NTMobile (Network Traversal with Mobility) has been proposed to achieve end-to-end encryption communication supporting IP mobility in environments where IPv4/IPv6 networks coexist. However, since NTMobile unconditionally establishes an encrypted User Datagram Protocol (UDP) tunnel between NTMobile-ready nodes (NTM nodes), a malicious NTM node can attack a target NTM node through the encrypted UDP tunnel without being detected by a firewall. Moreover, since communication with a general server always passes through a relay server (RS), the route becomes redundant even when IP mobility is not needed, and the communication delay increases. In order to solve these problems, this paper proposes an access control function using the name of the correspondent node and a Route option that can select whether the RS is used or not. As a result of implementation of the prototype system and evaluation of its performance, it was confirmed that the increase of the start-up time and that of the overhead at the beginning of the communication were quite small, and there was little influence on practical use.

• 出版日期2018-5