Published online by Cambridge University Press: 06 July 2010
After the wireless terminal has successfully obtained network access at the link layer, the next step is to obtain an IP address, last hop router address, and other parameters that allow the terminal to obtain routing service at the network layer. In turn, the last hop router uses address resolution to map the IP address of the wireless terminal to its link layer address so packets can be delivered from the Internet to the wireless terminal. Local IP subnet configuration and address resolution have a separate set of security issues that are independent from network access authentication. Even if a terminal is authenticated as a legitimate user and is authorized for service at the link layer by network access control, a rogue terminal can launch attacks on the local IP subnet configuration and address resolution processes of other terminals if these processes are not adequately secured.
In this chapter, we discuss the security of local IP subnet configuration and address resolution. After a short look at the impact of the Internet routing and addressing architecture on mobility and how that relates to local IP subnet configuration and address resolution, we briefly review the protocols for local IP subnet configuration and address resolution in IP networks, both for IPv4 and IPv6. We then discuss threats to the local IP subnet configuration and address resolution processes. We develop a functional architecture for IP subnet configuration and address resolution security based on the threat analysis and the existing protocols.