CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI.

Slides:

Advertisements

Similar presentations

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.

Advertisements

© 2003, Cisco Systems, Inc. All rights reserved..

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

COSC 541 Data and Computer Communications IPV6 OVERVIEW Professor:Mort Anvari Student: Fuqiang Chen Student ID: Date:Mar

DHCP -Ameeta and Haripriya -cmsc 691x. DHCP ► Dynamic Host Configuration Protocol ► It controls vital networking parameters of hosts with the help of.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.

12/2/2003chow1 Network and System Support for Multi-Level Security C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs.

COS 420 Day 15. Agenda Assignment 3 Due Assignment 4 Posted Chap Due April 6 Individual Project Presentations Due IEPREP - Jeff MANETS - Donnie.

Investigations into BIND Dynamic Update with OpenSSL by David Wilkinson.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

APACHE SERVER By Innovationframes.com »

Automatic Router Configuration Protocol (ARCP) v1.1, 18 Nov Jeb Linton, EarthLink

Host Identity Protocol

Linux Operations and Administration

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.

Operating Systems Operating System

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.

IPv6 Address autoconfiguration stateless & stateful.

© 2008 Cisco Systems, Inc. All rights reserved.CIPT1 v6.0—4-1 Enabling Single-Site On-Net Calling Implementing MGCP Gateways in Cisco Unified Communications.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

Lightweight 4over6 Interop Test Report Yuchi Chen,Qiong Sun IETF 85, Atlanta, Nov

KIS – Cvičenie #5 IP konfigurácia v prostredí OS Windows Marián Beszédeš, B506

Cloud computing for internet emulator. Professor Muthucumaru Maheswaran Team Members Mia Hochar Simon Foucher David El Achkar David El Achkar Marc Atie.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Dynamic Host Configuration Protocol Engr. Mehran Mamonai.

Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81

The PROXIDOR Service draft-akonjang-alto-proxidor-00.txt S. Previdi O. Akonjang A. Feldmann

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.

802.11n Sniffer Design Overview Vladislav Mordohovich Igor Shtarev Luba Brouk.

SEND Linux Implementation Report Jonathan Wood DoCoMo USA Labs IETF 58 November 2003.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

Guide to Linux Installation and Administration, 2e1 Chapter 11 Using Advanced Administration Techniques.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Configuring and Testing Your Network Network Fundamentals – Chapter.

Cisco Systems Networking Academy S2 C 12 Routing Protocols.

SIMULATION OF MULTIPROCESSOR SYSTEM AND NETWORK Manish Patel Nov 8 th 2004 Advisor: Dr. Chung-E-Wang Department of Computer Science California State University,

Dynamic Stateless GRE Tunnel Li Xue Dayong Guo 1.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

英文标题 :40-47pt 副标题 :26-30pt 字体颜色 : 反白内部使用字体 : FrutigerNext LT Medium 外部使用字体 : Arial 中文标题 :35-47pt 字体 : 黑体副标题 :24-28pt 字体颜色 : 反白字体 : 细黑体.

2/25/2016CSI WG/IETF761 Open Source Project SEND & Extensions Beijing University of Posts & Telecommunications HUAWEI Yuhong LI (Speaker) Wendong WANG.

© 2002, Cisco Systems, Inc. All rights reserved..

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto IETF-90 DHC WG1.

CHAPTER 10: DHCP Routing & Switching. Objectives 10.0 Introduction 10.1 Dynamic Host Configuration Protocol v Dynamic Host Configuration Protocol.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID Dynamic Host Configuration Protocol v6.

© 2015 Infoblox Inc. All Rights Reserved. Tom Coffeen, IPv6 Evangelist UKNOF January 2015 Tom Coffeen, IPv6 Evangelist UKNOF January 2015 DHCPv6 Operational.

DoCoMo's Open Source SEND Status CSI BoF Julien Laganier, James Kempf,

Lightweight 4over6: An Extension to DS-Lite Architecture draft-cui-softwire-b4-translated-ds-lite-09 Y. Cui, Q. Sun, M. Boucadair, T. Tsou, Y. Lee and.

Managing and Directing Network Traffic with Linux

Instructor Materials Chapter 8: DHCP

Secure Proxy ND Support for SEND draft-krishnan-csi-proxy-send-00

CIT 384: Network Administration

Module 8: Securing Network Traffic by Using IPSec and Certificates

Chapter 10: DHCP Routing & Switching Chapter 10: DHCP

Cisco Want to Pass CCNA Cisco Certified Network Associate Exam

DHCP, DNS, Client Connection, Assignment 1 1.3

Routing and Switching Essentials v6.0

By : Santosh Yadav IIT Kanpur

Digital Certificates and X.509

COMPUTER NETWORK TECHNOLOGY

Module 8: Securing Network Traffic by Using IPSec and Certificates

Linux and TCP/IP Networking

Presentation transcript:

CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI

CSI WG / IETF742/12 Planned SeND  Basic communications based on RFC3971  Extensions based on: draft-shen-csi-ecc (algorithm agility) draft-ietf-csi-hash-threat (algorithm agility) CGA and DHCPv6 interaction  Basic communications based on RFC3315 (Dibbler)  Extensions based on: draft-jiang-dhc-secure-dhcpv6 (DHCPv6 and CGA interaction) draft-jiang-sendcgaext-cga-config (DHCPv6 and CGA interaction )

CSI WG / IETF743/12 Rough Schedule Basic design and some testing so far Hope to have some code available by IETF75

CSI WG / IETF744/12 Platform Host Linux* RouterQuagga over Linux* SeND *Linux Distribution Ubuntu 8.04 Kernel version DHCPv6 Client & ServerDibbler over Linux*

CSI WG / IETF745/12 System view – host

CSI WG / IETF746/12 SEND protocol module Implementation of SEND protocol in linux kernel –Process CPS/CPA message –Process ND message with SEND options –… Compatible to all specifications in RFC3971

CSI WG / IETF747/12 SEND config Tool A user mode configuration tool Provide command line interface to user Dynamically configure or control the behaviors of SEND protocol: –SEND option: whether SEND is used –Ignore option: whether unsecured message is silently discarded –… Options above is declared as module parameters in kernel

CSI WG / IETF748/12 SEND Daemon Perform secure related computations: – generation/verification of CGA address; – storage/verification of certificate paths and trust anchors; – generation/verification of RSA/ECC signatures. –… Flexible & scalable

CSI WG / IETF749/12 System view – router

CSI WG / IETF7410/12 Router Based on Quagga over Linux –Using the same OS kernel as host –The NDP implementation in Quagga is modified to support SEND features: CPS/CPA options processing CGA/RSA/ECC options processing –…

CSI WG / IETF7411/12 CGA and DHCPv6 interaction Extension of DHCPv6: –Add CGA and Signature options to DHCPv6 to verify messages –Server represents CGA address and CGA parameters in the IA option to assign address to client

CSI WG / IETF7412/12 Comments ?