Title:
Mobile VPN : advanced services in next generation wireless systems
Personal Author:
Publication Information:
Indianapolis, Indiana : Wiley Publishing, 2003
ISBN:
9780471219019
Added Author:
Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000004809657 | TK5103.4885 S53 2003 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Expected to serve up to 40 million mobile workers by 2004, Mobile VPNs provide professionals and consumers with secure data access to private networks while on the road An in-depth tutorial on the technology that wireless carriers will require to offer competitive IP-based services Teaches how to implement Mobile VPNs within GPRS, CDMA2000, UMTS and WLAN environments Examines technologies like IP tunneling, security, roaming, addressing, AAA brokerage, and the latest standards as applied in wireless data systems frameworks
Author Notes
ALEX SHNEYDERMAN is an independent consultant. Previously, he was Senior Product Manager at Lucent Technologies for their Springtide Wireless IP Services Switch. A frequent speaker at conferences, Shneyderman is also active in the IEEE and has authored several important white papers on wireless networks and IP services.
ALESSIO CASATI is an engineer with Lucent Technologies working on wireless packet data services, products, and protocols. Casati contributed to the standard setting in 3GPP and the IETF in the areas of mobility and QoS. He was a researcher in Italtel Central Research (Telecom Italia).
Table of Contents
| Foreword | p. xv |
| Preface | p. xvii |
| Part 1 Wireless Data Fundamentals | p. 1 |
| Chapter 1 Introduction to MVPN | p. 3 |
| The Era of Pervasive Mobility | p. 5 |
| Pervasive Mobility Drivers | p. 6 |
| Increase in Productivity | p. 6 |
| Mobile Device Evolution | p. 7 |
| Cellular Systems Advances | p. 7 |
| Mobile Lifestyles and Workplaces | p. 7 |
| Background on VPN | p. 8 |
| MVPN Business Case | p. 9 |
| Moving to Mobile VPN | p. 10 |
| Wireless Communications with MVPN | p. 10 |
| MVPN as a Differentiation Tool | p. 11 |
| Mobile VPN Market and Stakeholders | p. 12 |
| MVPN Service Providers | p. 12 |
| MVPN Customers | p. 13 |
| Small Businesses | p. 14 |
| Enterprises | p. 14 |
| Institutions | p. 15 |
| Application Service Providers | p. 16 |
| Wireless Data Standards | p. 16 |
| Regional Standards Organizations | p. 17 |
| 3GPP | p. 18 |
| 3GPP Documents and Standardization Process | p. 21 |
| 3GPP2 | p. 22 |
| 3GPP2 Documents and Standardization Process | p. 23 |
| Internet Engineering Task Force | p. 24 |
| IETF Documents and Standardization Process | p. 25 |
| IEEE 802 LAN/MAN Standards Committee | p. 26 |
| IEEE Documents and Standardization Process | p. 29 |
| Finding Standards Documents Online | p. 30 |
| Summary | p. 30 |
| Chapter 2 Data Networking Technologies | p. 31 |
| Tunneling and Labeling Technologies | p. 32 |
| Layer Two Tunneling Protocol | p. 33 |
| IP in IP Tunneling | p. 36 |
| GRE Protocol | p. 37 |
| Mobile IP | p. 38 |
| Implementing Mobile IP | p. 39 |
| GPRS Tunneling Protocol | p. 42 |
| Addressing Security | p. 46 |
| IPSec | p. 46 |
| Public Key Infrastructure | p. 50 |
| SSL and TLS | p. 53 |
| Labeling with Multi-Protocol Label Switching | p. 54 |
| Quality of Service and VPN | p. 59 |
| Per-Hop Behavior Types | p. 59 |
| QoS and Tunnels | p. 60 |
| QoS and MPLS | p. 63 |
| Authentication, Authorization, and Accounting | p. 63 |
| User Authentication and Authorization | p. 64 |
| Accounting Data Collection | p. 65 |
| AAA and Network Access Services: RADIUS | p. 67 |
| Authentication Methods for Network Access | p. 67 |
| AAA and Roaming: The Network Access Identifier | p. 69 |
| AAA Evolution: DIAMETER | p. 70 |
| Network Services | p. 71 |
| Address Management | p. 71 |
| DHCP Protocol | p. 72 |
| Host Naming | p. 74 |
| Domain Name System | p. 74 |
| Network Address Translation | p. 77 |
| Summary | p. 79 |
| Chapter 3 Wireless Systems Overview: A Radio Interface Perspective | p. 81 |
| Three Wireless Generations | p. 82 |
| 1G Cellular Systems | p. 85 |
| AMPS | p. 85 |
| Nordic Mobile Telephone and Total Access Communication System | p. 86 |
| 2G Cellular Systems | p. 87 |
| North American TDMA (IS 136) | p. 88 |
| Global System for Mobile Communications (GSM) | p. 89 |
| High-Speed Circuit-Switched Data | p. 90 |
| @cdmaOne | p. 90 |
| 3G Cellular Systems | p. 92 |
| CDMA2000 | p. 92 |
| CDMA2000-1xEV | p. 93 |
| CDMA2000-3x | p. 94 |
| Universal Mobile Telecommunications System | p. 94 |
| UMTS Standardization | p. 95 |
| UMTS Radio Interface | p. 96 |
| Enchased Data Rate for Global Evolution | p. 98 |
| EDGE Classification | p. 98 |
| The Future of EDGE | p. 100 |
| Wireless LAN | p. 100 |
| WLAN Technology | p. 101 |
| Summary | p. 102 |
| Chapter 4 Wireless Systems Overview: Data Services Perspective | p. 103 |
| Circuit versus Packet | p. 104 |
| Data Services in 1G, 2G, and 3G Systems | p. 106 |
| 1G Systems Circuit Data | p. 106 |
| Circuit-Switched Data in 2G and 3G Systems | p. 107 |
| CDMA and TDMA Circuit-Switched Data | p. 107 |
| GSM and UMTS Circuit-Switched Data | p. 109 |
| GSM/UMTS CSD Service Capabilities | p. 110 |
| CDMA2000 Packet Data | p. 112 |
| CDMA2000 Packet Data Architecture | p. 113 |
| Mobile Station Perspective | p. 117 |
| Dormancy | p. 117 |
| Mobile Station Types | p. 118 |
| CDMA2000 Mobility Levels | p. 119 |
| CDMA2000 Mobile AAA | p. 121 |
| GSM and UMTS Packet Data: General Packet Radio Service and UMTS PS Domain | p. 123 |
| GPRS Elements | p. 124 |
| UMTS Elements | p. 125 |
| GPRS and UMTS PS Domain System Architecture | p. 126 |
| GPRS and UMTS PS Domain Service Capabilities | p. 131 |
| GPRS and UMTS PS Domain Terminal | p. 131 |
| Summary | p. 133 |
| Part 2 MVPN and Advanced Wireless Data Services | p. 135 |
| Chapter 5 Mobile VPN Fundamentals | p. 137 |
| Defining VPN | p. 138 |
| VPN Building Blocks | p. 138 |
| Access Control | p. 141 |
| Policy Provisioning and Enforcement | p. 142 |
| Captive Portal | p. 142 |
| Authentication | p. 144 |
| Security | p. 144 |
| Tunneling as the VPN Foundation | p. 145 |
| Labeling (MPLS) and VPN | p. 147 |
| Service Level Agreements | p. 149 |
| MVPN SLA | p. 149 |
| Classifying VPN Technology | p. 150 |
| Tunneling Taxonomy | p. 150 |
| Voluntary VPN | p. 151 |
| Compulsory VPN | p. 153 |
| Chained Tunnel VPN | p. 155 |
| Architecture Taxonomy: Site-to-Site and Remote Access VPN | p. 156 |
| Site-to-Site VPN | p. 156 |
| Remote Access VPN | p. 159 |
| Moving from Wireline to Wireless and Mobile | p. 162 |
| Wireless versus Mobile | p. 162 |
| Significance of VPN in the Wireless Packet Data Environment | p. 164 |
| Voluntary MVPN | p. 165 |
| Compulsory MVPN | p. 166 |
| Summary | p. 168 |
| Chapter 6 GSM/GPRS and UMTS VPN Solutions | p. 169 |
| GSM and UMTS Circuit-Switched Data Solutions | p. 170 |
| CSD Solutions Technologies | p. 171 |
| CSD Deployment Scenarios | p. 171 |
| Packet Data Solutions | p. 173 |
| Packet Data Technology Solutions | p. 173 |
| IP PDP Type | p. 176 |
| Simple IP | p. 177 |
| IP with Protocol Configuration Options | p. 179 |
| DHCP Relay and Mobile IPv4 | p. 181 |
| PPP PDP Type | p. 182 |
| PPP Relay | p. 184 |
| PPP Terminated at the GGSN | p. 185 |
| Service Level Agreements | p. 187 |
| Charging and Billing | p. 188 |
| Roaming | p. 189 |
| Case Study: ACME Wireless | p. 194 |
| Summary | p. 200 |
| Chapter 7 CDMA2000 VPN Solutions | p. 201 |
| Overview of CDMA2000 Private Network Access | p. 202 |
| Simple IP: A True Mobile VPN? | p. 204 |
| Simple IP VPN Architecture | p. 205 |
| Simple IP VPN Call Scenario | p. 207 |
| Mobile IP-Based VPN | p. 209 |
| Public HA VPN Option | p. 210 |
| Public HA VPN Security | p. 211 |
| Private HA VPN | p. 213 |
| HA Allocation in the Network | p. 217 |
| Private HA Allocation Relative to the PDSN | p. 217 |
| Collocated PDSN/HA | p. 218 |
| Centrally Located HA | p. 219 |
| Dynamic HA Allocation | p. 220 |
| CDMA2000 IP Address Management | p. 222 |
| Simple IP VPN Address Assignment | p. 223 |
| Mobile IP VPN Address Assignment | p. 224 |
| Authentication, Authorization, and Accounting for MVPN Service | p. 225 |
| CDMA2000 AAA Architecture | p. 225 |
| CDMA2000 AAA Brokerage | p. 227 |
| Mobile IP VPN Perspective | p. 228 |
| Simple IP VPN Perspective | p. 229 |
| Case Study | p. 230 |
| Summary | p. 233 |
| Chapter 8 Mobile VPN Equipment | p. 235 |
| MVPN Clients | p. 235 |
| MVPN Client Implementation | p. 236 |
| MVPN Client Functions | p. 236 |
| Software-Based Clients | p. 237 |
| Hardware-Based Clients | p. 238 |
| MVPN Client Design Issues | p. 239 |
| Limited Platform Resources | p. 239 |
| Unreliable Physical Environment | p. 239 |
| Support and Distribution | p. 239 |
| Security Requirements | p. 240 |
| MVPN Gateways | p. 240 |
| MVPN Gateway Implementation | p. 240 |
| MVPN Gateways and Wireless Data Platforms | p. 242 |
| General-Purpose Computing Platforms | p. 244 |
| Routers and IP Switches | p. 245 |
| Summary | p. 248 |
| Chapter 9 The Future of Mobile Services | p. 249 |
| Current Wireless Systems Industry and Evolution of 3G Systems | p. 251 |
| Service Aspects | p. 252 |
| IP-Based Mobility | p. 255 |
| Billing for Wireless Data Services | p. 256 |
| The Future of Wireless Service and Systems | p. 258 |
| Person-to-Person Services | p. 259 |
| Person-to-Machine Services | p. 261 |
| Machine-to-Machine Services | p. 264 |
| Mobile Virtual Network Operator | p. 265 |
| Lightweight MVNO | p. 265 |
| Full-Scale MVNO | p. 266 |
| MVPN in an MVNO Environment | p. 266 |
| WLAN/Cellular Convergence and MVPN | p. 267 |
| WLAN and Cellular Integration | p. 268 |
| WLAN Integration Methods | p. 268 |
| IMSI-Based Authentication for WLAN Integration | p. 270 |
| NAI-Based Authentication and Mobile IP | p. 271 |
| Summary | p. 273 |
| Appendix A Mobile IP Extensions | p. 275 |
| Challenge/Response Extensions | p. 275 |
| NAI Extension | p. 277 |
| Private Extensions | p. 278 |
| Appendix B CDMA2000 RADIUS Accounting Attributes | p. 279 |
| Accounting Container | p. 280 |
| IKE Attributes | p. 280 |
| Security Level, HA, Reverse Tunnel, and DiffServ Attributes | p. 281 |
| Appendix C RADIUS Usage in 3GPP | p. 283 |
| Possible Network Configurations | p. 284 |
| RADIUS for Authentication | p. 285 |
| RADIUS for Accounting | p. 285 |
| RADIUS for Interaction with Application Servers | p. 286 |
| Acronyms | p. 291 |
| Bibliography | p. 309 |
| Index | p. 315 |
