A Kerberized Architecture for Fast Re-authentication in Heterogeneous Wireless Networks

In this paper we present an architecture for fast re-authentication, based on the use of the Kerberos protocol, which allows the reduction in the latency introduced for an authentication process based on the Extensible Authentication Protocol (EAP) when providing network access in mobile networks. The architecture supports two modes of operation, proactive and reactive, to reduce the latency added for the authentication processes which is required when a mobile user changes network points of attachment. Moreover, we provide implementation details on a representative wireless testbed and obtain experimental results from the testbed. Those results are used for simulations to evaluate the performance of the proposed architecture for different deployment scenarios and parameters. We also provide a mathematical analysis to compute authentication delay and validate the simulation results. Performance comparison based on the experiment, simulation and analysis show that the proposed architecture can reduce the authentication delay, compared to other alternatives in typical deployment scenarios.