Security issues in public access WLAN architectures

Slides:



Advertisements
Similar presentations
LinkSec Architecture Attempt 3
Advertisements

1MEDIACON 2004 © 2001, Cisco Systems, Inc. A View on Mobility for Multimedia Arthur Feather Mobile Wireless Group Cisco Systems Arthur Feather Mobile Wireless.
Network Evolution Scenarios Dr. Klaus-D. Kohrt Product Portfolio Management Siemens I&C Mobile Networks.
Always Best Connected Architecture and Design Rajesh Mishra Ericsson Berkeley Wireless Center.
Cryptography in Public Wireless Networks Mats Näslund Communication Security Lab Ericsson Research Feb 27, 2004.
EMC/QX/R-04:063 Uen Rev A CDG IR Team IP MultiMedia Subsystem (IMS) New Service Possibilities Alain Bouvier CDG.
Doc.: IEEE /0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.
SIP in 3GPP August 12th, 2000 Adam Roach
Doc.:IEEE /106 Submission Jamshid Khun-Jush, Ericsson January, 2002 Slide 1 Integration of WLAN and Wide Area Mobile Networks Author: Jamshid.
1 Terena Networking Conference 2003 Applying Radius-based Public Access Roaming in the Finnish University Network (FUNET) Sami Keski-Kasari Karri Huhtanen.
LTE roaming – a whole new world Acme Packet 3 Session Border Control (SBC) category creator and leader with over 60% market share Mission: enable delivery.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.
Lucent Technologies – Proprietary Use pursuant to company instruction 1 3GPP2 Workshop MMD IMS Architecture June 28, 2005 Anne Y. Lee IMS Systems Engineering.
Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.
Confidential and proprietary material for authorized Verizon Wireless personnel only. Use, disclosure or distribution of this material is not permitted.
Doc.: IEEE /229r0 Submission Tan Pek-Yew, Panasonic Slide 1 March 2003 Interworking – QoS and Authorization Tan Pek Yew & Cheng Hong Panasonic.
“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.
Understanding 3GPP Bearers LTE / HSPA / EPC ‘knowledge nuggets’ Neil Wiffen - More free downloads at Public.
3GPP ”All-IP” vision Long and short term What do we want to obtain ? How to get there (phasing) ? What do 3GPP need to do ? Issues to be resolved.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
 Introduction  Components of Wi-Fi and its working  IEEE Architecture  Advantages and Limitations.
Doc.: IEEE /223r0 Submission March 2004 Eleanor Hepworth, Siemens Roke ManorSlide 1 Interworking Requirements Eleanor Hepworth Siemens Roke Manor.
Rajeev Bansal DGM (GSM & 3G), ALTTC, Ghaziabad
2003/12/291 Security Aspects of 3G-WLAN Interworking 組別: 2 組員: 陳俊文 , 李奇勇 , 黃弘光 , 林柏均
WLAN-GPRS INTEGRATION FOR NEXT-GENERATION MOBILE DATA NETWORKS 通訊工程所 蔡名岳
LTE Architecture KANNAN M JTO(3G).
1 SAE architecture harmonization R RAN2/3, SA2 Drafting Group.
Rev A Mikko Suominen Enhancing System Capacity and Robustness by Optimizing Software Architecture in a Real-time Multiprocessor Environment.
WLAN-GPRS Integration For Next-Generation Mobile Data Networks Wireless Communications IEEE 2002 報告者:陳崇凱.
Doc.: IEEE /0154r0 Submission January 2014 S. Rayment, Ericsson & S. McCann, BlackBerrySlide 1 3GPP Liaison Report Date: Authors:
Doc.: IEEE /209r0 Submission 1 March GPP SA2Slide 1 3GPP System – WLAN Interworking Principles and Status From 3GPP SA2 Presented.
Doc.: IEEE /162r0 Submission March 2003 Stephen McCann & Max Riegel, SiemensSlide 1 Wireless Interworking Stephen McCann & Max Riegel, Siemens.
Doc.: IEEE /635r1 Submission November 2001 Peter A. Dahl, Verizon WirelessSlide 1 CDMA2000 [the other 3G Standard] Peter Dahl Verizon Wireless.
Doc.: IEEE /345r0 Submission May 2002 Albert Young, Ralink TechnologySlide 1 Enabling Seamless Hand-Off Across Wireless Networks Albert Young.
19 May 2003 © The JNT Association Terena Technical Advisory Council Terena Mobility Task Force
Wi-Fi Technology PRESENTED BY:- PRIYA AGRAWAL.
November 2001 Lars Falk, TeliaSlide 1 doc.: IEEE /617r1 Submission Status of 3G Interworking Lars Falk, Telia.
V6OPS WG IETF-72 IPv6 in Broadband Networks draft-kaippallimalil-v6ops-ipv6-bbnet Presented by: David Miles Kaippallimalil John Frank Xia July 2008.
Applicability of Proxy Mobile IPv6 for Service Provider Wi-Fi Deployments Byju Pularikkal Rajeev Koodli Sri Gundavelli.
PRESENTATION ON. What is a Wi-Fi Hotspot? A Wi-Fi hotspot is location or access point where you can access wireless broadband using a wireless enabled.
Features of Long Term Evolution (LTE)
1 Special Topics in Computer Engineering Supervised by Dr. Walid Abu-Sufah Jordan University Department of Computer Engineering.
WIRELESS NETWORKS. Wireless?  A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier.  The last link with the.
BITS Pilani Pilani | Dubai | Goa | Hyderabad EA C451 Vishal Gupta.
LTE Long Term Evolution
Month Year doc.: IEEE yy/xxxxr0 March 2016
Instructor Materials Chapter 6 Building a Home Network
Integration of and Third-Generation Wireless Data Networks
3G architecture and protocols
Third Generation (3G) Cellular Network 3G System
Teleconference Agenda
Sideseadmed (IRT0040) 2.5 AP Avo LOENG 4.
LTE Long Term Evolution
Securing Access to Mobile Operator Core Networks using IKEv2
TS **): Non-Roaming Reference Architecture for non-3GPP Accesses
ESS Mesh Deployment Usage Model
Extra MIC for use in Public Access WLAN
Security Req. related to Authentication
3GPP2-WLAN Interworking update
Stefan Rommer, Mats Näslund, András Méhes (Ericsson)
Considerations about Network Selection
Stephen McCann, Siemens Roke Manor
Stephen McCann, Siemens Roke Manor
ESS Mesh Deployment Usage Model
Security Working Group
3GPP WLAN Interworking update
Interworking Update II
3GPP2-WLAN Interworking update
LM 7. Cellular Network Security
Presentation transcript:

Security issues in public access WLAN architectures March 2002 Security issues in public access WLAN architectures Mats Näslund, Stefan Rommer Ericsson Mats Näslund & Stefan Rommer, Ericsson

Traditional WLAN Environment March 2002 sjkasjhd March 2002 Traditional WLAN Environment Corporate Intranet protected Crypto Protection AP AP - Trusted environment - No charging Mats Näslund & Stefan Rommer, Ericsson John Doe, His Company

Public Access WLAN Environment March 2002 sjkasjhd March 2002 Public Access WLAN Environment HOME AIRPORT WLAN “HOT-SPOTS” 3G Roaming Net HOTEL OFFICE/WORK PUBLIC AREA Mats Näslund & Stefan Rommer, Ericsson John Doe, His Company

Corporate Network or Service Network March 2002 Access Scenario UTRAN RNC Node B SGSN GGSN/FA Gn Iu Gr(MAP) HSS AuC HLR Gi 3GPP Core Network Access Server/HA AAA Subscriber Mgmt Charging/Billing AAA Corporate Network or Service Network Wx (Diameter) IP AP WSN/FA AAA Roaming Partner Signalling and User Data Signalling Data Protection AP WRAN HOTSPOT Could be highly untrusted! Mats Näslund & Stefan Rommer, Ericsson

Security End-points Protected! (Physically secured) Confidentiality March 2002 Security End-points WRAN AP WSN/FA Protected! (Physically secured) AP Confidentiality (soon: integrity) No protection! Could be tampered with. No protection! Robust charging requires at least integrity protection. Mats Näslund & Stefan Rommer, Ericsson

WLAN Public Access Public access is an important WLAN scenario. March 2002 WLAN Public Access Public access is an important WLAN scenario. Security in public scenarios should be important to TGi. How can TGi secure traffic in the AP and the connecting cable? Make it possible to move the security endpoint into the wired network Other (less secure) possibilities AP in tampering-proof box? Make physical access to Ethernet cable impossible? More? Mats Näslund & Stefan Rommer, Ericsson

Moving the security endpoint March 2002 Moving the security endpoint It should be possible to signal the AP not to perform data authentication (a node inside the wired network will check integrity). Optionally, decryption and the whole security association could be moved. Consequences: Higher security in public scenarios. Transparent for RSN-capable mobile nodes. Little point in using OCB, separate MIC preferred. Simpler/legacy APs (without RSN) could be used. Have to be solved: Signaling between AP and network node, fragmentation, etc. Mats Näslund & Stefan Rommer, Ericsson

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.