Service Migration Authentication Protocol for MEC
Ranaweera, Pasika; Yadav, Awaneesh Kumar; Liyanage, Madhusanka; Jurcut, Anca Delia (2023-01-11)
IEEE
11.01.2023
P. Ranaweera, A. K. Yadav, M. Liyanage and A. D. Jurcut, "Service Migration Authentication Protocol for MEC," GLOBECOM 2022 - 2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, 2022, pp. 5493-5498, doi: 10.1109/GLOBECOM48099.2022.10001261.
https://rightsstatements.org/vocab/InC/1.0/
© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
https://rightsstatements.org/vocab/InC/1.0/
© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
https://rightsstatements.org/vocab/InC/1.0/
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:oulu-202401171293
https://urn.fi/URN:NBN:fi:oulu-202401171293
Tiivistelmä
Abstract
Multi-Access Edge Computing (MEC) is a novel edge computing paradigm that enhances the access level capacity of mobile networks by shifting the serviceable Data center infrastructure proximate to the end devices. With this proximate placement and service provisioning, migration of a service from one edge enabled gNodeB (gNB) to another is intrinsic to maintain the service continuity. Since such services are migrated through the channel shared between the gNBs, proper security measures should be inhibited by the communication protocol to prevent any unauthorized interception. Further, each gNB should ensure the legitimacy of the migrating gNBs to avoid any impersonation attempts. As this is an area that lacks focus in current research trends, this paper introduces MEC Service Migration Authentication Protocol (MEC-SMAP), a protocol that take place prior to the migration initiation, and specifically defined for MEC. The proposed protocol ensures the secure transfer of session key generation parameters to form a secure channel while ensuring perfect forward secrecy. It introduces an identity verification mechanism through a trusted third party service. We have validated the proposed protocol through formal analysis using GNY logic and Scyther tool. Further, a prototype virtualized MEC environment was created to evaluate its feasibility and the impact of the employed security mechanisms.
Multi-Access Edge Computing (MEC) is a novel edge computing paradigm that enhances the access level capacity of mobile networks by shifting the serviceable Data center infrastructure proximate to the end devices. With this proximate placement and service provisioning, migration of a service from one edge enabled gNodeB (gNB) to another is intrinsic to maintain the service continuity. Since such services are migrated through the channel shared between the gNBs, proper security measures should be inhibited by the communication protocol to prevent any unauthorized interception. Further, each gNB should ensure the legitimacy of the migrating gNBs to avoid any impersonation attempts. As this is an area that lacks focus in current research trends, this paper introduces MEC Service Migration Authentication Protocol (MEC-SMAP), a protocol that take place prior to the migration initiation, and specifically defined for MEC. The proposed protocol ensures the secure transfer of session key generation parameters to form a secure channel while ensuring perfect forward secrecy. It introduces an identity verification mechanism through a trusted third party service. We have validated the proposed protocol through formal analysis using GNY logic and Scyther tool. Further, a prototype virtualized MEC environment was created to evaluate its feasibility and the impact of the employed security mechanisms.
Kokoelmat
- Avoin saatavuus [38865]