The untrusted handover security of the S-PMIPv6 on LTE-A

In this paper, we propose a secure scheme, named the Digital-Signature-based Authentication Method (DiSAM for short), in which two authentication methods, called Homogeneous Network Authentication (HoNA for short) and Untrusted Network Authentication (UNA for short), are proposed to enhance the security of the LTE-A on F-PMIPv6 handover. In the HoNA, when UE enters a network, it obtains its representative identify (RI for short) as the user´s digital signature, and reuses the code for the later authentications. The purpose is to avoid redundantly performing the whole authentication procedure once UE hands over to the next eNB, thus dramatically lowering the LTE-A´s handover delay without scarifying its original security level. Due to creating a special authentication parameter, which contains K_ASME, the HoNA is suitable for a homogeneous environment provided by the same 4G operator. In the UNA, the MME which is now serving UE, denoted by MME 1, will predict the next eNB/base station (BS) through the assistance of ANDSF. The next eNB/BS can be heterogeneous to the eNB/BS currently serving UE. After that, MME 1 sends an Authentication_Request message to the next eNB/BS´s HSS, e.g., HSS 2. HSS 2 will request the HSS of UE´s home network, e.g., HSS 0, to authenticate UE. When successful, HSS 2 notifies its MME, e.g., MME 2 which will allow the UE to access its network resources. Of course, the UNA can also be applied to a homogeneous handover if the two systems before and after handover are untrusted.