An IPSec-aware TCP PEP for integrated mobile satellite networks

Abstract

Mobile computing and security in Internet have become two of the most important challenges in the information technology world. Among wireless technologies which support user mobility, satellites will play a very important role. Unfortunately, TCP does not perform well on satellite channels because of the related high delay-bandwidth product, high bit error rate (BER) and burst errors mainly due to shadowing. In order to obtain improvements in TCP performance, an approach local to the satellite link could be adopted. In fact, recently, some studies showed the effectiveness of the use of a reliable data link protocol that is well suited to mobile geo-stationary satellite channel characteristics. However, the resultant more variable end-to-end delay causes, as a side effect, a new problem: the competition between retransmission mechanisms at transport layer and data link layer. The introduction of a suitable performance enhancing proxy (PEP) on the satellite gateway has proved to be a viable technique to face the problem. However, the compatibility with the usage of network layer security mechanisms, such as IPSec, should be pursued. This paper just deals with the definition of an IPSec-aware TCP PEP, called secure PEP (SPEP), that is completely transparent to IPSec architecture. The performances of SPEP have been validated in the context of Web application by using network simulator tool. The simulation results, in terms of Web-page download mean time, have shown that the proposed solution provides substantial improvements in TCP performance.