Indirect routing provides location privacy at the IP layer, but the location of a can also be exposed at the r by the r address. A typically does not change its r address when it moves from one access point to another, unlike the care-of address at the IP layer. In many cases, the r address denitively identies the network interface card in the host. For example, in
IEEE 802.11 networks, the 802.3 r address is typically programmed into the network interface hardware at the factory (Wikipedia, 2008c). It contains ?elds identifying
the manufacturer and globally identifying the specic interface card. While it is possible to dynamically change the r address, the address is typically not changed, and, in fact, network access authentication using 802.1x/802.11-2007 (802.11, 2007) requires that the r address not change since the security association between the access point and is identied by the r address. The can change its r address when it moves between access points, but this may require a lengthy reauthentication procedure. From the network's standpoint, a with a different r address looks like a newly arrived entrant.
Cellular networks handle this problem by using the 's global identier for network access authentication, then assigning a temporary identier for further use to hide the host's identity. For example, in GSM networks, the uses its International Mobile Subscriber Identity (IMSI) on access (Wikipedia, 2008d).
The network assigns the terminal a Temporary International Mobile Subscriber Identity (TIMSI) after the terminal has successfully navigated network access authentication, which is used for further communication with the network. The window of vulnerability for exposing the 's identity is very limited, reducing the risk of identity compromise.
Indirect routing provides location privacy at the IP layer, but the location of a can also be exposed at the r by the r address. A typically does not change its r address when it moves from one access point to another, unlike the care-of address at the IP layer. In many cases, the r address denitively identies the network interface card in the host. For example, in
IEEE 802.11 networks, the 802.3 r address is typically programmed into the network interface hardware at the factory (Wikipedia, 2008c). It contains ?elds identifying
the manufacturer and globally identifying the specic interface card. While it is possible to dynamically change the r address, the address is typically not changed, and, in fact, network access authentication using 802.1x/802.11-2007 (802.11, 2007) requires that the r address not change since the security association between the access point and is identied by the r address. The can change its r address when it moves between access points, but this may require a lengthy reauthentication procedure. From the network's standpoint, a with a different r address looks like a newly arrived entrant.
Cellular networks handle this problem by using the 's global identier for network access authentication, then assigning a temporary identier for further use to hide the host's identity. For example, in GSM networks, the uses its International Mobile Subscriber Identity (IMSI) on access (Wikipedia, 2008d).
The network assigns the terminal a Temporary International Mobile Subscriber Identity (TIMSI) after the terminal has successfully navigated network access authentication, which is used for further communication with the network. The window of vulnerability for exposing the 's identity is very limited, reducing the risk of identity compromise.
access point vs router
Niciun comentariu:
Trimiteți un comentariu