摘要 |
<p>Various security mechanisms may be used independently, or in combination with one another, to authenticate the identity of a node during the Mobile IP registration process. First, an Access Point receiving a packet from a node verifies that the source MAC address identified in the packet is in the Access Point's client association table. In addition, as a second mechanism, the Access Point ensures that a one-to-one mapping exists for the source MAC address and source IP address identified in the packet in a mapping table maintained by the Access Point. As a third mechanism, a binding is not modified in the mobility binding table maintained by the Home Agent unless there is a one-to-one mapping in the mobility binding table between the source MAC address and the source IP address. Similarly, the Foreign Agent may also maintain a mapping between the source IP address and the source MAC address in its visitor table to ensure a one-to-one mapping between a source IP address and the associated MAC address.</p> |