Abstract
Wireless local area networks (LANs) are vulnerable to malicious attacks due to their shared medium in unlicensed frequency spectrum, thus requiring security features for a variety of applications even at the cost of quality of service (QoS). However, there is very little work on investigating to what extent system performance is affected by security configurations with respect to mobility scenarios, heterogeneous networks, and different applications. In order to exploit the full potential of existing security solutions, we present a detailed experimental study to demonstrate the impacts of security features on performance by integrating cross-layer security protocols in a wireless LAN testbed with IP mobility. We introduce a quality of protection (QoP) model to indicate the benefits of security protocols and then measure the performance cost of security protocols in terms of authentication time, cryptographic overhead and throughput. Our measurements demonstrate that the effects of security protocols on QoS parameters span a wide range; for example, authentication time is between 0.11 and 6.28 s, which can potentially affect packet loss dramatically. We also find that for the same security protocol throughput in non-roaming scenarios can be up to two times higher than that in roaming scenarios. However, some protocols are robust against mobility with little variation in system performance; thus, it is possible to provision steady service by choosing security protocols when users’ mobility pattern is unknown. Furthermore, we provide observations on cross-layer security protocols and suggestions to the design of future security protocols for real-time services in wireless LANs.
Similar content being viewed by others
References
Gast M (2002) 802.11 network deployment, 802.11 wireless networks: the definitive guide. O’Reilly, Sebastopol, CA, April
Hannikainen M, Damalainen TD, Niemi M, Saarinen J (2002) Trends in personal wireless data communications. Comput Commun 25(1):84–99
Karygiannis T, Owens L (2002) Wireless network security 802.11, bluetooth and handheld devices, National Institute of Technology, Special Publication, pp 800–848, November
Borisov N, Goldberg I, Wagner D (2001) Intercepting mobile communications: the insecurity of 802.11. In: Proc of the ACM MobiCom’01, ACM, New York, pp 180–189, July
IEEE Std 802.1x-2001x: Port-based network access control, http://www.ieee802.org/1/pages/802.1x.html, June 2001
IEEE 802 Standards, http://standards.ieee.org/getieee802
Qu W, Srinivas S (2002) IPsec-based secure wireless virtual private networks. In: Proc of the IEEE MILCOM’02, vol 2, IEEE, Anaheim, CA, pp 1107–1112, October
Liu W, Lou W, Fang Y (2005) An efficient quality of service routing algorithm for delay-sensitive aplications. Comput Networks 47:87–104, January
Godber A, Dasgupta P (2002) Secure wireless gateway. In: Proc of the ACM WiSe’02, ACM, New York, pp 41–46, September
Baghaei N, Hunt R (2004) Security performance of loaded IEEE 802.11b wireless networks. Elsevier Comput Commun 27:1746–1756, November
Faria DB, Cheriton DR (2002) DoS and authentication in wireless public access networks. In: Proceedings of the ACM workshop on wireless security (WiSe’02), ACM, New York, pp 47–56, September
Arbaugh WA, Shankar N, Wang J, Zhang K (2002) Your 802.11 wireless network has no clothes. IEEE Wirel Commun Mag 9:44–51, December
Li M, Zhu H, Sathyamurthy S, Chlamtac I, Prabhakaran B. (2004) End-to-end framework for QoS guarantee in heterogeneous wired-cum-wireless networks. In: Proc of the first international conference on quality of service in heterogeneous wired/wireless networks, IEEE Computer Society, Washington, DC, pp 140–147, October
Perkins CE (1998) Mobile networking through mobile IP. IEEE Internet Computing 2:58–69, January–February
Ma W, Fang Y (2004) Dynamic hierarchical mobility management strategy for mobile IP networks. IEEE J Sel Areas Commun (Special Issue on All-IP Wireless Networks) 22:664–676, May
Ma W, Fang Y (2003) Improved distributed regional location management scheme for mobile IP. In: Proceedings of the IEEE international symposium on personal, indoor and mobile radio communications (PIMRC’2003), vol 3. IEEE, Anaheim, CA, pp 2505–2509, September
Perkins C (1996) IP mobility support, http://www.ietf.org/rfc/rfc2002.txt, October
IPSEC, http://www.freeswan.org.
802.1x Supplicant, http://www.open1x.org.
RADIUS, http://www.freeradius.org.
OpenSSL, http://www.openssl.org.
Mobile IPv4, http://dynamics.sourceforge.net.
Kim I-G, Choi J-Y (2004) Formal verification of PAP and EAP-MD5 protocols in wireless networks: FDR model checking. In: Proc of AINA, vol 2. IEEE Computer Society, Washington, DC, pp 264–269, March
Karjoth G (2003) Access control with IBM tivoli access manager. ACM Trans Inf Syst Secur (TISSEC) 6:232–257 (May)
DoD Trusted Computer System Evaluation Criteria, http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt, December 1985
Casola V, Rak M, Mazzeo A, Mazzoccca N (2005) Security design and evaluation in a VoIP secure infrastracture: a policy based approach. In: Proceedings of ITCC’05, vol 1. IEEE Computer Society, Washington, DC, pp 727–732, April
Ong CS, Nahrstedt K, Yuan W (2003) Quality of protection for mobile multimedia applications. In: Proceedings of the international conference on multimedia and expo (ICME) ’03, vol 2, pp 137–40. Baltimore, Maryland, 6–9 July 2003
Aboba B, Simon D (1999) PPP EAP TLS athentication protocol. RFC 2716, RFC Editor, US, October
Satoh A, Inoue T (2005) ASIC-hardware-focused comparison for hash functions MD5, RIPEMD-160, and SHS. In: Proceedings of the international conference on information technology: coding and computing (ITCC’05), vol 1. IEEE Computer Society, Washington, DC, pp 532–537, April
Zhai H, Chen X, Fang Y (2005) How well can the IEEE 802.11 wireless LAN support quality of service? IEEE Trans Wirel Commun 4:3084–3094, November
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is supported by the National Science Foundation (NSF) under grant NR-0322893 and the Center for Advanced Computing and Communication (CACC) #04-08.
Rights and permissions
About this article
Cite this article
Agarwal, A.K., Wang, W. On the Impact of Quality of Protection in Wireless Local Area Networks with IP Mobility. Mobile Netw Appl 12, 93–110 (2007). https://doi.org/10.1007/s11036-006-0009-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-006-0009-6