1. Field of the Invention
The present invention relates to a method of security and authentication in a mobile environment, more specifically to a method of security and authentication in an IPv6 environment that is capable of providing a more powerful and efficient authentication process by building a cooperation system between a SEND protocol and an IPSec protocol in a mobile IPv6 environment.
The present invention provides a method of security and authentication that is capable of performing a cost-efficient IPSec secured communication by sharing authentication information between the SEND protocol and IPSec protocol in a mobile environment, which has frequent entry and exit.
2. Background Art
The traditional mechanism of the Internet, to which hosts fixed to a wire network, has been recently evolving to link the wire network and wireless network and to support a mobile node that performs communication between the networks.
Mobile IP is a protocol developed to support the mobility of such terminals.
Particularly, the Mobile IPv6 technology works transparently with a higher protocol of the IP layer, and provides the mobility of an IPv6 host by maintaining active TCP connection and UDP port binding flawlessly.
The 3GPP (3rd Generation Partnership Project) and the 3GPP2, which are the two most important standard organization of modern mobile communication, adopted Mobile IPv6 as the standard for mobile Internet environment.
This is because the Mobile IPv6 technology can provide secure information protection, which is the biggest shortcoming of the mobile communication, enable efficient networks of various electronic devices by securing ample address space, support an automatic plug & play networking, and provide an efficient networking method through an optimized routing path configuration.
The IPv6 protocol includes an IP Security (IPSec) protocol as its basic security mechanism for the security of IP communication. In addition, for the security of a Neighbor Discovery (ND) protocol, which is used for entering the network, discovering a router, and discovering another neighboring host, the IPv6 protocol has defined a Secure ND (SEND) protocol.
The major problem to be addressed with respect to Mobile IPv6 is currently focused on security issues, and accordingly many problems have been solved.
However, when the two security mechanisms, namely, the IPSec protocol and the SEND protocol, are used at the same time, the authentication has been redundantly made for an identical host.
Moreover, the SEND protocol can periodically replace the IP address used for security, and thus an environment that communicates by use of the SEND protocol has to re-negotiate security whenever the address is changed, if an old IPSec is still used.