Authors: Fabien Allard, Jean-Marie Bonnin
Addresses: France Telecom R&D, 38-40 rue du General Leclerc, Issy-Les-Moulineaux 92794, France. ' GET/ENST Bretagne, CS17607, Cesson Sevigne 35576, France
Abstract: The use of the internet must be able to be in confidence for users but security provisioning has a cost for Internet Service Providers (ISPs). In a mobility context, this security must be set up from scratch after each handover and for each customer. Therefore, a mechanism has been designed in standardisation bodies: the Context Transfer. This mechanism aims to transfer suitable information between equipments in order to reduce handover time. The benefit for an operator would then be a same security level during and after handover in mobile networks but with a cost as lower as possible. After a state of the art of context transfer for security, this paper quickly presents the Context Transfer Protocol (CXTP) defined at the Internet Engineering Task Force (IETF). Then, it defines the IPsec context and finally, it describes a CXTP-based solution to transfer this context between two access routers in a IPv6 mobility environment.
Keywords: context transfer protocol; CXTP; network security; IPsec; security association database; SAD; security policy database; SPD; internet key exchange; IKE; network mobility; mobile IPv6; handover time optimisation; mobile networks.
International Journal of Communication Networks and Distributed Systems, 2008 Vol.1 No.1, pp.110 - 126
Published online: 18 Feb 2008 *Full-text access for editors Access for subscribers Purchase this article Comment on this article