Anton Kozlov Mobile IP: Security Issues

1
Anton Kozlov Mobile IP Security Issues

• Survey of security chapters from the book by
• James D. Solomon, Mobile IP The Internet
  Unplugged, Prentice Hall, 1998
• Applied Crypto and e-Security Lab
• http//www.cs.bu.edu/groups/aces/
• Boston University 2000

2
Current State of Mobile Computing

• Mobile computers are one of the fastest growing
  segments of the PC market
• Short-range wireless networks (Bluetooth)
  available from IBM, Toshiba, Dell, HP
• High-speed (11 Mbps) wireless LAN products are
  now easily and cheaply available (IEEE 802.11a,
  IEEE 802.11b)
• Low speed (currently 128 Kbps) Metropolitan Area
  Wireless Network services are available in some
  cities and spreading (Metricoms Ricochet)

3
Mobile Computers Characteristics

• May change point of network connection frequently
• May be in use as point of network connection
  changes
• Usually have less powerful CPU, less memory and
  disk space
• Less secure physically
• Limited battery power

4
Wireless Networks Characteristics

• Generally lower bandwidth
• Higher latency and variability
• Higher error rate
• More susceptible to interference and eavesdropping

5
Outline of the Tutorial

• Part 1 The Need for Mobile IP
• Part 2 Mobile IP Overview (for IPv4)
• Part 3 Security Issues
• A Simple Mobile IP Application (Private Network
  without Internet connection)
• A More Complicated Application Internet-Wide
  Mobility

6
Part 1 The Need for Mobile IP

• Problems
• Terminology
• What Happens When a Node Changes Link?
• Cant We Solve This Problem with Host- Specific
  Routes?
• Why Not Just Change the Nodes IP Address?
• Cant We Just Solve the Problem at the Link
  Layer?
• What If We Only Need Nomadicity?

7
Mobile IP solves the following problems

• If node moves from one link to another without
  changing its IP address, it will be unable to
  receive packets at the new link
• If a node changes its IP address when it moves,
  it will have to terminate and restart any ongoing
  communications each time it moves
• Mobil IP solves these problems in secure, robust,
  and medium-independent manner whose scaling
  properties make it applicable throughout the
  entire Internet

8
The Need for Mobile IP

• Terminology
• A home link is the link on which a specific node
  should be located that is the link, which has
  been assigned the same network-prefix as the
  nodes IP address
• A foreign link is any link other than a nodes
  home link that is, any link whose
  network-prefix differs from that of the nodes IP
  address
• Host-specific route is a routing-table with
  Prefix-Length of 32 bits, it will provide a match
  for exactly one IP Destination Address namely,
  the address specified in the Target field
• Mobility is the ability of a node to change its
  point of attachment from one link to another
  while maintaining all existing communications and
  using the same IP address at its new link

9
What Happens When a Node Changes Link?
10
Cant We Solve the Mobility Problem with
Host-Specific Routes?

• How Might Host-Specific Routes Solve the Problem?
• If it Solves the Problem, Is This Solution a Good
  One?

11
Is This Solution a Good One?

• How Many Mobile Nodes We Can Expect?
• How Many Routes Are Required for Each Mobile
  Node?
• How Fast Will a Node Change Links?
• Is This Solution Robust?
• Is It Secure?

12
ConclusionHost Specific Routes is an Unworkable
Solution to Node Mobility in the Internet

• Minimally, host-specific routes must be
  propagated to all nodes along the path between a
  mobile nodes home link and its foreign link
• Some (in the worst case all) of these routes must
  be updated every time the node moves from one
  link to another
• We expect millions of nodes to be operating

13
Host-Specific routing has severe scaling,
robustness, and security problems

• Unless host-specific routes are propagated to a
  much larger set of routers than minimal set
  described in the first item above, then the
  Internet mobility to route around isolated node
  and link failures is negated by host-specific
  routing
• Serious security implications would require
  authentication, and complicated key management
  protocol to address

14
Why Not Just Change the Nodes IP Address?

• Can Connections Survive a Changing IP Address?
• No, because all open TCP connections will be
  terminated
• How Do We Find a Node Whose IP Address Keeps
  Changing?
• Only if a mobile node itself initiates
  communication, a huge overhead to keep entries in
  DNS updated, address returned by a name server is
  subject to change at any moment
• Cant we just solve the problem at the Link
  Layer? (Cellular Digital Packet Data - CDPD
  (11Kbps), IEEE 802.11)
• Provides node mobility only in the context of a
  single type of medium and within a limited
  geographic area

15
What If We Only Need Nomadicity?

• A nomadic node is one which must terminate all
  existing communications before changing its
  point-of-attachment, but then can initiate new
  connections with a new IP address once it reaches
  its new location.
• If all communications are initiated by the user
  of a mobile node, and the user does not mind
  shutting down his applications and restarting
  then at a new location, then nomadicity is indeed
  sufficient

16
Why Mobility Is Preferable to Nomadicity?

• Many applications have configuration data bases
  which depend on IP addresses, as opposed to host
  names
• In the future Servers and not just Clients might
  need to become mobile (Clients know their Servers
  only by their IP addresses)
• Some license application vendors provide
  network-licensing systems which restrict access
  to only those nodes possessing specific ranges of
  IP addresses
• Some security mechanisms provide access
  privileges to nodes based upon their IP
  addresses. Mobile nodes employing Mobile IP allow
  such mechanisms to work in the presence of node
  mobility
• Limited availability of IPv4 addresses, need for
  specific address assignment mechanisms

17
Summary

• A node that changes from one link to another is
  incapable of communicating at the new location
  unless it changes its IP address
• Host-specific routing is not workable solution in
  the context of the global Internet
• Changing a nodes IP address is undesirable
• The difference between mobile and nomadic
  computing (impossible for other node to know at
  what address a nomadic computer can be reached at
  any given moment)

18
Summary (cont.)

• All link-layer solutions share limitations in
  their geographic applicability and the media over
  which they can run.
• Even in those instances where a node requires
  only nomadicity, the more subtle advantages
  offered by Mobile IP mobility can make network
  administration much easier.

19
Part 2 Mobile IP Overview (for IPv4)

• Is Mobile IP an Official Standard?
• What Is the Scope of the Mobile IP Solution?
• What Are the Requirements for Mobile IP?
• What Assumption Does Mobile IP Make?
• Where Does Mobile IP Reside?
• Generally How Does Mobile IP Works?
• Summary

20
Is Mobile IP an Official Standard?

• Mobile IP was approved by the Internet
  Engineering Steering Group (IESG) in June 1996
  and published as a Proposed Standard in November
  1996.
• Main reference document Request for Comments
  (RFC) 2002
• There are other RFCs defining specific aspects of
  Mobile IP, such as tunneling, applicability,
  Management Information Base

21
What Is the Scope of the Mobile IP Solution?

• Mobile IP is a network-layer solution to node
  mobility in the Internet
• It accomplishes its task by setting up the
  routing tables in appropriate nodes, such that IP
  packets can be sent to mobile nodes not connected
  to their home link
• Can be considered to be a routing protocol, which
  has a very specialized purpose of allowing IP
  packets to be routed to mobile nodes which could
  potentially change their location very rapidly.
• Mobile IP is unique in its ability to accommodate
  heterogeneous mobility in addition to homogeneous
  mobility.
• Solves the primary problem of routing IP packets
  to mobile nodes, which is a first step in
  providing mobility on the Internet. A complete
  mobility solution would involve enhancements to
  other layers of the protocol stack.

22
What Are the Requirements for Mobile IP?

• A mobile node must be able to communicate with
  other nodes after changing its link-layer
  point-of-attachment to the Internet
• Must be able to communicate using its home
  (permanent) IP address, regardless of its current
  link-layer point-of-attachment to the Internet
• Must be able to communicate with other computers
  that do not implement the Mobile IP mobility
  functions
• The Mobile IP implementation should be limited
  only to the mobile nodes themselves and the few
  nodes which provide special routing functions on
  their behalf
• Must not be exposed to any new security threats
  over and above those to which any fixed node on
  the Internet is exposed

23
What Assumption Does Mobile IP Make?

• Mobile IPs fundamental assumption is that
  unicast packets those destined to a single
  recipient are routed without regard to their IP
  Source Address.
• We will see how that assumption, though
  theoretically valid, might not be operationally
  valid under certain circumstances (Denial-of
  Service)

24
Where Does Mobile IP Reside?

• There are 3 functional entities where it is
  implemented
• Mobile Node a node which can change its
  point-of-attachment to the Internet from one link
  to another while maintaining any ongoing
  communications and using its (permanent) IP home
  address
• Home Agent router with an interface on the
  mobile nodes home link, which
• Is informed by the mobile node about its current
  location, represented by its care-of-address
• In some cases, advertises reachability to the
  network-prefix of the mobile nodes home address,
  thereby attracting IP packets that are destined
  to the mobile nodes home address
• Intercepts packets destined to the mobile nodes
  home address and tunnels them to the mobile
  nodes current location, i.e. to the
  care-of-address

25
Where Does Mobile IP Reside?

• Foreign Agent a router on a mobile nodes
  foreign link which
• Assists the mobile node in informing its home
  agent of its current care-of address
• In some cases, provides a care-of address and
  de-tunnels packets for the mobile node that have
  been tunneled by its home agent
• Serves as default router for packets generated by
  the mobile node while connected to this foreign
  link

26
Mobile IP Entities and Relationships
27
IP Tunneling

• A tunnel is a path followed by a fist packet
  while it is encapsulated within the payload
  portion of a second packet

28
Properties of Care-of Address

• A care-of address is an IP address associated
  with mobile node that is visiting a foreign link
• A care-of address is specific to the foreign link
  currently being visited by a mobile node
• Generally changes every time the mobile node
  moves from one foreign link to another
• No Mobile IP-specific procedures are needed in
  order to deliver packets to a care-of address
• Is used as the exit-point of a tunnel from the
  home agent toward the mobile node
• Is never returned by DNS when another node looks
  up the mobile nodes hostname

29
Two Conceptual Types of Care-of Addresses

• A foreign agent care-of address is an IP address
  of a foreign agent which has an interface on the
  foreign link being visited by a mobile node. Can
  be shared by many mobile nodes simultaneously
• A collocated care-of address is an IP address
  temporarily assigned to an interface of the
  mobile node itself. The network-prefix of a
  collocated care-of address must equal the
  network-prefix that has been assigned to the
  foreign link being visited by a mobile node. This
  type of c/o address might be used by mobile node
  in situations where no foreign agents are
  available on a foreign link. A collocated c/o
  address can be used by only one mobile node at a
  time

30
(No Transcript)
31
Generally How Does Mobile IP Works?

• Home Agents and Foreign Agents advertise their
  presence on any attached links by periodically
  multicasting or broadcasting special Mobile IP
  messages called Agent Advertisements
• Mobile Nodes listen to these Agent Advertisements
  and examine their contents to determine whether
  they are connected to their home link or a
  foreign link
• A Mobile Node connected to a foreign link
  acquires a care-of address. A foreign agent
  care-of address can be read from one of the
  fields within the foreign agents Agent
  Advertisement. A collocated care-of address must
  be acquired by some assignment procedure, such as
  Dynamic Host Configuration Protocol (DHCP), the
  Point-to-Point Protocols IP Control Protocol
  (IPCP), or manual configuration

32
How Does Mobile IP Works (cont.)?

• The mobile IP Registers the care-of address
  acquired previously with its home agent, using a
  message-exchange defined by Mobile IP. It asks
  for service from a Foreign Agent, if one is
  present on the link. In order to prevent
  Denial-of-Service attacks, the registration
  messages are required to be authenticated
• The Home Agent or some other router on the home
  link advertises reachability to the
  network-prefix of the Mobile Nodes home address,
  thus attracting packets that are destined to the
  Mobile Nodes home address. The Home Agent
  intercepts these packets, and tunnels them to the
  care-of address that the mobile node registered
  previously
• At the care-of address at either the Foreign
  Agent or one of the interfaces of the mobile node
  itself the original packet is extracted from
  the tunnel and then delivered to the Mobile Node
• In the reverse direction, packets sent by the
  Mobile Node are routed directly to their
  destination, without any need for tunneling. The
  Foreign Agent serves as a default router for all
  packets generated by visiting node

33
Mobile IP Summary

• Allows node mobility across media of similar or
  dissimilar types
• Uses the Mobile Nodes permanent home address
  when it changes its point of attachment to the
  Internet
• Not requires any hardware and software upgrades
  to the existing, installed base of IPv4 hosts and
  routers other than those nodes specifically
  involved in the provision of mobility services
• Mobile Node must provide strong authentication
  when it informs its Home Agent of its current
  location
• Uses tunneling to deliver packets that are
  destined to the Mobile Nodes home address
• 3 main entities Mobile Nodes, Foreign Agents and
  Home Agents
• 3 basic functions Agent Discovery, Registration,
  Packet Routing

34
Part 3a. Security Issues Simple Mobile IP
Application (Intranet without connection to the
Internet)

• How is Mobile IP deployed?
• Insider Attack
• Mobile Node Denial-of-Service
• Replay Attacks
• Theft of Information Passive Eavesdropping
• Theft of Information Session-Stealing (Takeover)
  Attack
• Other Active Attacks

35
How is Mobile IP Deployed?

• All hosts are wholly owned by the enterprise
• Each router performs both home agent and foreign
  agent functionality

36
Insider Attacks

• Usually involve a disgruntled employee gaining
  access to sensitive data and then forwarding it
  to a competitor
• Enforce strict control who can access what data
• Use strong authentication of users and computers
• Encrypt all data transfer on an end-to-end basis
  between the ultimate source and ultimate
  destination machines to prevent eavesdropping

37
Mobile Node Denial-of-Service

• A Bad guy sends a tremendous number of packets to
  a host (e.g., a Web server) that brings the host
  CPU to its knees. In the meantime, no useful
  information can be exchanged with the host while
  it is processing all of nuisance packets
• A Bad Guy somehow interferes with the packets
  that are flowing between two nodes on the
  network. Generally speaking, the Bad Guy must be
  on the path between the two nodes on order to
  wreak any such havoc

38
Denial-of-Service Attack

• A Bad Guy generates a bogus Registration Request
  specifying his own IP address as the care-of
  address for a mobile node. All packets sent by
  correspondent nodes would be tunneled by the
  nodes home agent to the Bad Guy

39
How Does Mobile IP Prevents this
Denial-of-Service Attack?

• Note In case of mobility a Bad Guy could attack
  from anywhere in the network, it does not have to
  be on the way.
• Solution to require cryptographically strong
  authentication in all registration messages
  exchanged by a mobile node and its home agent.
• Mobile IP by default supports MD5 Message-Digest
  Algorithm (RFC 1321) that provides secret-key
  authentication and integrity checking

40
Authentication of Registration Messages via Keyed
MD5

• A mobile node generates a Registration Request,
  consisting of the fixed length portion and the
  Mobile-Home Authentication Extension, it fills in
  all the fields of the request and extension
  except for the Authenticator field. Then it
  computes 16-byte MD5 message digest over the
  shared secret key, the fixed length portion, all
  extensions without Authenticator field, and the
  shared secret key again. The Mobile IP
  authentication extensions provide both
  authentication and integrity checking

41
Replay Attacks

• A Bad Guy could obtain a copy of a valid
  Registration Request, store it, and then replay
  it at a later time, thereby registering a bogus
  care-of address for the mobile node
• To prevent that the Identification field is
  generated is a such a way as to allow the home
  agent to determine what the next value should be
• In this way, the Bad Guy is thwarted because the
  Identification field in his stored Registration
  Request will be recognized as being out of date
  by the home agent (timestamps or nonces are used
  for Identification field)

42
Summary

• Mobile IP registration has has built-in
  prevention of denial-of-service attacks.
  Specifically, it is impossible for a Bad Guy to
  lie to a mobile nodes home agent about that
  mobile nodes current care-of address, because
  all registration messages provide authentication
  of the messages source, integrity checking and
  replay protection

43
Theft of Information Passive Eavesdropping

• Assumption unauthorized persons will inevitably
  gain wired or wireless access to the network
  infrastructure
• Use of Link-Layer Encryption
• We also assume that key management for the
  encryption is performed without disclosing the
  keys to any unauthorized parties
• Use of End-to-End Encryption (SSH, SSL)

44
End-to-End Encryption vs. Link Encryption

• The Encapsulating Security Payload (RFC 1827) can
  provide end-to-end encryption to other
  application programs not supporting it themselves

45
Theft of Information Session-Stealing (Takeover)
Attack

• A Bad Guy waits for a legitimate node to
  authenticate itself and start an application
  session
• Then it takes over the session by impersonating
  the identity of the legitimate node
• Usually he must send a tremendous number of
  nuisance packets to the legitimate node in order
  to prevent it from realizing that its session was
  hijacked

46
Session-Stealing on the Foreign Link

• The Bad Guy waits for a mobile node to register
  with its home agent
• The Bad Guy eavesdrops to see if the mobile node
  has any interesting conversation taking place
  (remote login session to another host, connection
  to the electronic mailbox)
• The Bad Guy floods the mobile node with nuisance
  packets
• The Bad Guy steals the session by sending the
  packets that appear to have come from the mobile
  node and by intercepting packets destined to the
  mobile node

47
Session-Stealing Prevention

• Same method as in the case of Passive
  Eavesdropping
• minimally link-layer encryption between the
  mobile node and the foreign agent
  (session-stealing on the foreign link)
• With the preference of end-to-end encryption
  between the mobile node and its corresponding
  node (elsewhere)
• Note a good encryption scheme provides a method
  by which a decrypting node can determine whether
  the recovered plaintext is gibberish or whether
  it is legitimate (integrity checking)

48
Other Active Attacks

• The Bad Guy connects to the network jack, figures
  out he IP address to use, and tries to break to
  the other hosts on the network
• He figures out the network-prefix that has been
  assigned to the link on which the network jacks
  connected
• The Bad Guy guesses a host number to use, which
  combined with the network-prefix gives him an IP
  address to use on the current link
• The Bad Guy proceeds to try to break into the
  hosts on the network guessing user-name/password
  pairs

49
Protection against such attacks

• All publicly accessible network jacks must
  connect to foreign agent that demands any nodes
  on the link to be registered (authenticated).
• Remove all non-mobile nodes from the link and
  require all legitimate mobile nodes to use
  (minimally) link-layer encryption

50
Summary Intranet Model Security

• We described a simple deployment of Mobile IP on
  individual corporate campus (intranet)
• All of the routers were upgraded to be both home
  agents and foreign agents, all reasonably
  portable host were upgraded to mobile hosts
• Home addresses were assigned according to the
  users department
• Mobile IP authentication Keys were configured
  between the mobile nodes and their respective
  home agents
• Assumed the existence of physical security flaws
• Used link encryption over the foreign link to
  minimally protect the internal data, but
  generally preferred end-to-end encryption
• Considered Denial-of Service attack in which a
  Bad Guy lie to a mobile nodes home agent about
  mobile nodes current care-of address
• Showed how a combination of the Mobile-Home
  Authentication Extension and Identification field
  are designed to provide Authentication, Integrity
  Checking, and Replay Protection for all
  Registration Requests and Replies

51
Part 3b. Internet-Wide Mobility A more
Complicated Application

• This Mobil IP application allows a user to move
  anywhere throughout the entire Internet without
  exposing his private network to additional
  security threats
• We will consider the problem of mobile nodes
  getting packets past the firewall when they are
  outside of the private network boundary (the
  subject of active research in Mobile IP Working
  Group of Internet Engineering Task Force)

52
Model for This Application
53
The Requirements

• There must be a firewall between the corporate
  network and the global Internet
• Authorized mobile nodes belonging to employees of
  the corporation must not suffer any loss of
  connectivity to resources inside the firewall,
  even when connected to a foreign link outside the
  firewall
• The corporate network must not be exposed to any
  new security threats over and above those that
  face any network connected to the Internet
  (through a firewall)
• A visitor must be able to communicate with the
  global Internet (and presumably his own private
  network) from public areas such as conference
  rooms, training facilities, etc.

54
Threats That Are the Same As Before

• Threats from insiders (restrict access to info)
• Denial-of-service attacks (use of strong
  authentication)
• Passive eavesdropping and active takeover attacks
  (encryption)
• Physical Intrusion to the restricted portion of
  the campus (control of physical access)

55
Firewalls

• 3 basic types of firewalls packet-filtering
  routers, application-layer relays, and secure
  tunnelers

56
Packet-Filtering Router as Firewall
57
Example of Access Control List (ACL)

• Forward all packets belonging to connections
  initiated by internal machines
• Forward all packets belonging to email
  connections initiated by outside machines
• Forward all DNS messages
• Discard all other packets

58
Advantages of Packet-Filtering Routers

• Fast (simple processing involving examining of IP
  Source and Destination Address fields, and TCP
  and UDP header fields)
• Independent of applications
• Inexpensive to upgrade

59
Problems

• Difficult to configure correctly
• Obscure syntax of ACLs (usually there is no GUI)
• Any mistake leaves the private network
  vulnerable to security attacks
• No reliable way to check ACLs correctness
• IP addresses of the machines in the private
  network are visible to the public network
• Little or no disk space to log a suspicious
  activity
• Do not support users authentication before being
  allowed to communicate outside the firewall

60
Application-Layer Relays

• The two routers are configured with ACLs which
  allow packets only to and from the relay host

61
Advantages

• Ability to enforce more sophisticated security
  policies since they understand not only packet
  headers, but also the applications themselves
• Auditing and logging capabilities
• Authentication support

62
Disadvantages

• Slow and visible to end users (might have many
  TCP connections open at the same time)
• Some applications might not be supported by
  firewall possibly because it does not work
  symmetrically in both directions

63
Secure Tunnelers (picture)
64
Secure Tunnelers

• If the packet is tunneled to the firewall and has
  valid authentication (and usually encryption), it
  is de-tunneled and routed transparently to the
  destination node within the private network
• Otherwise, the packet is submitted to
  application-layer relay and is processed
  accordingly

65
Virtual Private Network (VPN)
66
Host1 sends a packet to Host2 (see the previous
picture)

• Host1 builds an IP packet its own IP address as
  the Source Address and Host2s IP address as the
  Destination Address
• The packet is ultimately forwarded to the
  firewall on the left
• The firewall prepends an IP Encapsulating
  Security Payload header to the original IP packet
  and encrypts the original IP header and payload
  (the encryption algorithm provides authentication
  and integrity checking as well)
• The firewall places the resultant Encapsulating
  Security Payload header plus encrypted original
  packet within the payload portion of a new IP
  packet. The new IP packet has a Source Address of
  the leftmost firewall and a Destination Address
  of the rightmost firewall
• The new packet is transmitted over the Internet,
  where it is ultimately received by the firewall
  on the right

67
Host1 sends a packet to Host2 (cont.)

• The firewall consumes the outermost IP packet
  header and examines the IP Encapsulating Security
  Payload header. The Security Parameters Index
  field within that header informs the firewall how
  to process the received cipher-text. The firewall
  proceeds to decrypt and verify the authentication
  and integrity of the packet
• If the packet is authentic, the firewall removes
  the IP Encapsulating Security Payload header to
  recover the original IP packet
• The firewall forwards the packet, which is
  ultimately delivered to Host2 via conventional
  routing

68
How do we protect a Mobile Node That Is Outside
the Firewall?

• Mobile Node as a Special Case of Virtual Private
  Networks (VPN)
• The firewall is a software module running on
  the mobile node

69
Requirements for Secure Firewall Traversal in
Mobile IP

• Must protect the mobile node and the private
  network from passive eavesdropping and active
  takeover attack
• Must work for organizations that have private
  addresses (that are not advertised to the rest of
  the Internet) on their networks
• Must not require the firewall to implement or
  understand Mobile IP
• Must resolve the problem of the mobile node
  Registration through the firewall
• Must work in presence of internal private network
  firewalls

70
Firewall Traversal Using VPN Questions to Answer

• How does a mobile node establish the
  authenticated and/or encrypted tunnel to the
  firewall?
• Does the mobile node establish this tunnel before
  or after it registers with its home agent?
• Is the mobile nodes home agent inside or outside
  the firewall?
• How do we establish keys between the mobile node
  and its firewall?
• How do the mobile node and the firewall agree on
  a set of encryption and/or authentication
  algorithms to use?
• How does the mobile node know whether it is
  inside or outside the firewall?

71
Conclusions

• Firewall Traversal is a work in progress in the
  Mobile IP community
• It usually implements the IP Authentication
  Header, IP Encapsulation Security Payload and
  ISAKMP/Oakley for key management
• The general solution can be formulated as
  establishing an encrypted and authenticated
  tunnel between the mobile node and the firewall

72
Summary

• We described a more complicated deployment of
  Mobile IP on individual corporate campus that was
  characterized by placing all publicly accessible
  network jacks outside of the corporations
  firewall
• We also sketched in general a solution for
  firewall traversal using Virtual Private Networks

73
Model for Commercial, Mobile IP service
74
References

• James D. Solomon, Mobile IP The Internet
  Unplugged, Prentice Hall, 1998.
• David B. Johnson. Mobile IP in the Current and
  Future Internet, Tutorial for MobiCom 2000.
• Charles Perkins, Mobile Networking with Mobile
  IP, IEEE Internet Computing, 2(1)58-69,
  January/February 1998.