Abstract for HONS 08/05 - Computer Science and Software Engineering - University of Canterbury - New Zealand
HONS 08/05

Development of Secure IPsec Tunnelling in a Mobile IP Architecture

Vincent Pau
Department of Computer Science
University of Canterbury

Abstract

Internet Protocol security (IPsec) is a widely accepted standard for securing IP network traffic but has limited functionality in a Mobile IP environment. The aim of this research is to develop a solution that enables mobile nodes to handoff IPsec tunnels in a transparent manner when moving between different networks. Previous researches suggest two general approaches to solving this problem: to run IPsec over Mobile IP, or to dynamically update the IPsec tunnel endpoints. As part of this research, we proposed a variation of the latter approach, whereby Mobile IP registration messages are used to update the IPsec tunnel endpoints. The solution enables a mobile node to establish an IPsec tunnel once and maintain the tunnel across handoffs. A testbed was developed for evaluating the performance of the various approaches under different handoff conditions. The proposed solution was implemented and tested successfully on the testbed, proving its feasibility. The study also compares the performance of the proposed solution against running IPsec over Mobile IP, and the current approach of re-establishing new IPsec tunnels. Although the proposed solution is more complex compared to running IPsec over Mobile IP, the results show that it is more efficient in terms of bandwidth overhead. The results also show that the proposed solution has a lower handoff delay compared to the current approach of re-establishing new IPsec tunnels.

  • Phone: +64 3 369 2777
    Fax: +64 3 364 2569
    CSSEadministration@canterbury.ac.nz
  • Computer Science and Software Engineering
    University of Canterbury
    Private Bag 4800, Christchurch
    New Zealand
  • Follow us
    FacebookYoutubetwitterLinked In