refs.bib

@Book{accesscontrol,
  author = 	 {Mike Chapple and Bill Ballad and Tricia Ballad and Erin K. Banks},
  ALTeditor = 	 {},
  title = 	 {Access Control, Authentication, and Public Key Infrastructure, Second Edition},
  pages = {411},
  publisher = 	 {Jones and Bartlett Learning},
  year = 	 {2014},
  ISBN = {9781284031591},
  OPTkey = 	 {},
  OPTvolume = 	 {},
  OPTnumber = 	 {},
  OPTseries = 	 {},
  OPTaddress = 	 {},
  OPTedition = 	 {},
  abstract = {Examining the risks, threats, and vulnerabilities prevalent in information systems and IT infrastructures and how to handle them, this book defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs."},
  OPTmonth = 	 {Jul},
  OPTnote = 	 {},
  OPTannote = 	 {}
}

@INPROCEEDINGS{2009-lin-simefficiency,
author={Shen-Ho Lin and Jung-Hui Chiu and Sung-Shiou Shen},
booktitle={INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on},
title={Authentication Schemes Based on the EAP-SIM Mechanism in GSM-WLAN Heterogeneous Mobile Networks},
year={2009},
month={"Aug"},
pages={2089-2094},
abstract={In the architecture of GSM-WLAN interworking, there are drawbacks
related to authentication efficiency for processing loads in the RADIUS server.
Therefore, this paper presents two authentication schemes, based on the EAP-SIM
mechanism, to improve the authentication efficiency by balancing the processing
loads among the RADIUS server and APs. The performance evaluation on the
average authentication session time and the processing time for the
conventional EAP-SIM authentication schemes and the proposed authentication
schemes shows the efficiency improvement of the proposed schemes. It can save
about 19\% authentication processing time for the proposed full authentication,
and about 75\% authentication processing time for the proposed iterative fast
authentication scheme.},
keywords={authorisation;cellular radio;cryptography;mobile communication;network servers;telecommunication security;wireless LAN;EAP-SIM mechanism;GSM-WLAN;RADIUS server;heterogeneous mobile networks;iterative fast authentication scheme;3G mobile communication;Authentication;Data communication;Data security;GSM;Network servers;Radio access networks;WiMAX;Wireless LAN;Wireless networks;Access Point;Authentication;EAP-SIM;GSM-WLAN interworking;RADIUS Server},
doi={10.1109/NCM.2009.259},
}

@Online{draft-behringer-bootstrap,
  ALTauthor = 	 {M. Behringer and M. Pritikin and S. Bjarnason},
  author = 	 {M. Behringer and M. Pritikin and S. Bjarnason},
  ALTeditor = 	 {Network Working Group},
  title = 	 {Bootstrapping Trust on a Homenet},
  ALTyear = 	 {2014},
  ALTdate = 	 {},
  url = 	 {http://tools.ietf.org/id/draft-behringer-homenet-trust-bootstrap-02.txt},
  OPTkey = 	 {behringer-draft-bootstrap},
  OPTsubtitle =  {Internet-Draft},
  OPTtitleaddon = {},
  OPTlanguage =  {},
  OPTversion = 	 {2},
  OPTnote = 	 {},
  OPTorganization = {Cisco},
  OPTdate = 	 {},
  OPTmonth = 	 {},
  OPTyear = 	 {2014},
  OPTaddendum =  {},
  OPTpubstate =  {},
  OPTurldate = 	 {2014/12/12},
  OPTannote = 	 {}
}

@article{2014-beyondcorp,
title = {BeyondCorp: A New Approach to Enterprise Security},
author  = {Rory Ward and Betsy Beyer},
year  = 2014,
publisher={USENIX},
journal = {;login:},
pages = {6--11},
volume  = {39, No. 6},
OPTNumber ={6},
url = {http://static.googleusercontent.com/media/research.google.com/fi//pubs/archive/43231.pdf},
}


@book{radiusbook,
  author = 	 {Jonathan Hassell},
  ALTeditor = 	 {},
  title = 	 {RADIUS},
  publisher = 	 {O'Reilly},
  year = 	 {2002},
  month = 	 {Oct},
  pages = {208},
  ISBN = {978-0-596-00322-7},
  OPTkey = 	 {},
  OPTvolume = 	 {},
  OPTnumber = 	 {},
  OPTseries = 	 {},
  OPTaddress = 	 {},
  OPTedition = 	 {},
  OPTmonth = 	 {Oct},
  OPTnote = 	 {},
  OPTannote = 	 {}
}
@book{lockandkeybook,
  author = 	 {William R. Parkhurst},
  ALTeditor = 	 {},
  title = 	 {Cisco router {OSPF}},
  publisher = 	 {McGraw-Hill},
  year = 	 {1998},
  pages = {340},
  ISBN = {0-07-048626-3},
  OPTkey = 	 {},
  OPTvolume = 	 {},
  OPTnumber = 	 {},
  OPTseries = 	 {},
  OPTaddress = 	 {},
  OPTedition = 	 {},
  OPTnote = 	 {},
  OPTannote = 	 {}
}
@Book{aaa-nakhjiri2005,
  author = 	 {Madjid Nakhjiri and Mahsa Nakhjiri},
  ALTeditor = 	 {},
  title = 	 {{AAA} and Network Security for Mobile Access - Radius, Diameter, {EAP}, {PKI} and {IP} Mobility},
  publisher = 	 {Wiley},
  year = 	 {2005},
  ISBN = {0-470-01194-7},
  OPTkey = 	 {},
  OPTvolume = 	 {},
  OPTnumber = 	 {},
  OPTseries = 	 {},
  OPTaddress = 	 {},
  OPTedition = 	 {},
  OPTmonth = 	 {},
  OPTnote = 	 {},
  OPTannote = 	 {}
}

@article{diameter,
	author = {Sriharsha, C. and Sandhya, S.},
	title = {ROLE OF {DIAMETER} STACK PROTOCOL IN {IMS} NETWORK ARCHITECTURE},
	journal = {IJITR},
	volume = {3},
	number = {3},
	year = {2015},
	keywords = {Request For Comments (RFC-6733); RADIUS; DIAMETER; LTE; IMS;  3GPP;},
	abstract = {In Next Generation Mobile Network Architecture DIAMETER
protocol plays a crucial role in providing Authentication, Authorization, and
Accounting (AAA) services with end to end security. Internet Engineering Task
Force (IETF) and Third Generation Partnership Project (3GPP) developed advanced
protocol called DIAMETER (Successor of remote authentication dial in user
service (RADIUS)) in Long Term Evolution (LTE/4G) or 4th Generation 4G
networks. DIAMETER protocol is used to provide higher data rates and increased
throughput in the network for mobility management under roaming situations in
LTE network architecture.  This paper provides the brief analysis of DIAMETER
protocol framework and our experimental results shows higher performance under
high load conditions. Such framework for applications(Gx, S6a, Sd) will provide
the AAA services and IP mobility even in roaming situations.}, 
	issn = {2320–5547},
	url = {http://ijitr.com/index.php/ojs/article/view/642}
}
@article{diffie1976new,
  title={New directions in cryptography},
  author={Diffie, Whitfield and Hellman, Martin E},
  journal={Information Theory, IEEE Transactions on},
  volume={22},
  number={6},
  pages={644--654},
  year={1976},
  publisher={IEEE}
}
@Online{rfc7368,
  Author = 	 {J. Arkko and A. Brandt and O. Troan and J. Weil},
  ALTeditor = 	 {T. Chown},
  title = 	 {"{IPv6} Home Networking Architecture Principles"},
  year = 	 {2014},
  month = 	 {Oct},
  ALTdate = 	 {},
  url = 	 {https://datatracker.ietf.org/doc/rfc7368/},
  OPTsubtitle =  {Informational},
}
@TechReport{ gba2014,
  author = 	 {},
  title = 	 {Generic {A}uthentication {A}rchitecture ({GAA}); {G}eneric {B}ootstrapping {A}rchitecture ({GBA}). {TS} 33.220},
  institution =  {3GPP},
  year = 	 {2014},
  OPTkey = 	 {GBA},
  OPTtype = 	 {},
  OPTnumber = 	 {},
  OPTaddress = 	 {},
  OPTmonth = 	 {},
  OPTnote = 	 {},
  OPTannote = 	 {}
}

@phdthesis{hav-doc,
  author = 	 {Haverinen, Henry},
    title={Interworking Between Wireless {LAN} and {GSM/UMTS} Cellular Networks: Network Access Control, Mobility Management and Security Considerations},
  school = 	 {Tampere University of Technology},
  publisher={Tampere University of Technology},
  isbn = {952-15-1267-9},
  issn = {1459.2045; 508},
  year = 	 {2004},
  OPTkey = 	 {},
  OPTtype = 	 {},
  OPTaddress = 	 {},
  OPTmonth = 	 {},
  OPTnote = 	 {},
  OPTannote = 	 {}
}

@ARTICLE{ahmavaara, 
author={Ahmavaara, K. and Haverinen, H. and Pichna, R.}, 
journal={Communications Magazine, IEEE}, 
title={Interworking architecture between {3GPP} and {WLAN} systems}, 
year={2003}, 
month={Nov}, 
volume={41}, 
number={11}, 
pages={74-81}, 
abstract={The Third Generation Partnership Project has recently taken the
	initiative to develop a cellular-WLAN interworking architecture as an
		add-on to the 3GPP cellular system specifications. The article
		presents an overall view on an interworking architecture, which
		enables provisioning by mobile operators of a public WLAN
		access service for 3GPP system subscribers. The enabling
		functionalities include the reuse of 3GPP subscription, network
		selection, 3GPP system-based authentication, authorization and
		security key agreement using SIM/USIM card, user data routing
		and service access, as well as end user charging. The
		interworking functionalities are achieved without setting any
		3GPP specific requirements for the actual WLAN access systems,
	but relying on the existing functionality available in a typical WLAN
		access network based on IEEE 802.11 standards.}, 

keywords={3G mobile communication;authorisation;cellular
	radio;cryptography;internetworking;invoicing;message
		authentication;security of
		data;standardisation;telecommunication security;wireless
		LAN;3GPP cellular system specifications;3GPP subscription;IEEE
		802.11 standard;SIM card;Third Generation Partnership
		Project;access
		network;authentication;authorization;cellular-WLAN interworking
		architecture;end user charging;network selection;security key
		agreement;service access;user data routing;3G mobile
		communication;Access control;Authentication;Authorization;Land
		mobile radio cellular
		systems;Routing;Standardization;Subscriptions;Wireless
		LAN;Writing}, 

doi={10.1109/MCOM.2003.1244926}, 
ISSN={0163-6804},}

@inproceedings{hidden-wlan,
 author = {Lindqvist, Janne and Aura, Tuomas and Danezis, George and Koponen, Teemu and Myllyniemi, Annu and M\"{a}ki, Jussi and Roe, Michael},
 title = {Privacy-preserving 802.11 Access-point Discovery},
 booktitle = {Proceedings of the Second ACM Conference on Wireless Network Security},
 series = {WiSec '09},
 year = {2009},
 isbn = {978-1-60558-460-7},
 location = {Zurich, Switzerland},
 pages = {123--130},
 numpages = {8},
 url = {http://doi.acm.org/10.1145/1514274.1514293},
 doi = {10.1145/1514274.1514293},
 acmid = {1514293},
 publisher = {ACM},
 address = {New York, NY, USA},
 keywords = {access-point discovery, ieee 802.11, privacy, wlan},
} 

@misc{homenet-charter,
	author="homenet WG",
	title="Home Networking",
	url="http://datatracker.ietf.org/doc/charter-ietf-homenet/",
	publisher="IETF",
	year="2011",
	month="Jul",
}	
@inproceedings{silverajan2015collaborative,
  title={Collaborative cloud-based management of home networks},
  author={Silverajan, Bilhanan and Luoma, Juha-Pekka and Vajaranta, Markku and
Itäpuro, Riku}, 
  booktitle={Integrated Network Management (IM), 2015 IFIP/IEEE International
Symposium on}, 
  pages={786--789},
  year={2015},
  organization={IEEE}
}

@Article{imsi,
  author = 	 {Per Anders Johansen and Andreas Bakke Foss (Aftenposten)},
  title = 	 {Stortinget og statsministeren overvåkes},
  journal = 	 {Aftenposten (Norway)},
  year = 	 {2014},
  OPTkey = 	 {imsi-catcher},
  urldate = {2015-04-09},
  OPTmonth = 	 {Dec},
url={http://mm.aftenposten.no/stortinget-og-statsministeren-overvakes/},
  note="Visited April 2015",
  OPTannote = 	 {}
}

@article(14848CBDC1D8B7A0,
title={Partner of {NSA} leaks journalist held for 9 hours},
key={NSA}
year={August 19, 2013},
journal={Bangkok Post (Thailand)},
ISSN={0125-0337},
)

@Article{imsi-heise,
urldate={2015-04-25},
note="Visited April 2015",
year =2014,
month ="Aug",
journal="C't",
url={http://heise.de/-2303215},
title ="Digitale {Selbstverteidigung} mit dem {IMSI-Catcher-Catcher}",
author="Daniel AJ Sokolov",
}
@misc{malinen-pcsc-2011,
author={Jouni Malinen},
title={"Re: EAP-SIM with no SIM Card"},
date="2011-11-03",
url="http://marc.info/?l=hostap&m=132033300807104"
urldate = {2015-10-25},
}

@article{xie2013fast,
  title={Fast Collision Attack on {MD5}.},
  author={Xie, Tao and Liu, Fanbao and Feng, Dengguo},
  journal={IACR Cryptology ePrint Archive},
  volume={2013},
  pages={170},
  year={2013},
  publisher={Citeseer}
}

@Book{ipmobile,
  author = 	 {Mark Grayson and Kevin Shatzkamer and Scott Wainner},
  ALTeditor = 	 {},
  title = 	 {IP Design for Mobile Networks},
  publisher = 	 {Cisco Press},
  year = 	 {2009},
  ISBN = {978-1-587-05826-4},
  OPTkey = 	 {},
  OPTvolume = 	 {},
  OPTnumber = 	 {},
  OPTseries = 	 {},
  OPTaddress = 	 {},
  OPTedition = 	 {},
  OPTmonth = 	 {Jun},
  OPTnote = 	 {},
  OPTannote = 	 {}
}
@article{netconf,
  title={Network Configuration Protocol (NETCONF)},
  key={netconf}
  author={},
  journal={},
  year={2011},
}
@misc{peap,
author="Ashwin Palekar and  Dan Simon and  Joe Salowey and Hou Zhou and Glen Zorn and S. Josefsson",
title={Protected EAP Protocol (PEAP) Version 2},
publisher={IETF},
url={http://tools.ietf.org/id/draft-josefsson-pppext-eap-tls-eap-10.txt},
year=2004,
month={Oct},
}@article{pereniguez10,
        author={F. Pereniguez and G. Kambourakis and R. Marin-Lopez and S. Gritzalis and A. F. Gomez},
        year={2010},
        month={9/1},
        title={Privacy-enhanced fast re-authentication for EAP-based next generation network},
        journal={Computer Communications},
        volume={33},
        number={14},
        pages={1682-1694},
        abstract={In next generation networks one of the most challenging issues is the definition of seamless and secure handoffs in order to assure service continuity. In general, researchers agree on the use of EAP as an authentication framework independent of the underlying technology. To date, efforts have focused on optimizing the authentication process itself, leaving out other relevant but sometimes important aspects like privacy. In this paper we present a solution that provides a lightweight authentication process while preserving user anonymity at the same time. The goal is to define a multi-layered pseudonym architecture that does not affect the fast re-authentication procedure and that allows a user to be untraceable. Taking as reference our previous work in fast re-authentication, we describe the extensions required to support identity privacy. Moreover, results collected from an implemented prototype, reveal that the proposed privacy-enhanced fast re-authentication scheme is attainable without significant cost in terms of performance in 4G foreseeable environments.},
        keywords={EAP; Fast re-authentication; Next generation networks; Privacy; Seamless handoff},
        isbn={0140-3664}
}

@techreport{draft-pritikin-bootstrap,
  ALTauthor = 	 {M. Pritikin and M. Behringer and S. Bjarnason},
  Author = 	 {M. Pritikin and M. Behringer and S. Bjarnason},
  ALTeditor = 	 {Network Working Group},
  editor = 	 {Network Working Group},
  title = 	 {Bootstrapping Key Infrastructures},
  ALTyear = 	 {2014},
  year = 	 {2014},
  ALTdate = 	 {},
  url = 	 {http://tools.ietf.org/id/draft-pritikin-bootstrapping-keyinfrastructures-01},
  OPTkey = 	 {draft-pritikin-bootstrap},
  OPTsubtitle =  {Internet-Draft},
  subtitle =  {Internet-Draft},
  OPTtitleaddon = {draft-pritikin-bootstrapping-keyinfrastructures-01},
  OPTlanguage =  {},
  OPTversion = 	 {1},
  version = 	 {1},
  OPTnote = 	 {},
  OPTorganization = {Cisco},
  OPTdate = 	 {26},
  OPTmonth = 	 {Sep},
  OPTyear = 	 {2014},
  OPTaddendum =  {},
  OPTpubstate =  {},
  OPTurldate = 	 {2014/12/20},
  OPTannote = 	 {"using vendor installed {IEEE 802.1AR} manufacturing installed certificates"},
  note = "Accessed: 2015-02-04",
}

@incollection{radius-popular,
title = {Chapter 3 - Communication Security: Remote Access and Messaging},
editor = "Dubrawsky, Ido",
key = "Dubrawsky",
booktitle = "How to Cheat at Securing Your Network ",
publisher = "Syngress",
edition = "",
address = "Burlington",
year = "2007",
pages = "65 - 104,75",
series = "How to Cheat",
isbn = "978-1-59749-231-7",
doi = "http://dx.doi.org/10.1016/B978-159749231-7.50006-X",
key = "tagkey200765",
abstract = "Publisher Summary With the advent of high-speed Internet, securing remote access technologies has become a greater focus for security professional
s. Security professionals are tasked with providing confidentiality, integrity, and availability to information passing over public and private networks. Vend
ors ship virtual private network (VPN) clients as part of operating systems (OSs) or as free downloads, and even Personal Digital Assistant (PDA) devices enab
le the use of \{VPN\} and Terminal Services software. In terms of network security, there are three methods of passing communications to a centralized network
: on-site connection to the local network, remote access, and messaging. Remote Access Servers (RAS), Network Access Servers (NAS), VPNs, authentication serve
rs such as RADIUS, TACACS, and TACACS+, and other technologies have been designed to keep out unauthorized users, but channeling these wirelessly and over ope
n air is a completely different thing. \{VPNs\} use secure tunnels to allow remote users to connect to a network. \{IPSec\} is “a framework of open standards 
for ensuring private, secure communications over \{IP\} networks, through the use of cryptographic security services.” The 802.1x standard is used for securin
g the transfer of messages between a user and an access point. Secure Shell consists of both a client and server that use public-key cryptography to provide s
ession encryption. It provides the ability to forward arbitrary ports over an encrypted connection. Security professionals have to find the balance between of
fering users the ability to work from remote locations and ensuring that the network is protected. "
}
% url = "http://www.sciencedirect.com/science/article/pii/B978159749231750006X",
@misc{rfc2607,
  author="B. Aboba and J. Vollbrecht",
  title="{Proxy Chaining and Policy Implementation in Roaming}",
  series="Request for Comments",
  number="2607",
  howpublished="RFC 2607 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=1999,
  month=jun,
}

@misc{rfc2865,
  author="C. Rigney and S. Willens and A. Rubens and W. Simpson",
  title="{Remote Authentication Dial In User Service (RADIUS)}",
  series="Request for Comments",
  number="2865",
  howpublished="RFC 2865 (Draft Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2000,
  month=jun,
    note="Updated by RFCs 2868, 3575, 5080, 6929",
}


@misc{rfc3748,
  author="B. Aboba and L. Blunk and J. Vollbrecht and J. Carlson and H. Levkowetz",
  title="{Extensible Authentication Protocol (EAP)}",
  series="Request for Comments",
  number="3748",
  howpublished="RFC 3748 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2004,
  month=jun,
    note="Updated by RFC 5247",
}

@misc{rfc5247,
  author="B. Aboba and D. Simon and P. Eronen",
  title="{Extensible Authentication Protocol (EAP) Key Management Framework}",
  series="Request for Comments",
  number="5247",
  howpublished="RFC 5247 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2008,
  month=aug,
}




@misc{rfc4186,
  author="H. Haverinen and J. Salowey",
  title="{Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM)}",
  series="Request for Comments",
  number="4186",
  howpublished="RFC 4186 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2006,
  month=jan,
}

@misc{rfc4187,
  author="J. Arkko and H. Haverinen",
  title="{Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)}",
  series="Request for Comments",
  number="4187",
  howpublished="RFC 4187 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2006,
  month=jan,
    note="Updated by RFC 5448",
}

@misc{rfc5448,
  author="J. Arkko and V. Lehtovirta and P. Eronen",
  title="Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement ({EAP-AKA'})",
  series="Request for Comments",
  number="5448",
  howpublished="RFC 5448 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2009,
  month=may,
}
@misc{rfc5080,
  author="D. Nelson and A. DeKok",
  title="{Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes}",
  series="Request for Comments",
  number="5080",
  howpublished="RFC 5080 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2007,
  month=dec,
}

@misc{rfc5176,
  author="M. Chiba and G. Dommety and M. Eklund and D. Mitton and B. Aboba",
  title="{Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)}",
  series="Request for Comments",
  number="5176",
  howpublished="RFC 5176 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2008,
  month=jan,
}



@misc{rfc5608,
  author="K. Narayan and D. Nelson",
  title="{Remote Authentication Dial-In User Service (RADIUS) Usage for Simple Network Management Protocol (SNMP) Transport Models}",
  series="Request for Comments",
  number="5608",
  howpublished="RFC 5608 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2009,
  month=aug,
}
@misc{rfc6151,
  author="S. Turner and L. Chen",
  title="{Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms}",
  series="Request for Comments",
  number="6151",
  howpublished="RFC 6151 (Informational)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2011,
  month=mar,
}
@misc{rfc6206,
  author="P. Levis and T. Clausen and J. Hui and O. Gnawali and J. Ko",
  title="{The Trickle Algorithm}",
  series="Request for Comments",
  number="6206",
  howpublished="RFC 6206 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2011,
  month=mar,
}
@misc{rfc6241,
  author="R. Enns and M. Bjorklund and J. Schoenwaelder and A. Bierman",
  title="{Network Configuration Protocol (NETCONF)}",
  series="Request for Comments",
  number="6241",
  howpublished="RFC 6241 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2011,
  month=jun,
}

@misc{rfc6614,
  author="S. Winter and M. McCauley and S. Venaas and K. Wierenga",
  title="{Transport Layer Security (TLS) Encryption for RADIUS}",
  series="Request for Comments",
  number="6614",
  howpublished="RFC 6614 (Experimental)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2012,
  month=may,
}

@misc{rfc6677,
  author="S. Hartman and T. Clancy and K. Hoeper",
  title="{Channel-Binding Support for Extensible Authentication Protocol (EAP) Methods}",
  series="Request for Comments",
  number="6677",
  howpublished="RFC 6677 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2012,
  month=jul,
}

@misc{rfc6929,	
  author="A. DeKok and A. Lior",
  title="{{Remote Authentication Dial In User Service (RADIUS) Protocol Extensions}}",
  series="Request for Comments",
  number="6929",
  howpublished="RFC 6929 (Proposed Standard)",
  publisher="IETF",
  organization="Internet Engineering Task Force",
  year=2013,
  month=apr,
}
@article{patel-sim,
title = {Analysis of {EAM}-{SIM}  session key agreement},
author = "Sarvar Patel",
abstract ="EAP-SIM specifies a mechanism for mutual authentication and session
	key agreement using the GSM-SIM and by proposing enhancement to the GSM
	authentication procedures. Unfortunately, as we show it does not
	succeed in its goal of providing 128 bit security from the current 64
	bit security of GSM. Furthermore, it does not provide session
	independence between different sessions. For the first problem, we are
	able to provide solutions, but the second problem does not seem
	solvable in practice",
url="https://www.ietf.org/proceedings/57/slides/eap-11.pdf",
journal = ""
year = "2003",
issn = "",
keywords = "Wireless \{LAN\}",
keywords = "Cellular network",
keywords = "Authentication",
keywords = "\{EAP\}",
}

@INPROCEEDINGS{tr069rachidi2011,
author={Rachidi, H. and Karmouch, A.},
booktitle={Multimedia Computing and Systems (ICMCS), 2011 International Conference on},
title={A framework for self-configuring devices using TR-069},
year={2011},
month={April},
pages={1-6},
abstract={Communication network technologies have been evolving extensively in the late decades. The innovations brought in the domain increase the network capabilities and open new horizons to creating novel services. In today's heterogeneous environment, service management has become an everyday challenge to service providers. Important efforts have been deployed to innovate in the exploitation of devices in restricted area networks such as the Home Area Network (HAN). In this paper, we propose a framework for self-configuration of devices within the HAN. We propose a self-configuration architecture based on the IBM MAPE-K autonomic control loop. We make use of the Broadband forum CPE WAN Management Protocol (CWMP), also known as TR-069, in the implementation of our architecture to support the applicability. A video sharing and streaming scenario is implemented and used to evaluate our framework.},
keywords={computer network management;local area networks;protocols;video streaming;wide area networks;CWMP;HAN;IBM MAPE-K autonomic control loop;TR-069;broadband forum CPE WAN management protocol;communication network technology;home area network;network capability;restricted area networks;self-configuration architecture;self-configuring device;service management;service providers;video sharing;video streaming;Computer architecture;Monitoring;Ontologies;Performance evaluation;Planning;Protocols;Servers;CWMP;Device Self-configuration;IBM MAPE-K;TR-069;autonomic control loop},
doi={10.1109/ICMCS.2011.5945613},
ISSN={Pending},}

@ARTICLE{iptvtr069,
author={Wey, J.S. and Luken, J. and Heiles, J.},
journal={Internet Computing, IEEE},
title={Standardization Activities for {IPTV} Set-Top Box Remote Management},
year={2009},
month={May},
volume={13},
number={3},
pages={32-39},
abstract={IPTV services are gaining widespread use, requiring service providers to have effective methods for remotely configuring and managing IPTV set-top boxes (STBs). Solutions for such remote management are becoming standards-based. This article examines published specifications and ongoing activities on IPTV STB remote management in four standards organizations: the Broadband Forum, the Digital Video Broadcasting Project, the Open IPTV Forum, and the Alliance for Telecommunication Industry Solutions IPTV Interoperability Forum. The authors compare the protocol and data model definitions, investigate interoperability test events, and comment on possible future directions for standardization.},
keywords={IPTV;digital video broadcasting;open systems;standardisation;telecommunication network management;Alliance for Telecommunications Industry Solutions IPTV Interoperability Forum;Broadband Forum;Digital Video Broadcasting Project;IPTV set-top box remote management;Open IPTV Forum;interoperability test events;standardization activities;Communication industry;Data models;Digital video broadcasting;IPTV;Project management;Protocols;Standardization;Standards organizations;Testing;US Department of Transportation;IPTV;remote management;set-top box},
doi={10.1109/MIC.2009.69},
ISSN={1089-7801},}

@article{tseng-usim,
title = "{USIM-based EAP-TLS} authentication protocol for wireless local area networks ",
journal = "Computer Standards \& Interfaces ",
volume = "31",
number = "1",
pages = "128 - 136",
year = "2009",
note = "",
issn = "0920-5489",
doi = "http://dx.doi.org/10.1016/j.csi.2007.11.014",
url = "http://www.sciencedirect.com/science/article/pii/S0920548907001213",
author = "Yuh-Min Tseng",
keywords = "Wireless \{LAN\}",
keywords = "Cellular network",
keywords = "Authentication",
keywords = "\{EAP\}",
keywords = "\{USIM\} ",
abstract = "Due to the rapid growth in popularity of Wireless Local Area
	Network (WLAN), wireless security has become one of many important
	research issues. For the \{WLAN\} security, the \{IEEE\} 802.1X
	standard provides an authentication framework that is based on the
	Extensible Authentication Protocols (EAP). In the \{EAP\} framework,
there are many authentication protocols that have been proposed, in which each
	authentication protocol has some strengths and weaknesses,
respectively. Most \{EAP\} authentication protocols lack two features: identity
	protection and withstanding man-in-the-middle attacks. In this paper,
we first propose a novel symmetric-key based certificate distribution scheme
	based on Universal Subscriber Identity Module (USIM) cards in a
	cellular network. The symmetric-key based certificate distribution
	scheme allows mobile subscribers to obtain temporary certificates from
	the corresponding cellular network. Combining the proposed certificate
	distribution scheme with the EAP-TLS (Transport Layer Security)
	protocol, we present a new \{EAP\} authentication protocol called
	USIM-based \{EAP\} authentication protocol. The new \{EAP\}
authentication protocol combining with \{USIM\} cards is an extension of the
	EAP-TLS protocol and also follows the \{EAP\} framework in the \{IEEE\}
802.1X standard. Compared to other \{EAP\} authentication protocols, the
	proposed protocol provides mutual authentication, strong identity
	protection and roaming capability between the cellular network and the
	\{WLAN\} networks. "

}

@misc{swisscom,
 title={Kostenfalle für {Swisscom}-{Kunden}},
  note = {Accessed: 2015-05-04},
url="http://www.srf.ch/konsum/themen/multimedia/kostenfalle-fuer-swisscom-kunden",
  urldate = {2012-03-13},
  author={Flurin Maissen},
}

@misc{wireshark-capture,
author={{Wireshark community}},
title={{WLAN (IEEE802.11)} capture setup},
url="https://wiki.wireshark.org/CaptureSetup/WLAN",
urldate = {2015-04-20},
}

@misc{imsi-tmsi,
author={Bart Barton},
title={{IMSI}, {TMSI} and {GUTI} - how they are created},
note={Accessed: 2015-03-20},
url="http://www.lteandbeyond.com/2012/02/imsi-tmsi-and-guti-how-they-are-created.html",
urldate={2015-02-02},
}

@misc{uninett-radproxy,
author={S. Venaas},
title={radsecproxy},
note={Accessed: 2015-04-22},
url="https://software.uninett.no/radsecproxy",
urldate={2015-04-22},
}

@misc{hostapd,
author={Jouni Malinen},
title={Linux {WPA/WPA2/IEEE} {802.1X} {Supplicant}},
note={Accessed: 2015-05-07},
url="http://w1.fi/wpa_supplicant/",
urldate={2015-05-07},
}

@misc{moonshot,
 title={{EAP} - {Moonshot} {Wiki} },
 key = {moonshot},
  note = {Accessed: 2015-05-10},
url="https://wiki.moonshot.ja.net/display/Moonshot/EAP#EAP-HowMoonshotusesEAP",
  urldate = {2015-05-10},
  OPTauthor = 	 {}, 
}
@misc{8021X,
editor ={Mick Seaman},
year = {2010},
mon = {Feb},
publisher = "{IEEE}",
author ={{IEEE}},
note = {Accessed: 2015-05-10},
title={{IEEE 802.1: 802.1X-2010} - {Revision of 802.1X-2004}},
url={http://www.ieee802.org/1/pages/802.1x-2010.html},
urldate={2015-05-10},
}

@misc{ccc,
url ={https://events.ccc.de/congress/2011/wiki/GSM},
urldate={2015-05-10},
key ={GSM},
note = {Accessed: 2015-05-10},
title={{GSM - 28C3} public wiki},
}

@misc{smartjac-testsim,
url ={http://www.smartjac.biz/webstore/samples-to-order/smartjac-test-sim-configurable-options},
urldate={2015-05-10},
note = {Accessed: 2015-05-10},
title={Smartjac {TEST (U)SIM} card webshop},
key={Smartjac},
}
@misc{sim-support,
url= {http://www.ida.gov.sg/Infocomm-Landscape/Infrastructure/Wireless/Wireless-at-SG/For-Consumer/SIM-based-Connection-Guide},
author={ {Infocomm Development Authority of Singapore}},
title={{SIM-based} Connection Guide},
urldate={2015-05-10},
note = {Accessed: 2015-05-10},
}

@misc{freeradius2,
url= {https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_eap/libeap/comp128.c},
author={Alan DeKok},
title={{COMP128} implementation in {FreeRADIUS}},
urldate={2015-05-10},
note={Accessed: 2015-05-10},
}
@misc{jericho2004,
	url={https://collaboration.opengroup.org/projects/jericho/},
	title="The Jericho Work Group",
	author="Jericho WG",
	organization="OpenGroup",
	publisher={OpenGroup},
	urldate={2015-08-15},
	note={Accessed: 2015-08-16},
}
@misc{aimcid,
        url={https://github.com/SecUpwN/Android-IMSI-Catcher-Detector/wiki},
        organization={AIMCID-community},
        urldate={2015-09-02},
        note={Accessed: 2015-09-02},
}
@misc{wba-ngh,
	url={http://www.wballiance.com/key-activites/next-generation-hotspot/},
	organization={{Wireless} {Broadband} {Alliance}},
	urldate={2015-09-04},
        note={Accessed: 2015-09-04},
}
@misc{aimcid,
        url={https://github.com/SecUpwN/Android-IMSI-Catcher-Detector/wiki},
        organization={AIMCID-community},
        urldate={2015-09-02},
        note={Accessed: 2015-09-02},
}

@article{er-seamless,
	title ={Achieving carrier-grade {Wi-Fi} in the {3GPP} world},
	url={http://www.ericsson.com/res/thecompany/docs/publications/ericsson_review/2012/er-seamless-wi-fi-roaming.pdf},
	author={Stephen Rayment and Joakim Bergström},
	journal = "Ericsson Review",
        urldate={2015-05-05},
	year={2012},
        note={Accessed: 2015-05-05},
	organization={Ericsson},
}
@misc{SANS-bluetooth-2007,
	title={"{I} {Can} {Hear} {You} {Now} - {Eavesdropping} on {Bluetooth} {Headsets}},
        url={http://www.willhackforsushi.com/presentations/icanhearyounow-sansns2007.pdf},
        organization={SANS},
	year= {2007},
        urldate={2015-10-03},
        note={Accessed: 2015-10-03},
	author ="Joshua Wright",
}