1. Field of the Invention
The invention is related to mobile communication systems. More specifically it relates to location privacy and route optimisation for mobile communication based on the Mobile Internet Protocol (Mobile IP) or similar protocols.
2. Description of the Related Art
The invention is described for the example of the Mobile Internet Protocol version 6 (Mobile IPv6). It is, however, also applicable to other protocols defining equivalent entities corresponding to the described entities of the Mobile IP.
Mobile IPv6 currently defines two modes of operation: bidirectional tunnelling and route optimization. While the former mode requires all data packets to be routed over the home agent of the sending mobile node, the latter utilizes the direct path between mobile node and correspondent.
Route optimization mode is more efficient and reduces the packet delay, which is very important for scalability of Mobile IPv6 and for supporting interactive communication. However, it does not provide location privacy with respect to the communication partner, which knows where the mobile node is currently located. In contrast, bidirectional tunnelling provides location privacy, but is less efficient and may delay packets to an extent that is not acceptable for delay-sensitive applications.
Communications systems evolve more and more towards an Internet Protocol (IP)-based network. They consist of many interconnected networks, in which speech and data is transmitted from one terminal to another terminal in pieces, so-called packets. Those packets are routed to the destination by routers in a connection-less manner. Therefore, packets consist of IP header and payload information and the header comprises among other things source and a destination IP address. For scalability reasons an IP network uses a hierarchical addressing scheme. Hence, an IP address does not only identify the corresponding terminal, but additionally contains location information about this terminal. With additional information provided by routing protocols, routers in the network are able to identify the next router towards a specific destination.
If a terminal is mobile, from now on called Mobile Node (MN), and moves between subnets, it must change its IP address to a topologically correct one because of the hierarchical addressing scheme. However, since connections on higher-layers, such as TCP connections, are defined with the IP addresses (and ports) of the communicating nodes, the connection breaks if one of the nodes changes its IP address, e.g., due to movement.
Mobile IPv6 [D. Johnson, C. Perkins, J. Arkko, “Mobility Support in IPv6”, IETF RFC 3775, June 2004] is an IP-based mobility protocol that enables MNs to move between subnets in a manner transparent for higher layers and applications, i.e. without breaking higher-layer connections. Therefore, a MN has two IP addresses configured: a Care-of-Address (CoA) and a Home Address (HoA). The MN's higher layers use the HoA for communication with the communication partner (destination terminal), from now on called Corresponding Node (CN). This address does not change and serves the purpose of identification of the MN. Topologically, it belongs to the Home Network (HN) of the MN. In contrast, the CoA changes on every movement resulting in a subnet change and is used as the locator for the routing infrastructure. Topologically, it belongs to the network the MN is currently visiting. One out of a set of Home Agents (HA) located on the home link maintains a mapping of the MN's CoA to MN's HoA and redirects incoming traffic for the MN to its current location. Reasons for having a set of HAs instead of a single HA are redundancy and load balancing.
As stated above, Mobile IPv6 currently defines two modes of operation: bi-directional tunnelling and route optimization. If bi-directional tunnelling is used, data packets sent by the CN and addressed to the HoA of the MN are intercepted by the HA in the HN and tunnelled to CoA of the MN. Data packets sent by the MN are reverse tunnelled to the HA, which decapsulates the packets and sends them to the CN. For this operation, only the HA must be informed about the CoA of the MN. Therefore, the MN sends Binding Update (BU) messages to the HA. These messages are sent over an IPsec security association and thus are authenticated and integrity protected. Since the CN is not aware of the CoA of the MN, it cannot derive the location of the MN and, thus, location privacy is provided. However, if the MN is far away from the home network and the CN is close to the MN, the communication path is unnecessarily long, resulting in inefficient routing and high packet delays.
The route optimization mode can prevent this inefficiency by using the direct path between CN and MN. Therefore, the MN sends BU messages to the CN, which then is able to directly send data packets to the MN (a type 2 routing header is used to send the packets on the direct path). Of course, the CN has to implement Mobile IPv6 route optimization support. To authenticate the BU message, the MN and the CN perform a so-called return routability procedure, which tests the reachability of the MN at the HoA and CoA and generates a shared session key. However, since the CN learns the CoA of the MN by means of the BU message, it can derive its location, i.e. location privacy is not provided.
A mechanism that provides both location privacy and route optimization is certainly desirable, since interactive applications such as VoIP require short packet delays. The mechanism should support scenarios where two mobile nodes communicate, where both MNs hide their location from each other (bidirectional location privacy).
In the following, prior art documents that can provide route optimization and/or location privacy to some extent and the drawbacks of those solutions are discussed.
HMIP [Hesham Soliman, Claude Catelluccia, Karim El Malki, Ludovic Bellier, “Hierarchical Mobile IPv6 mobility management (HMIPv6)”, IETF RFC4140, August 2005] was developed to reduce the latency and signalling overhead occurring due to sending BU messages to (potentially far away) HAs. It is proposed to handle the mobility partly locally. Therefore, a hierarchy of Mobility Anchor Points (MAP) is introduced in the visited network. The MN only needs to register its CoA with the local MAP. An additional CoA, the so-called Regional CoA (RCoA), is obtained from the MAP's subnet and used by the MAP to hide the MN's mobility within the MAP's region from the HA (or the CN in case of route optimization). Furthermore, MN can start Route Optimization mode using the RCoA as CoA. Hence, some support for route optimuzation and location privacy can be provided, but since CN still knows the RCoA and hence the MAP region the MN is currently located in, location privacy support is very limited.
AREC [WO2004055993] [G. Krishnamurthi, H. Chaskar, R. Siren, “Providing End-to-End Location Privacy in IP-based Mobile Communication”, IEEE WCNC, March 2004] requires modification of every Access Router (AR) of every visited network. Binding information is sent from HAs to ARs of the CN and MN, respectively, and data packets are tunnelled between the ARs of MN and CN without involvement of the HAs. This way, the direct, i.e. shortest, route between MN and CN is used and location privacy is supported. In WO2004010668 a very similar approach is presented. However, the distribution of binding information from the HAs to the ARs requires a new complex protocol, which would have to be standardized.
ORC [Ryuji Wakikawa, “Optimized Route Cache Protocol (ORC)”, Internet Draft draft-wakikawa-nemo-orc-01.txt, October 2004] was developed for route optimization in mobile networks (NEMO) and requires modifications to edge routers of visited networks, including the provision of binding information. The MN tunnels data packets to the edge router of CN's current network (assuming that CN is mobile) and the CN can tunnel data packets to the edge router of MN's current visited network. To be able to tunnel the packets to the edge routers, each node needs to know the IP address of the correspondent edge router, which again reveals location information about CN, i.e., location privacy support is unidirectional, not bi-directional.
GlobalHAHA [P. Thubert, R. Wakikawa, V. Devarapalli, “Global HA to HA protocol”, IETF Internet Draft draft-thubert-nemo-global-haha-00, October 2004] allows the distribution of HAs in the Internet that are usually bound to the home link by letting multiple HAs advertise routes to the home network prefix from different topological locations. A MN can bind to the closest HA, which serves as proxy HA, resulting in an optimized route. Location privacy is given, if bidirectional tunnelling is used. Hence, simultaneous route optimization and location privacy is provided. However, if all visited network advertise routes to all other networks (all being home networks for some MNs), routing scalability issues may arise, since the address hierarchy is basically not given anymore. Furthermore, the distributed home network must manually be configured as such. A secure on-demand configuration is not supported and would require a new complex protocol, which would need to be standardized.
In WO03041358 so-called Location Privacy Agents (LPA) and Location Privacy Servers (LPS) are introduced in every network. The MN sends a location privacy request message to its LPA, which then selects an LPA that is close to the CN. The address of this LPA is then given to the MN, which then sends a BU message to this LPA. Hence, the approach is similar to the ORC approach: since the LPA is close to CN's network, it knows the location of CN to some extend, which breaks location privacy support if the CN is mobile. Moreover, this solution would require a new signalling protocol.
In US2005041675 and WO2004043010 location privacy is achieved by cryptographically modified prefixes of IP addresses. Since the prefix is usually used by a router to route IP packets, this approach requires the modification of all routers in the Internet or can only provide limited location privacy.
In WO03044626, multicast addresses are used as CoA. Since they do not include any location information, location privacy support is given even in route optimization mode. However, this solution does not scale with the number of MNs, since a large-scale deployment would result in a flat routing in the Internet.
In [J. Zhang, D. Pearce, “Agent-Based Return Routability Test for Mobile IPv4 Route Optimization”, IETF Internet Draft draft-zhang-mobopts-agent-mip4rr-00.txt, August 2005], it is proposed to adopt the MIPv6 route optimization scheme for MIPv4 route optimization. A Correspondent Agent (CA) is introduced that proxies the CN in terms of return routability. This way the CN implementation does not need to be modified and data packets can directly be tunnelled between MN and CA. A side effect of the CA is that MN's location is hidden from CN. This approach is similar to ORC. Hence, CN's location is revealed to MN if CN is mobile and location privacy support is uni-directional only.
The problem to be solved is the provision of simultaneous location privacy and route optimization for Mobile IPv6-based communication without requiring the introduction of a new, to-be-standardized signalling protocol and with as few changes to terminal and network device implementations as possible. This would significantly ease deployment.