{"title":"移动IPv6安全穿越NAT","authors":"G. Kim, J. Han, D. Seo","doi":"10.1109/ICON.2003.1266212","DOIUrl":null,"url":null,"abstract":"The mobile IPv6 protocol allows a mobile node to move from one link to another without changing the mobile node's home address by using a care-of address. When a mobile node moves to a foreign link behind a NAT, it uses a local-scope care-of address, which has been allocated by a foreign router dominating the visited network, as identification of itself. On the other hand, other nodes outside the NAT are going to identify the mobile node by a public care-of address translated into from the local-scope care-of address by the NAT. As each security mechanism running over mobile IPv6 relies on the IP address information, it brings about many critical problems. Therefore, in this paper, we propose some modifications to the legacy mobility messages by just adding single flag to address incompatibilities caused by NAT-deployment. With the new proposed mechanism, we can provide secure and seamless IPv6 mobility services regardless of the mobile node's current point of attachment to the Internet, even though it is located behind a NAT.","PeriodicalId":122389,"journal":{"name":"The 11th IEEE International Conference on Networks, 2003. ICON2003.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-09-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Mobile IPv6 security while traversing a NAT\",\"authors\":\"G. Kim, J. Han, D. Seo\",\"doi\":\"10.1109/ICON.2003.1266212\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The mobile IPv6 protocol allows a mobile node to move from one link to another without changing the mobile node's home address by using a care-of address. When a mobile node moves to a foreign link behind a NAT, it uses a local-scope care-of address, which has been allocated by a foreign router dominating the visited network, as identification of itself. On the other hand, other nodes outside the NAT are going to identify the mobile node by a public care-of address translated into from the local-scope care-of address by the NAT. As each security mechanism running over mobile IPv6 relies on the IP address information, it brings about many critical problems. Therefore, in this paper, we propose some modifications to the legacy mobility messages by just adding single flag to address incompatibilities caused by NAT-deployment. With the new proposed mechanism, we can provide secure and seamless IPv6 mobility services regardless of the mobile node's current point of attachment to the Internet, even though it is located behind a NAT.\",\"PeriodicalId\":122389,\"journal\":{\"name\":\"The 11th IEEE International Conference on Networks, 2003. ICON2003.\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-09-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 11th IEEE International Conference on Networks, 2003. ICON2003.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICON.2003.1266212\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 11th IEEE International Conference on Networks, 2003. ICON2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2003.1266212","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The mobile IPv6 protocol allows a mobile node to move from one link to another without changing the mobile node's home address by using a care-of address. When a mobile node moves to a foreign link behind a NAT, it uses a local-scope care-of address, which has been allocated by a foreign router dominating the visited network, as identification of itself. On the other hand, other nodes outside the NAT are going to identify the mobile node by a public care-of address translated into from the local-scope care-of address by the NAT. As each security mechanism running over mobile IPv6 relies on the IP address information, it brings about many critical problems. Therefore, in this paper, we propose some modifications to the legacy mobility messages by just adding single flag to address incompatibilities caused by NAT-deployment. With the new proposed mechanism, we can provide secure and seamless IPv6 mobility services regardless of the mobile node's current point of attachment to the Internet, even though it is located behind a NAT.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
