1st International ICST Workshop on Technologies for Situated and Autonomic Communications

Research Article

Efficient Authentication for Users Autonomy in Next Generation All-IP Networks

Download689 downloads
  • @INPROCEEDINGS{10.4108/ICST.BIONETICS2007.2372,
        author={Christoforos Ntantogian and Christos Xenakis and Ioannis Stavrakakis},
        title={Efficient Authentication for Users Autonomy in Next Generation All-IP Networks},
        proceedings={1st International ICST Workshop on Technologies for Situated and Autonomic Communications},
        proceedings_a={SAC},
        year={2008},
        month={8},
        keywords={Authentication   EAP-AKA   IKEv2   IMS-AKA   NGN   Users Autonomy},
        doi={10.4108/ICST.BIONETICS2007.2372}
    }
    
  • Christoforos Ntantogian
    Christos Xenakis
    Ioannis Stavrakakis
    Year: 2008
    Efficient Authentication for Users Autonomy in Next Generation All-IP Networks
    SAC
    IEEE
    DOI: 10.4108/ICST.BIONETICS2007.2372
Christoforos Ntantogian1,*, Christos Xenakis2,*, Ioannis Stavrakakis1,*
  • 1: Department of Informatics and Telecommunications, University of Athens, Greece
  • 2: Department of Technology Education and Digital Systems, University of Piraeus, Greece
*Contact email: ntantogian@di.uoa.gr, xenakis@unipi.gr, ioannis@di.uoa.gr

Abstract

Next Generation Networks (NGNs) provide multimedia services to mobile users through different access networks that facilitate users autonomy. The security architecture of NGNs specifies that a WLAN user must follow a multi-pass Authentication and Key Agreement (AKA) procedure in order to get access to the IP multimedia subsystem (IMS) services. This paper proposes an improved one-pass AKA procedure for NGNs that reduces significantly the authentication overhead compared to the multi-pass, without compromising the provided security services. A communication cost analysis is provided that estimates the cost improvement of the proposed one-pass over the multi-pass AKA authentication procedure. The proposed procedure has minimal impact on the network infrastructure and functionality and does not require any changes to the existing authentication protocols.