A Security Architecture for Mobility-Related Services

	       Robert C. Chalmers and Kevin C. Almeroth
		    Department of Computer Science
		       University of California
		     Santa Barbara, CA 93106-5110
		    {robertc,almeroth}@cs.ucsb.edu

 
In future wireless networks, mobility-related services, such as
Candidate Access Router Discovery, will play a significant role in
realizing truly ubiquitous, seamless connectivity. In order for these
services to be realized, however, their particular security concerns
must be addressed. Moreover, the security solution must be flexible
and highly configurable in order to meet the demands of inter-domain
roaming agreements. In this paper, we explore a number of alternatives
and present a general architecture, iARSec, that provides both
authentication as well as explicit authorization for services running
between neighboring access routers.