Security of Internet Location Management

In the Mobile IPv6 protocol, the mobile node sends binding updates to its correspondents to inform them about its current location. It is well-known that the origin of this location information must be authenticated. This paper discusses several threats created by location management that go beyond unauthentic location data. In particular, the attacker can redirect data to bomb third parties and induce unnecessary authentication. We introduce and analyze protection mechanisms with focus on ones that work for all Internet nodes and do not need a PKI or other new security infrastructure. Our threat analysis and assessment of the defense mechanisms formed the basis for the design of a secure location management protocol for Mobile IPv6. Many of the same threats should be considered when designing any location management mechanism for open networks.