Cover image for AAA and network security for mobile access : radius, diameter, EAP, PKI, and IP mobility
AAA and network security for mobile access : radius, diameter, EAP, PKI, and IP mobility
Personal Author:
Publication Information:
Chichester, England : John Wiley & Sons, 2005
Added Author:


Item Barcode
Call Number
Material Type
Item Category 1
30000004714949 TK5103.4885 N34 2005 Open Access Book Book

On Order



AAA (Authentication, Authorization, Accounting) describes aframework for intelligently controlling access to networkresources, enforcing policies, and providing the informationnecessary to bill for services.

AAA and Network Security for Mobile Access is aninvaluable guide to the AAA concepts and framework, including itsprotocols Diameter and Radius. The authors give an overviewof established and emerging standards for the provision of securenetwork access for mobile users while providing the basic designconcepts and motivations.

AAA and Network Security for MobileAccess :

Covers trust, i.e., authentication and security key managementfor fixed and mobile users, and various approaches to trustestablishment. Discusses public key infrastructures and provides practicaltips on certificates management. Introduces Diameter, a state-of-the-art AAA protocol designedto meet today?s reliability, security and robustnessrequirements, and examines Diameter-Mobile IP interactions. Explains RADIUS (Remote Authentication Dial-In User Services)and its latest extensions. Details EAP (Extensible Authentication Protocol) in-depth,giving a protocol overview, and covering EAP-XXX authenticationmethods as well as use of EAP in 802 networks. Describes IP mobility protocols including IP level mobilitymanagement, its security and optimizations, and latest IETFseamless mobility protocols. Includes a chapter describing the details of Mobile IP and AAAinteraction, illustrating Diameter Mobile IP applications and theprocess used in CDMA2000. Contains a section on security and AAA issues to supportroaming, discussing a variety of options for operator co-existence,including an overview of Liberty Alliance.

This text will provide researchers in academia and industry,network security engineers, managers, developers and planners, aswell as graduate students, with an accessible explanation of thestandards fundamental to secure mobile access.

Author Notes

Madjid Nakhjiri is currently a researcher and networkarchitect with Motorola Labs. He has been involved in the wirelesscommunications industry since 1994. Over the years, Madjid hasparticipated in the development of many cellular and public safetymission-critical projects, ranging from cellular location detectionreceiver design and voice modeling simulations to the design ofarchitecture and protocols for QoS-based admission, call control,mobile VPN access and AAA procedures for emergency responsenetworks. Madjid has been active in the standardization of mobilityand security procedures in IETF, 3G and IEEE since 2000 and is acoauthor of a few IETF RFCs. Madjid has also coauthored many IEEEpapers, chaired several IEEE conference session and has many patentapplications in process.

Mahsa Nakhjiri is currently a systems engineer withMotorola Personal Devices and is involved in future cellulartechnology planning. Mahsa holds degrees in Mathematics andElectrical Engineering and has specialized in mathematical signalprocessing for antenna arrays. She has been involved in research oncellular capacity planning and modeling, design and simulation ofradio and link layer protocols and their interaction with transportprotocols in wireless environments. Mahsa has also worked withcellular operators on mobility and AAA issues from an operatorperspective.

Table of Contents

About the author
Chapter 1 The 3 "A"s: Authentication, Authorization, Accounting
1.1 Authentication Concepts
1.2 Authorization
1.3 Accounting
1.4 Generic AAA Architecture
1.5 Conclusions and Further Resources
1.6 References
Chapter 2 Authentication
2.1 Examples of Authentication Mechanisms
2.2 Classes of Authentication Mechanisms
2.3 Further Resources
2.4 References
Chapter 3 Key Management Methods
3.1 Key Management Taxonomy
3.2 Management of Symmetric Keys
3.3 Management of Public Keys and PKIs
3.4 Further Resources
3.5 References
Chapter 4 Internet Security and Key Exchange Basics
4.1 Introduction: Issues with Link Layer-Only Security
4.2 Internet Protocol Security
4.3 Internet Key Exchange for IPsec
4.4 Transport Layer Security
4.5 Further Resources
4.6 References
Chapter 5 Introduction on Internet Mobility Protocols
5.1 Mobile IP
5.2 Shortcomings of Mobile IP Base Specification
5.3 Seamless Mobility Procedures
5.4 Further Resources
5.5 References
Chapter 6 Remote Access Dial-In User Service (RADIUS)
6.1 RADIUS Basics
6.2 RADIUS Messaging
6.3 RADIUS Operation Examples
6.4 RADIUS Support for Roaming and Mobility
6.5 RADIUS Issues
6.6 Further Resources
6.7 References
Chapter 7 Diameter: Twice the RADIUS?
7.1 Election for the Next AAA Protocol
7.2 Diameter Protocol
7.3 Details of Diameter Applications
7.4 Diameter Versus RADIUS: A Factor 2?
7.5 Further Resources
7.6 References
Chapter 8 AAA and Security for Mobile IP
8.1 Architecture and Trust Model
8.2 Mobile IPv4 Extensions for Interaction with AAA
8.3 AAA Extensions for Interaction with Mobile IP
8.4 Conclusion and Further Resources
8.5 References
Chapter 9 PKI: Public Key Infrastructure: Fundamentals and Support for IPsec and Mobility
9.1 Public Key Infrastructures: Concepts and Elements
9.2 PKI for Mobility Support
9.3 Using Certificates in IKE
9.4 Further Resources
9.5 References
9.6 Appendix A PKCS Documents
Chapter 10 Latest Authentication Mechanisms, EAP Flavors
10.1 Introduction
10.2 Protocol Overview
10.3 EAP-XXX
10.4 Use of EAP in 802 Networks
10.5 Further Resources
10.6 References
Chapter 11 AAA and Identity Management for Mobile Access: The World of Operator Co-Existence
11.1 Operator Co-existence and Agreements
11.2 A Practical Example: Liberty Alliance
11.3 IETF Procedures
11.4 Further Resources
11.5 References