correspondent nodes provided by a single correspondent router simultaneously and (3) transparency to the end-systems in the mobile network and on the ground. The correspondent router does not suffer from a single point of failure problem either– the failure of a correspondent router only affects correspondent nodes located within the same correspondent network. Communication with correspondentnodes located in other networks, served by different correspondent routers, is still possible. This is not the case for the basic NEMO protocol, where routing from and to the mobile router is not possible anymore in case of home agent failures. Within this thesis, security deficiencies have been identified for the original correspondent router protocol that prevent its usage within a safety related communications environment. Also, the original protocol requires a reachable home agent for establishing the direct routing path to the correspondent router.An improved correspondent router protocol – SeNERO – was therefore defined that provides the advantages of increased security, reduced handover delay and reducedsignaling overhead. Furthermore, the new protocol does not rely on a home agent anymore, that has to be considered being a single point of failure. SeNERO is unique in offering all these properties, which is not the case for the related work. The authentication method used within SeNERO relies on X.509 certificates that authenticate the IP address prefixes of mobile router and correspondent router. Asymmetric cryptography is therefore used within the initial authentication. In subsequent authentications, only symmetric cryptography isused, based on a session key established between mobile router and correspondent router.For the security evaluation, a threat model was specified to support a detailed security analysis of mobility/route optimization protocols. Based on this model, it was shown that the new protocol resolves the mobile network prefix and correspondent router prefix hijacking attacks that were identified for the original correspondent router protocol.A performance improvement was shown for the handover latency and signaling overhead when comparing SeNERO to the original correspondent router protocol. For the handover latency, the analytical results showed a latency improvement of 9–50% for SeNERO, depending on the scenario. The same holds for the simulation results with an improvement in the range of 12%–51%. These results werealso confirmed by the test-bed based evaluation that showed an improvement of 13–51%. Additional simulations were performed using the aeronautical wireless link technology L-DACS 1. This allowed to study the impact of a varying radio cell load upon the handover latency. More detailed, the three investigated scenarios covered the range from small to medium up to overload traffic situations. It was shown that SeNERO performs better throughout all scenarios, although the performance improvement decreases with an increased radio cell load. While a 81% improvement can be achieved in a situation with a small radio cell load, this performance advantage decreases to 58% and 32% for the medium and overloadscenarios. A reduced handover latency is important for safety related communications, as a shorter latency decreases the number of packets dropped duringa handover. The signaling overhead of the original correspondent router protocol, while initially small, was shown to increase over time due to periodic signaling.SeNERO has a high initial overhead that remains constant over time. It was shown that the new protocol is more bandwidth efficient if an optimized path between a mobile router and correspondent router has to be kept alive for more than 20 minutes. As this is usually the case for ATS communications, the new protocol can be considered being more bandwidth efficient within the aeronautical setting.SeNERO resolves the single point of failure represented by the home agent by using certificates instead of signaling message exchanges via the home agent for prefix authentication. This requires a public key infrastructure with a certificate authority (trust anchor) that is authoritative for IP prefix assignments and trustedby both mobile router and correspondent router. This would constitute another single point of failure. In addition, this approach would not reflect the air traffic control communications environment, where the decision on who can receive a certificate and authenticate within a country or region should be subject to the decision of said country or region.This issue has been resolved by the X.509 identity certificate extension defined within this thesis. It introduces a distributed architecture that replaces the single global trust anchor with a distributed set of local trust anchors. Such a local trust anchor should be operated by each country or region where an aircraft has to perform authentication operations. An extended identity certificate contains several properties (such as the identity and an IP address prefix) assigned by different certificate authorities. Signatures generated by these authorities bind the properties to the public key of the certificate holder. Certificate authorities located within the correspondent networks, so called local certificate authorities, issue and sign the these certificates containing the assigned properties. Verifiers within the same network/trust domain as the local certificate authority can then validate a certificate issued by a local certificate authority based on the signature and revocation information provided by the local certificate authority only. No inter-domain operations with any other certificate authority are therefore necessaryfor the verifier at runtime. When used with SeNERO, a correspondent router can verify a mobile router’s certificate by only relying on the certificate authority that is located within the correspondent router’s network domain. The same holds for the verification of the correspondent router’s certificate by the mobile router. During the preconfiguration (pre-flight) phase, the aircraft (mobile router) only has to verify the validity of the certificate of the correspondent router’s local certificate authority and its delegation certificates. When performing route optimizationsignaling, the mobile router can verify the correspondent router certificate by relying on the correspondent router’s local certificate authority only. An illustration for this is provided in Figure 9.1. This distributed architecture eliminates the single point of failure problem that is present for other approaches. The non-availability of a local certificate authority only prevents authentication operationswithin the domain represented by this certificate authority, but does not affect other domains.An additional advantage of the extended certificate model is that the mobile router can only authenticate to the correspondent router with a certificate signed and issued by the correspondent router’s local certificate authority. The correspondent router does not have to use any trust anchors except for the local one. This certificate authority will in turn only have to trust other certificate authorities forassigning properties from domains for whom these are authoritative. Hence, the decision on who can authenticate within a country or region (local domain) is with the certificate authority of this country or region.Maurer’s calculus was extended to support modeling cross-certification and the extended identity certificates. Based on this calculus, the authenticity of a public key and its associated properties can be inferred from the perspective of the verifier, the mobile router or correspondent router. The extended identity certificates, as defined for use within the SeNERO protocol, have been verified based on thisapproach. This was performed based on both a local and an inter-domain verification. In the local verification, the logical inferencing only requires the local but no foreign certificate authorities. In the inter-domain verification, the inferencing does require inter-domain operations with foreign certificate authorities for verifying every individual property assignment or delegation. Either way, the authenticity of the mobile router’s and correspondent router’s public keys and associated properties – identity and IP address prefixes – have been successfully derived." @default.
• W1471449807 created "2016-06-24" @default.
• W1471449807 creator A5024763133 @default.
• W1471449807 date "2013-04-30" @default.
• W1471449807 modified "2023-09-24" @default.
• W1471449807 title "Secure and Efficient IP Mobility Support for Aeronautical Communications" @default.
• W1471449807 cites W148814131 @default.
• W1471449807 cites W1490838413 @default.
• W1471449807 cites W1515595447 @default.
• W1471449807 cites W1521979543 @default.
• W1471449807 cites W1524251652 @default.
• W1471449807 cites W1527701244 @default.
• W1471449807 cites W1528900342 @default.
• W1471449807 cites W1529577725 @default.
• W1471449807 cites W1537163337 @default.
• W1471449807 cites W1544050377 @default.
• W1471449807 cites W1549671385 @default.
• W1471449807 cites W1552576883 @default.
• W1471449807 cites W1566822127 @default.
• W1471449807 cites W1569083856 @default.
• W1471449807 cites W1574475986 @default.
• W1471449807 cites W1574678373 @default.
• W1471449807 cites W1588468557 @default.
• W1471449807 cites W1595501911 @default.
• W1471449807 cites W1607643969 @default.
• W1471449807 cites W1656731780 @default.
• W1471449807 cites W1658445904 @default.
• W1471449807 cites W1660562555 @default.
• W1471449807 cites W1697163341 @default.
• W1471449807 cites W1701093248 @default.
• W1471449807 cites W1710433637 @default.
• W1471449807 cites W1733226937 @default.
• W1471449807 cites W1736823401 @default.
• W1471449807 cites W1778387619 @default.
• W1471449807 cites W1782343411 @default.
• W1471449807 cites W178433306 @default.
• W1471449807 cites W1862271745 @default.
• W1471449807 cites W1905021885 @default.
• W1471449807 cites W1923289336 @default.
• W1471449807 cites W1923594657 @default.
• W1471449807 cites W1945910338 @default.
• W1471449807 cites W1963766033 @default.
• W1471449807 cites W1965324560 @default.
• W1471449807 cites W1979209182 @default.
• W1471449807 cites W1979215153 @default.
• W1471449807 cites W1980867762 @default.
• W1471449807 cites W1983107032 @default.
• W1471449807 cites W1985656666 @default.
• W1471449807 cites W1988577303 @default.
• W1471449807 cites W1989131747 @default.
• W1471449807 cites W1993520755 @default.
• W1471449807 cites W1996360405 @default.
• W1471449807 cites W1998077247 @default.
• W1471449807 cites W1998902045 @default.
• W1471449807 cites W2001424946 @default.
• W1471449807 cites W200203361 @default.
• W1471449807 cites W2003590000 @default.
• W1471449807 cites W2008360166 @default.
• W1471449807 cites W2008524185 @default.
• W1471449807 cites W2010376614 @default.
• W1471449807 cites W2011741407 @default.
• W1471449807 cites W2021107706 @default.
• W1471449807 cites W2022278905 @default.
• W1471449807 cites W2024367418 @default.
• W1471449807 cites W2029693536 @default.
• W1471449807 cites W2034880514 @default.
• W1471449807 cites W2048465685 @default.
• W1471449807 cites W2051053018 @default.
• W1471449807 cites W2051748901 @default.
• W1471449807 cites W2058368100 @default.
• W1471449807 cites W2061943078 @default.
• W1471449807 cites W2063862901 @default.
• W1471449807 cites W2065283652 @default.
• W1471449807 cites W2066747174 @default.
• W1471449807 cites W2070967471 @default.
• W1471449807 cites W2073897805 @default.
• W1471449807 cites W2079086509 @default.
• W1471449807 cites W2079585736 @default.
• W1471449807 cites W2079870912 @default.
• W1471449807 cites W2087937661 @default.
• W1471449807 cites W2090660947 @default.
• W1471449807 cites W2092281309 @default.
• W1471449807 cites W2094256161 @default.
• W1471449807 cites W2099990317 @default.
• W1471449807 cites W2100716098 @default.
• W1471449807 cites W2101164028 @default.
• W1471449807 cites W2110264974 @default.
• W1471449807 cites W2110491615 @default.
• W1471449807 cites W2112004167 @default.
• W1471449807 cites W2113124792 @default.
• W1471449807 cites W2113661795 @default.
• W1471449807 cites W2114245118 @default.
• W1471449807 cites W2114936722 @default.
• W1471449807 cites W2116394850 @default.
• W1471449807 cites W2116726174 @default.
• W1471449807 cites W2116876232 @default.
• W1471449807 cites W2119400951 @default.
• W1471449807 cites W2119747491 @default.
• W1471449807 cites W2120239433 @default.
• W1471449807 cites W2121670402 @default.

• next