Skip to Main Content
Seamless roaming over wireless networks is highly desirable to mobile users, but ensuring the security and efficiency of this process is challenging. Although the same may be said for all communication systems, roaming services have special requirements and vulnerabilities, and therefore deserve special attention. Over the years, we have seen a variety of authentication protocols emerging to address this issue. However, which protocol is the most effective is still debatable. In this article, we first identify the challenges unique to roaming services as a set of mandatory and optional requirements. Next, we provide a brief state-of-the-art survey of existing work and point out their limitations in securing roaming services, especially in resistance against denial of service attacks, efficient authentication, flexible roaming in mobile contexts, as well as backward and forward non-linkabilities. To complement the security provided by the existing work, we then propose some mechanisms that can meet the aforementioned security and efficiency requirements. Finally, we present challenges that need to be addressed in roaming authentication.