Network Selection Issues

Slides:



Advertisements
Similar presentations
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Advertisements

Doc.: IEEE /689r0 Submission November 2002 Dan Harkins, Trapeze Networks.Slide 1 Re-authentication when Roaming Dan Harkins.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Confidential 1 IEEE u Overview Klaas Wierenga TF-Mobility Loughborough, May 7, 2009.
Omniran IEEE 802 Enhanced Network Detection and Selection Date: Authors: NameAffiliationPhone Max RiegelNSN
1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.
History Since created in 1995, RADIUS has been used to provide authentication, authorization and generate accounting information for dial-in users. However,
Slides of the course was made by TAs of this and previous semesters 1 Internet Networking Spring 2002 Tutorial 1 Subnets, Proxy ARP.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
03/09/2003Helsinki University of Technology1 Overview of Thesis Topic Presented By: Zhao Xuetao.
Identities and Network Access Identifier in M2M Page 1 © GPP2 3GPP2 and its Organizational Partners claim copyright in this document and individual.
2003/12/291 Security Aspects of 3G-WLAN Interworking 組別: 2 組員: 陳俊文 , 李奇勇 , 黃弘光 , 林柏均
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
11 December, th IETF, AAA WG1 AAA Proxies draft-ietf-aaa-proxies-01.txt David Mitton.
EAP-based Mediating Network Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( ) ACKNOWLEDGEMENTS:
Doc.: IEEE /0638r0 Submission May 2004 Bernard Aboba, MicrosoftSlide 1 Network Selection Bernard Aboba Microsoft
Submission doc.: IEEE 11-12/535r1 May 2012 Jarkko Kneckt, NokiaSlide 1 Scanning and FILS requirements Date: Authors:
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Doc.: IEEE /0357r0 Submission March 2008 Michelle Gong, Intel, et alSlide 1 Enhancement to Mesh Discovery Date: Authors:
Routing in the Inernet Outcomes: –What are routing protocols used for Intra-ASs Routing in the Internet? –The Working Principle of RIP and OSPF –What is.
1 Network Selection Problem Definition Draft-ietf-eap-netsel-problem-01.txt Jari Arkko Bernard Aboba.
IETF #65 Network Discovery and Selection Problem draft-ietf-eap-netsel-problem-04 Farooq Bari Jouni Korhonen.
Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.
Doc.: IEEE /0448r0 Submission March, 2007 Srinivas SreemanthulaSlide 1 Joiint TGU : Emergency Identifiers Notice: This document has been.
Nov 10, EAP-based Mediating Network Discovery and Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation (
Doc.: IEEE /827r0 Submission November 2003 Eleanor Hepworth, Siemens Roke ManorSlide 1 Co-existence of Different Authentication Models Eleanor.
Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.
BUILD SECURE PRODUCTS AND SERVICES
ROUTING.
An Architecture for Wireless LAN/WAN Integration
Virtual Private Networks
<draft-ohba-pana-framework-00.txt>
Informing AAA about what lower layer protocol is carrying EAP
Open issues with PANA Protocol
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
Improving searches through community clustering of information
Hokey Architecture Deployment and Implementation
SUBMITTED BY DINEEJ A 28 S3 EC
Jari Arkko, Henry Haverinen, Joseph Salowey (presented by Pasi Eronen)
Jari Arkko Bernard Aboba
Wireless Technology.
Session Initiation Protocol (SIP)
Service discovery architecture for TGaq
Facing issues in D-link router? No Need to get nervous, D-link Router Technical Support is available to provide the best assistance. Expert's help gives.
AWS Exam PDF | Free AWS Questions Answers | Dumps4Download
מרכז אימות לפלטפורמת מתן שירותים
WUR Discovery Frame Content
TGaq Transaction Protocol
ANQP Service Discovery
MAC Address Hijacking Problem
Network Selection Bernard Aboba Microsoft
doc.: IEEE <doc#>
Security Req. related to Authentication
Enhancements to Mesh Discovery
Enhancement to Mesh Discovery
WUR Discovery Frame Content
WUR Discovery Frame Content
WUR Discovery Frame Content
WUR Discovery Frame Content
Network Selection Bernard Aboba Microsoft
Month Year doc.: IEEE yy/xxxxr0
WUR Discovery Frame Content
IETF Network Discovery and Selection Overview
IEEE MEDIA INDEPENDENT HANDOVER
Security Activities in IETF in support of Mobile IP
Software Onboarding and Instructional Design
Month Year doc.: IEEE yy/xxxxr0
Site Report Conceptual Model
Layering and the TCP/IP protocol Suite
Presentation transcript:

Network Selection Issues Pasi Eronen

Network Selection -- Goals Assist AAA routing in global roaming, when full routing information not available or ambiguous Allow the user to select which broker to use, in case there are price or other differences Allow the intended service providers to be a part of the transaction business-wise

Network Selection -- Some Solutions AAA layer: some mechanism to provide a better AAA routing / roaming table Link layer: advertise an SSID for the broker/intermediate network, then use that in AAA routing, using virtual AAA clients and proxies EAP layer: provide some hints in EAP identity request, select a NAI based on those hints A regular NAI A NAI with the broker’s name added jarkko%piuha.net@ipass.com Another alternative decoration: ipass/jarkko@piuha.net

Issues with NAI Prefix / EAP Solution All proxies have to know about this Diameter routing and Diameter-RADIUS problems Does not work this way according to the current RFCs APs have to be modified to get the initial ID request from the proxy, or identity re-queries are needed, lengthening the network attachment time Does not help in selecting the AP Need to scan of all APs and running EAP before deciding which AP to choose EAP Identity Req/Resp contents are not secured

The SSID Solution No AAA protocol implications No EAP or NAI interoperability issues Does require APs to support multiple SSIDs If the number of advertised networks is large, can consume a lot of beacon bandwidth At 1 mbps, all bandwidth used for 100 network advertisements! A similar issue with the EAP/scan solution, but not dependent on number of networks -- instead, the number of logins per second x number of APs However, in the EAP/scan solution a higher speed can be chosen for the unicast communications For instance, 10 logins per second with 10 APs and 100 networks, with 10 mbps unicast speed would result in 10 * 10 * 10000 = 1 mbps or 10% of the bandwidth used

Feedback on Network Selection If an EAP-layer based solution is used, EAP identity request hints are probably OK Prefix-based NAI decoration is problematic AAA routing instructions from RFCs are violated All proxies have to recognize the decoration Suffix-based NAI decoration would be better Neither the hints or the decorations are authenticated Applies to SSIDs in part too, at least for dishonest AP case Scanning APs and trying EAP is problematic Particularly hard if there are multiple APs and fast roaming And particularly if identity re-query is used Consider combining AP selection and network selection? Beacon-based approach is limited to ~dozen brokers Particularly if lowest beaconing speed is small

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.