Handover-Aware Access Control Mechanism: CTP for PANA

  • Julien Bournelle
  • Maryline Laurent-Maknavicius
  • Hannes Tschofenig
  • Yacine El Mghazli
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3262)


The PANA protocol offers a way to authenticate clients in IP based access networks. It carries EAP over UDP which permits ISPs to use multiple authentication methods. However, in roaming environments IP clients might change of gateways and new EAP authentication from scratch may occur. This can considerably degrade performance.

To enhance IP handover in mobile environments, we propose to use the Context Transfer Protocol. The aim is to recover from previous PANA Authentication Agent the PANA security context previously established. For this, we define some ways to trigger the transfer and the content of what we called a PANA context.


Medium Access Control Access Router Authentication Phase Extensible Authentication Protocol Security Association 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Loughney, J., Nakhjiri, M., Perkins, C., Koodli, R.: Context Transfer Protocol. draft-ietf-seamoby-ctp-08.txt (2004) (Work in progress) Google Scholar
  2. 2.
    Yegin, A., Tschofenig, H., Forsberg, D.: Bootstrapping RFC3118 Delayed DHCP Authentication Using EAP-based Network Access Authentication. draft-yegineapboot- rfc3118-00.txt (2004)Google Scholar
  3. 3.
    Parthasarathy, M.: PANA enabling IPsec based Access Control. draft-ietf-panaipsec- 02.txt (2004) (work in progress) Google Scholar
  4. 4.
    El Mghazli, Y., Ohba, Y., Bournelle, J.: PANA: SNMP usage for PAA-2-EP interface. draft-ietf-pana-snmp-00.txt (2004) (work in progress) Google Scholar
  5. 5.
    Blunk, L., Vollbrecht, J., Aboba, B., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP) (2004) (work in progress) Google Scholar
  6. 6.
    Aboba, B., Simon, D., Arkko, J., Eronen, P., Levkowetz, H.: Extensible Authentication Protocol (EAP) Key Management Framework. draft-ietf-eap-keying-02.txt (2004) (work in progress) Google Scholar
  7. 7.
    IEEE: Wireless Medium Access Control (MAC) and physical layer (PHY) specifications: Specification for Enhanced Security (2002) 802.11i/D3.0 Google Scholar
  8. 8.
    Arbaugh, W., Aboba, B.: Handoff extension to RADIUS. draft-irtf-aaaarch-handoff- 04.txt (2003) (work in progress)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Julien Bournelle
    • 1
  • Maryline Laurent-Maknavicius
    • 1
  • Hannes Tschofenig
    • 2
  • Yacine El Mghazli
    • 3
  1. 1.GET/INTÉvryFrance
  2. 2.Siemens AGMunichGermany
  3. 3.AlcatelMarcoussisFrance

Personalised recommendations