Global mobility with universal identity (GMUI)

Abstract

The emerging needs of operators to enhance the users' mobility and to increase their productivity, have raised a need for an architecture that can facilitate the ability of mobile users to conduct business anywhere, anytime, from any device with the same amenities offered in their home networks. The escalation of cyber attacks enforces any technology underpinning mobility to span the spectrum of network services with integral security capabilities to protect both the mobile users and the enterprise network. This thesis proposes an architecture to securely enhance users' mobility. The architecture extends the capabilities of standard mobile IP, solves its applicability problems, and links mobile users' activities to unique universal identities. The universal identity is achieved by associating mobile user's credentials as IP, hostname, and network equipment identifiers (ex. network cards or mobile sets) with his (U)SIM (Universal subscriber identity module). The global mobility concept proposed is achieved by adopting a new hierarchical mobile IP (MIP) architecture that enables subscribers to maintain the connections to their corporate and to the internet while moving across hybrid infrastructure without impacting their existing connections except with minimum handover time. The main advantages of the new mobile IP concept is its scalability inherited from its hierarchical distributed design making it suitable for small ISP as well as enterprise carrier crossing the countries boundaries while preserving the security policy of the various entities. The second advantage is the enhancement of the new MIP concept with a strong security mechanism that protects against identity spoofing. The third advantage is its independence of the access media or the used equipment to enhance the users' mobility while avoiding loading equipments with complex applications. Finally, the architecture adopts a secure encrypted hierarchal method for message passing, route finding and addresses the security limitation of standard internet protocols. The architecture operation and advantages have been verified with fourteen experiments to test the interaction between its eight distributed services, the corresponding node's communications with a mobile user roaming at different locations, and the users' mobility features including the mobile user's IP and network cards handover capabilities.