Anda di halaman 1dari 7

1

Simulation of Reducing Re-association and Reauthentication Phases for Low Handoff Latency
Mohammed Omari, Sarah Rezzougui, and Nora Talhaoui
 Abstract WLANs have emerged very fast in both public and private areas during the recent years. They provide a non trivial replacement for the complicated and high cost wired LANs. However, the access points (APs) that build these WLANs do not have a very long coverage range. Consequently, many handoffs may occur as the mobile station is moving while accessing the network resources located at the distribution system side. Unfortunately, these handoffs can disturb the real time applications if they consumed a long time. This paper investigates the reduction of the handover in wireless network domain. We considered some mechanisms and techniques used to reduce handoff latency in wireless protocols. We developed a simulation tool in order to compare the data throughput with or without the re-association and the reauthentication phase. Experimental results show that the reduction of the re-association and the re-authentication phases enhances throughput and reduces the handoff latency. Index Terms Handoff, re-association, re-authentication, wireless LAN.

I. INTRODUCTION LANs deals on the IEEE 802.11 standards become well known due to their many benefits such as: easy operation and low cost [1][2][3]. These WLANs motivated the users because it is easy to use in such as places especially in the hot spot areas like universities, airports and hotels. In addition, one of the goals for these networks (Wi-Fi) is the ability to provide wireless mobile stations with free mobility within the coverage range of their associated access points (AP). So stations are able to move freely while accessing the network. Since these wireless networks (WLANs) were designed for indoor use at the beginning, APs of these WLANs have a limited coverage radio range. Furthermore, the limited range of these APs enforces a station to handoff (re-associate) from its previous AP to a new AP, whenever the station moves beyond the coverage range of its currently associated AP in order to maintain continuous connectivity. In WLANs, fast re-association of stations from one AP to
M. Omari, associate professor, is with the laboratory of sustainable development and computer science (LDDI) at the University of Adrar, Adrar 01000, Algeria (phone: 213-49-967571; fax: 213-49-967572; e-mail: omari@univadrar.org). S. Rezzougui, master student, is with the University of Adrar, Adrar 01000, Algeria (e-mail: rezzougui_sarah@yahoo.com). N. Talhaoui, was with the University of Adrar, Adrar 01000, Algeria (email: talhaoui_noura@yahoo.com).

another (low handoff latency) is one of these requirements which are not supported very efficiently in the IEEE 802.11 standard. Therefore, these handoffs can cause long latencies and packet loss which can affect the performance of such realtime applications. Consequently, fast handoff during mobility in WLANs is considered to be a critical issue [1]. As a result of the advancement in wireless technologies, real-time Multimedia services such as video conferencing have been provided by Internet Service Providers (ISPs) to the wireless subscribers [1]. However, since the IEEE 802.11 does not support fast handoffs, the performance of the applications that support such services can be degraded when the station moves beyond the coverage range of its original AP and performers a handoff to another AP. This degradation in the performance is the result of the handoff latency which is caused by the handoff procedure. Consequently, if the latency of the handoff procedure is large, some packets may be lost which can disrupt the current session and make the real-time applications become unreachable.. The rest of this paper is organized as follows. Section 1 provides an overview of the IEEE 802.11 protocol. The IEEE 802.11 architecture and the handoff procedure and its phases are presented in Section 2. In Section 3, we will present related work in reducing handoff latency. In Section 4, we present our simulation experiments, their parameter settings, along with the obtained results. The conclusion is presented in Section 5. II. IEEE 802.11 WIRELESS LANS OVERVIEW In Wireless Local Area Network (Wireless LAN) the user is assisted with high bit rate connection because of wireless (Radio) connection [1]. The range of wireless LAN is fairly short but it support high bit rate. In Wireless LAN, IEEE standards enumerate its different types and these IEEE standards also include the encryption algorithm to make Wireless LAN more secure as compare to regular LAN. Similar with the LANs, the IEEE 802.11 based wireless local area networks (WLANs) provide low cost and effective way to access the internet. These WLANs have various standards which are specified by the Institute of Electrical and Electronics Engineers (IEEE). The famous ones are: IEEE 802.11a (Band: 5 GHz, Data rate: 54 Mbps), IEEE 802.11b (Band: 2.4 GHz, Data rate: 11 Mbps), IEEE 802.11g (Band: 2.4 GHz, Data rate: 54 Mbps), IEEE 802.11n (Data rate: 200 Mbps), and IEEE 802.11F [1] [2].

2 A. Wireless LANs Architecture In the IEEE 802.11 architecture, there are several components and services which interact and work together in order to provide WLAN functionality [1]: 1- Station: A station is the basic component of the wireless network. It is any device which provides 802.11functionality by implementing the 802.11 functions in Medium Access Control (MAC) layer as well as physical (PHY) layer. A station could be a laptop, PDA or an AP. 2- Access point (AP): An AP is any device that has 802.11functionality and allows the associated mobile stations to access the services of the distributed system (DS) via the wireless medium. Each frame on an 802.11 network must be converted to another type of frame in order to be delivered to the wired network by an AP which performs this wireless-towired bridging function. 3- Wireless medium: The wireless medium is used by the 802.11 standards in order to move frames from one station to another. 4- Distribution System (DS): A distribution system (DS) is also called the backbone network. It is used to forward frames between several connected access points (APs), which form a large coverage area, so they can communicate with each other in order to track the movements of mobile stations (stations). [1] B. Wireless topologies The 802.11 standard supports the following three topologies [1]: 1- Independent Basic Service Set (IBSS) networks: IBSS networks are commonly referred to as Ad Hoc Networks. In IBSS networks, all mobile stations must be within direct communication range in order to communicate with each other. In addition, these networks consist of a small number of stations which are set up for a specific purpose and for a short period of time, for instance a single meeting in a conference room. 2- Infrastructure Basic Service Set (BSS) networks: BSS networks are differentiated by the use of an AP. In BSS networks, APs are used for all communications, including communication between mobile stations in the same service area. When stations need to communicate with each others, they communicate by transferring each frame to the AP, which forwards them to their destination. 3- Extended Service Set (ESS) networks: The ESS consists of different BSSs networks which are combined together in order to form a large network. Each BSS has a single AP that acts as bridge between the wireless link and any other connections. The AP in each BSS is connected to a distribution system that is usually an Ethernet backbone. In general, the ESS is the union of the multiple BSSs that are connected with each other through a DS. C. Handoff Procedure The handoff procedure occurs whenever the mobile station moves farther than the radio coverage range of its currently associated AP. When the received signal strength identifier (RSSI) value becomes less than a predefined handoff threshold (HT) the station initiates the handoff procedure and decides to associate to a new AP which has a better RSSI value in order to maintain its wireless connectivity [1]. During the handoff procedure, there are sequence of messages (management frames) that are exchanged between the APs and the station. As a result of these messages exchanging, the current state information is transferred from one AP to another with respect to the station. The entire handoff procedure can be classified into three logical phases namely: Discovery phase, Re-authentication phase and Re-association phase. D. Discovery Phase In the discovery phase, two sub-phases are involved: the handoff initiation sub-phase and the scanning sub-phase. When a station is moving farther than the radio covered area of its currently associated AP, the signal strength and the signal-to-noise ratio SNR of the signal from the currently associated AP decreases until it becomes less than HT. This causes the station to initiate a handoff procedure. On the other hand, before the station disconnects the connection to the currently associated AP, the station needs to find new APs and selects the best one among them in order to connect itself with. This is achieved by the Medium Access Control (MAC) layer scanning function [1]. E. Re-authentication phase The re-authentication is a process in which the identity of the station is either accepted or rejected by the AP. The reauthentication process starts by the station sending a reauthentication request frame from the station to the selected AP. This frame informs the selected AP of the station identity. Upon receiving the re-authentication request frame, the selected AP responds with a re-authentication response frame. This frame indicates the acceptance or rejection of the selected AP. Once the station has been successfully authenticated, then it can send a re-association request frame to the selected AP [4]. There are two authentication services or methods that have been defined in the IEEE 802.11 standard: The open system authentication and the shared key authentication. The Open System authentication is considered a null authentication algorithm which means that all the requesting mobile stations (stations) can be authenticated by the recipient AP. The authentication algorithm at the recipient AP is set to Open System authentication. In addition, this method required the exchange of only two frames between the station and the new AP, an authentication request frame and an authentication response frame [1]. In the shared key authentication method, the mobile station initiates an authentication process by sending an authentication request frame to the new selected AP. Upon receiving the authentication request frame, the new AP utilizes a Wired Equivalent Privacy (WEP) key in order to generate a

3 challenge text for the station. After the challenge text has been generated, the new AP attaches the challenge text into an authentication response frame and sends the frame as a replay. When the station receives the challenge text, it encrypts this text with the correct shared WEP key and returns an authentication request, which contains the encrypted challenge text, to the new AP [1]. Once the authentication request frame received successfully, the new AP gets the encrypted text from the received frame and decrypts it using the shared WEP key. Then, the new AP compares the decrypted and the original challenge texts. If these two texts match, the new AP sends an authentication response frame back to the station in order to confirm a successful authentication. This method requires four exchange messages between the station and the new AP. F. Re-association phase The re-association phase can be defined as the process in which the association of a mobile station is transferred from one AP to another. After the station has been successfully authenticated with the new selected AP, the re-association process begins [1]. III. REDUCING HANDOFF LATENCY IN WIRELESS PROTOCOLS Reducing handoff delay can be divided into four subcategories. The first category is to reduce the probe delay during the scanning phase where the focus is mainly to reduce the number of channels to be scanned. The second category is to reduce the re-authentication delay where the focus is mainly on pre-authentication before station joins the new network. The third category is to reduce the re-association delay and the forth category is to reduce the overall handoff delay which covers the previous three delays. Next, we will discuss some mechanisms and techniques that are currently used to reduce handoff delay. A. Reducing MAC Layer Handoff Latency in IEEE 802.11Wireless LANs The probe delay constitutes the biggest part (over 90%) of the handoff latency. For this reason, Shin and Forte [6] focused on minimizing this delay by improving the scanning procedure, using a selective scanning algorithm. Furthermore, Shin and Forte had to minimize the number of times the previous scanning procedure was needed. This second point was achieved with the use of a caching mechanism that is described below. In the selective scanning procedure, when a station scans APs, a channel mask is built. In the next handoff, during the scanning process, this channel mask will be used. In doing so, only a well-selected subset of channels will be scanned, reducing the probe delay. The selective scanning procedure reduced the handoff latency between 30 to 60% [6]. For seamless VoIP, it is recommended that overall latency does not exceed 50 ms. This further improvement was achieved by using an AP cache. The AP cache consists of a table which uses the MAC address of the current AP as the key. Corresponding to each key entry in the cache is a list of MAC addresses of APs adjacent to current one which were discovered during scanning. This list is automatically created while roaming. The cache has a size of ten, meaning that it could store up to ten keys and a width of two, meaning that for each key, it can store up to two adjacent APs in the list. B. Reducing Layer Two Handoff Latency in WLANs Using Advanced Context Distribution (ACD) This mechanism aims to reduce the re-association delay which is caused by the transferring of the mobile station context information from the old AP to the new AP using the Inter Access Point Protocol (IAPP). Context information of a station is the stations security information that may allow faster re-authentication of a station on re-association. Using IAPP for transferring stations context can increase the reassociation delay (up to 40 ms) due to its four additional messages during re-association phase. transferring of stations context from the old AP only if it can satisfy a specific condition which is called context threshold. Only new AP with RSSI value bigger than the context threshold value (CT) can request stations context to be transferred from the old AP. C. Eliminating handoff latencies in 802.11 WLANs using Multiple Radios In the multi-radio scenario, a node is assumed to have two interfaces: the primary interface and the secondary interface [7]. Suppose that the primary interface is associated with APold and is used for communication, while the secondary interface is available to perform other tasks. Clearly, such multi-radio node will have an advantage since it will be able to communicate normally and perform management operations simultaneously. In a naive approach, the secondary interface could perform the scanning stage (which is the most time consuming stage of a handoff), while the primary interface is communicating normally with its AP. Once the secondary interface determines an AP to which the node needs to connect next, the primary interface could start the handoff process skipping the scanning stage. This optimized handoff can be performed in less than 5 ms. Besides the delay due to the last two stages of handoff, just switching the card to a different channel may require as much 20 ms, depending on chipset, which is significant for real-time applications. This naive approach vastly reduces latency due to handoff and is absolutely safe, since from the AP infrastructures point of view, the node does not do anything unexpected, it simply appears as if the node knows which AP to connect to without a scan [7]. D. Reducing Re-authentication Delay Pack et. al. have proposed a fast predictive handoff scheme, which is based on mobility prediction, for reducing the reauthentication delay [4]. In this proposed scheme, the reduction of the re-authentication delay was achieved by enabling a mobile station to perform re-authentication

4 procedures for multiple access points (APs) rather than just the current AP whenever it enters the coverage radio range of a new AP and when the initial registration is performed. The authentication information, related to the station, is proactively propagated to multiple APs (neighbour APs) depending on the stations mobility. In addition, a prediction method called the Frequent Handoff Region (FHR) selection algorithm, which is introduced in this scheme, was used for the selection of these multiple APs. This algorithm takes into account the stations mobility patterns and service classes. E. Reducing Re-association Delay To further reduce the re-association delay during handoff procedures, Funn has proposed a layer two handoff mechanism called Selective Pro-active Context Caching (SPCC). The main idea of SPCC mechanism is that, when a mobile station first initiates a handoff process, it starts the scanning phase. During this phase, the station sends a modified probe request frame to all APs discovered in the scanning phase except the old AP. The modified probe request frame contains the old APs MAC address. After that, all the APs that receive the modified probe request frame will send the station-AP link quality information to the old AP (base on the old AP MAC address received in the probe request frame) using Link Quality Info management packet which is introduced for the potential next APs selection process. Consequently, a list of potential next APs to which a station is likely to associate with will be created in the old AP [1]. IV. DEPLOYMENT OF SDES SECURE MECHANISM IN WIRELESS DOMAIN A. Authentication and Association Soliman and Omari [8][9][10] developed a new security mechanism based on stream ciphers. The Synchronous Dynamic Encryption System (SDES) performs encryption, integrity, and authentication. SDES is characterized by its efficiency while maintaining higher security through dynamic keys. At network initialization stage, all APs go through a registration process authenticating themselves with the authentication server (AS) (once in their life cycle). Then, every AP is authenticated with its neighboring APs via the AS that generates and transmit a private secret shared key SSK to each pair of authenticated APs. When a mobile station joins the network, with the pair (MAC address, secret authentication key SAK) installed in its wireless card, it sends a first authentication request to its local AP. The AP forwards the station's request to the AS in order to authenticate the station, and transfer its newly generated SAK back to the AP. Fig. 1 explains in detail the protocol sequence of the stations initial authentication.
Fig. 1. Initial authentication between the station and the access point.

Notice that the station authentication with the AS is done only once; subsequent authentications are performed directly with the associated AP. Only in case a station remains out of rang with its AP for long time, would it need to reauthenticate with the AS again. B. Handover When the communication signal between the mobile station and its currently associated AP (say AP1) get weak, the station roams for another AP (say AP2) of stronger signal. Then, the station sends a handover request to AP1 including AP2's info. Usually, AP1 and AP2 are adjacent and wired; therefore, they are already pre-authenticated to each other via the AS. Following the rule of a trusted by a trusted is trusted, AP1 sends a secure handover request to AP2 including the station's authentication information. This AP-AP communication is secured via their private shared SSK. Then, AP1 sends a secure integrity check message to the station in order to check the previously received data integrity. V. SIMULATION, RESULTS AND ANALYSIS Our simulator was developed based on a framework initially created by Soliman and Omari [8] [9] [10] to simulate security protocols in ESS networks. Every station performs tasks independently; so the simulator needs to implement concurrent programming. Java has packages to facilitate multiprogramming, namely threading. Next is an example of some code that is part of base station (AP) simulation:
baseStationThreads = new BaseStationThread[simulationParameters.getNumber OfBaseStations()]; for(int i = 0; i < simulationParameters.getNumberOfBaseStations(); i++) { baseStationThreads[i] = new BaseStationThread(simulationParameters, baseStationInfo[i], baseStationsTable); } To start base station thread: // start base station threads for(int i = 0; i < simulationParameters.getNumberOfBaseStations(); i++) { baseStationThreads[i].start();

5 A mobile station is simulated through the next code:


// create node threads nodeThreads = new NodeThread[simulationParameters.getNumberOfNodes ()]; for(int i = 0; i < simulationParameters.getNumberOfNodes(); i++) { nodeThreads[i] = new NodeThread(simulationParameters, nodeInfo[i], baseStationInfo, nodesTable); }

.A Constants used in the simulation:


TABLE I CONSTANT VALUES USED IN SIMULATION Constant SIMULATION_TIME SAMPLING_PERIOD ENCRYPTION_REPETITION THREAD_SLEEP (afterauthenticationfailure) Value 120s 500ms 100ms 100ms

A mobile station starts moving as follows:


// start node threads for(int i = 0; i < simulationParameters.getNumberOfNodes(); i++) { nodeThreads[i].start(); }

A. The simulator interfaces: Our simulator is divided into two parts: The parameters interface, and the simulations. At the first stage, the simulation parameters are introduced to the simulator as shown is Fig. 2.

A mobile station is characterized by the following information:


Base Station Info /* associated AP*/ Position X Position Y Node ID

The maximum velocity, the zone width and height are defined as parameters of the simulator. Initially a node selects a random position with initial Id. Then, each station (thread) changes its position randomly based on a velocity that should be less than the maximum defined velocity. Next is part of the simulator code that describes a station lifecycle:
public void run() { associateWithNearestBaseStation(); try { // register to the base station register (); // authenticate authenticate(); } catch(Exception e) { } while (true) { // change position changePosition(); associateWithNearestBaseStation(); // authenticate if newly associated if (newlyAssociated) { newlyAssociated = false; try { authenticate(); newlyAssociated = true; } catch(Exception e) { } } try { // generate messages generateMessages(); } catch(Exception e) { } } }

Fig. 2. The input parameters interface.

At the second stage (see Fig. 3), the interface starts the simulation, and consequently, shows the current position of each station, and the current number of transmitted messages: registration, authentication, association, integrity, and data messages.

Fig. 3. The simulation interface.

The simulation remains running until the user press the stop simulation button. Then, the simulation will be stopped and the simulator automatically generates a result file that includes

6 about sent/received frames.


throug hput(bits )

B. Inputs of the simulator: The next table shows the input parameters used in our simulations:
TABLE II INPUT PARAMETERS FOR CONDUCTED SIMULATIONS Parameter Number Of base station Number Of Nodes Zone Width Zone Height Node Maximum Velocity Packet Generation Method Value 2 5 100 100 10 to 100 Fixed, probabilistic : uniform, exponential, beta, pareto, normal. - No Re-association and No Re-authentication. - No Re-association with Authentication. - Re-association and No Re-authentication. - Re-association with Re-authentication. Varying. Observation

500000 450000 400000 350000 300000 250000 200000 150000 100000 50000 0 fix e uniform pareto ex ponential normal

nreas s o/nreauth reas s /nreuth nreas s /R eauth R eas s /R eauth

Fig. 6. Throughput with maximum node velocity = 100

Handoff mode

In our experiments, we are investigating the throughput in four different handoff modes: Re-authentication with reassociation, Re-authentication without re-association, Reassociation with re-authentication, and finally, No reauthentication with no re-association. With velocity 0 and 5 mobile nodes, the experimental results showed that the throughput is approximately the same in all modes. This is simply because nodes did not migrate from an AP to another, and so, no further authentication or association is needed. This first set of experiment was performed only to ensure that our simulator is working fine.
400000 350000 300000

Fig. 4, Fig. 5 and Fig. 6 show a simulated throughput in the four handoff modes with different maximum velocities (10, 50 and 100). It is obvious that involving both re-association and re-authentication at the handoff phase increases the handoff latency. On the contrary, when these tasks of re-authentication and re-association are not performed, the handoff latency was the lowest. Our experimental results show that re-associating without re-authentication has lower handoff latency than reauthenticating without re-associating. We can simply infer that re-authentication is to be avoided as much as possible when a station migrates to an AP. This can be simply done in case of a station returns back to associate with a previously authenticated AP. In other words, each AP must maintain a table with an entry for each previously associated station, which contains authentication information. In doing so, a station avoids re-authentication when it leaves and returns back to an AP. VI. CONCLUSION The mobility in WLANs enables the users to move while they are accessing the network resources. However, because of the limited coverage of the APs that WLANs have, handoffs occur very frequently when a station moves and changes its attachment point from one AP to another. Thus, the performance of real time applications such as VoIP, which requires an uninterrupted connection, will be affected negatively due to these handoffs. The handoff procedure involves discovery, reauthentication and re-association phases and each one causes its own delay that affects the overall handoff latency. In this paper we conducted some simulation scenarios of the re-association and re-authentication operation and we found that the delay was reduced and the throughput was enhanced when the nodes re-associating and re-authenticating phases are both eliminated. We found also that reducing reauthentication is a key issue in reducing handoff latency. Reauthentication can be avoided by saving old authentications in memory, or by using efficient authentication protocols.

throug hput(bits )

250000 200000 150000 100000 50000 0 fix e uniform ex ponential B eta pareto

nreas s o/nreauth reas s /nreauth nreas s /R eauth R eas s /R eauth

Fig. 4. Throughput with maximum node velocity = 10

throug hput(bits )

500000 450000 400000 350000 300000 250000 200000 150000 100000 50000 0 fix e uniform pareto ex ponential normal

nreas s o/nreauth reas s /nreuth nreas s /R eauth R eas s /R eauth

Fig. 5. Throughput with maximum node velocity = 50

REFERENCES
LAETH A.ABDULWAHID, Reducing Layer Two Handoff Latency in WLANs Using Advanced Context Distribution , University of Malaya, 2009. [2] Lampe, T. 2007, Cisco Certified Network Associate, Sybex, USA. [3] Allawi, Y.M., Kim, M.G. & Kang, M. 2008, Advanced Handoff Mechanism for Delay Sensitive Applications in IEEE 802.11 Wireless LAN, 10th International Conference on Advanced Communication Technology (ICACT). [4] Pack, S., Choi, J., Kwon, T. & Choi,Y. 2007, Fast Handoff Support in IEEE 802.11 Wireless Networks, IEEE Communications Surveys. [5] Behrouz A. Forouzan, Sophia Chung Fegan, Data Communication and Networking 4th edition McGraw-Hill, 2007. [6] Sangho Shin ,Andrea G. Forte, Columbia University, Anshuman Singh Rawat, New York University , Henning Schulzrinne ,Columbia University, Reducing MAC Layer Handoff Latency in IEEE 802.11 Wireless LANs , pdf , lundi 17 mai 2010, 22:38:14 [7] Vladimir Brik, Arunesh Mishra, Suman Banerjee, Eliminating handoff latencies in 802.11 WLANs using Multiple Radios ,University of Wisconsin-Madison, WI 53706, USA. [8] H. S. Soliman and M. Omari. New Design Strategy of Dynamic Security Implementation. IEEE Workshop on Adaptive Wireless Networks (Globecom 2004), Dallas, TX, Dec 3, 2004. [9] H. S. Soliman and M. Omari. An Efficient Application of a Dynamic Crypto System in Mobile Wireless Security. IEEE Wireless Communications and Networking Conference, Atlanta, Georgia, 21-25 March 2004. [10] Hamdy S. Soliman, Mohammed Omari: Application of Synchronous Dynamic Encryption System (SDES) in Wireless Sensor Networks. International Journal of Network Security 3(2): 160-171, 2006. [1]

Anda mungkin juga menyukai