IEEE MEDIA INDEPENDENT HANDOVER DCN: sec

Slides:



Advertisements
Similar presentations
11 IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: Summary of Proposed Security Solutions Date Submitted: March 12, 2010 Present at.
Advertisements

1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: ERP proposal Date Submitted: October 11, 2011 Authors or Source(s): Fernando Bernal-Hidalgo,
IEEE MEDIA INDEPENDENT HANDOVER DCN: Sec Title: Considerations on use of TLS for MIH protection Date Submitted: January 14, 2010.
1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: Message Flow Date Submitted: March 1, 2011 Authors or Source(s): Fernando Bernal-Hidalgo,
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx
IEEE MEDIA INDEPENDENT HANDOVER DCN: srho
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx
IEEE MEDIA INDEPENDENT HANDOVER DCN: srho
IEEE MEDIA INDEPENDENT HANDOVER DCN: srho Title: Proactive Pull Key Distribution for IEEE c Date Submitted: November 4, 2011.
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: MuGM
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-0sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: bcast
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Your Title Here
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec
IEEE MEDIA INDEPENDENT HANDOVER DCN: mugm
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Presentation transcript:

IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-10-0041-01-0sec Title: Proactive Authentication and MIH Security Date Submitted: February 16, 2010 Authors or Source(s): Rafa Marín-López (University of Murcia), Subir Das (Telcordia Technologies), Fernando Bernal (University of Murcia), Karen Randall (Randall Consulting) Abstract: This document outlines the options on proactive authentication techniques and MIH protocol level security mechanisms. The objective is to discuss these options and conclude fewer approaches for further progress.

IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual <http://standards.ieee.org/guides/opman/sect6.html#6.3> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/guide.html>  IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws <http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/faq.pdf>  21-10-00xx-00-0sec

Proposed Approaches Approaches (I, II, III) are classified based on the mechanism used for MIH PoS access control Each approach is divided into sub-options (a, b or c) depending on how proactive authentication and key distribution are performed with the media specific authenticator (MSA) 21-09-00xx-00-0sec

Approaches Approach I: Approach II: It carries out a direct service level authentication using (D) TLS. The generated Security Association provides protection for the MIH signaling, for example, in order to perform a proactive authentication. (D) TLS for MIH service level authentication, and for Proactive authentication EAP over media specific L2 frames transported through MIH messages EAP over MIH messages. (PoS is an EAP authenticator) Approach II: Unlike Approach I, service level authentication is performed though (D) TLS over MIH signaling. Once protected the MIH signaling options a) and b) are performed in the same way. (D) TLS over MIH for MIH service level authentication, and EAP over media specific L2 frames transported through MIH messages. EAP over MIH messages. (PoS is an EAP authenticator ) 4 21-09-00xx-00-0sec

Approaches Approach III: Unlike approach I and II, the access control is carried out by using EAP over MIH signaling and the signaling for proactive authentication can be protected by the Security Association created. Proactive authentication options a) and b) are the same in approach I and II, but using EAP provides a new option c) for proactive authentication. EAP over MIH for MIH service level authentication, and for proactive authentication EAP over media specific L2 frames transported through MIH messages. EAP over MIH messages (PoS is an EAP authenticator) Re-use key material exported from EAP

Approach I: (D) TLS for MIH service level authentication. Use (D) TLS for MIH service level authentication PoS is a TLS server NOT an EAP Authenticator MIH messages are protected after successful (D)TLS authentication by using the created TLS SA Use (D)TLS for authentication, key establishment and ciphering (D)TLS SA is used to protect subsequent MIH messages PSK (static) or public key as (D)TLS credentials Note: In this approach, TLS handshake is not over MIH Protocol. Therefore additional techniques would be required such as binding transport identity with MIHF-ID 21-09-00xx-00-0sec

Approach I.a Proactive Authentication with the PoA Use protected MIH transport to carry EAP over media specific L2 frame to candidate PoS PoS relays the EAP messages to media specific candidate authenticator(s) (MSA(s)) 21-10-00xx-00-0sec

Approach I.a contd.. PoS MSA MN (TLS Server) (D) TLS Handshake MIH SA established Protected MIH messages w access control MIH Messages w EAP over L2 frame EAP messages over L2 frame 21-09-00xx-00-0sec

Proactive Authentication (App. I.a) MN (1) MIH PoS MIH User MIHF Candidate MSA Layer 2 MSK’/rMSK’ AS (1) EAP over media specific L2 frames through protected MIH messages 21-09-00xx-00-0sec

Approach I.b Proactive Authentication Carry EAP over MIH to candidate PoS PoS is an EAP authenticator Two cases: Same MSK’/rMSK’ received by PoS is sent to the MSA A MSK (different from MSK’/rMSK’) is derived from a MS-PMK and distributed somehow to the MSA. 21-09-0066-01-0sec

Approach I.b contd.. PoS AS MN) MSA (TLS Server and EAP authenticator) (D) TLS Handshake MIH SA established MSA Protected MIH messages w access control EAP over protected MIH EAP messages/AAA messages Key Distr. Mech. 21-09-00xx-00-0sec

Proactive Authentication (App. I.b): Case 1 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK’/rMSK’ MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The same MSK’/rMSK’ is sent to the MSA. 21-09-00xx-00-0sec

Proactive Authentication (App. I.b): Case 2 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The MSK is derived somehow from the MS-PMK. (Key hierarchy required). 21-09-00xx-00-0sec

Approach II: (D) TLS over MIH for MIH service level authentication. Tranport (D) TLS over MIH for MIH service level authentication PoS is a TLS server is NOT a EAP Authenticator TLS authentication is transported over MIH Use (D)TLS for authentication, key establishment and ciphering PSK (static) or public key as (D)TLS credentials. MIH SA is established after successful (D)TLS authentication and subsequent MIH messages are protected Keys from TLS execution are used to build the MIH SA. Note: In this approach, TLS handshake is over MIH Protocol as opposed to Approach -I 21-09-00xx-00-0sec

Approach II.a Proactive Authentication with the PoA Use protected MIH transport to carry EAP over media specific L2 frame to candidate PoS PoS relays the EAP messages to media specific candidate authenticator(s) (MSA(s)) 21-10-0000-xx-0sec

Approach II.a contd.. PoS MSA MN (TLS Server) (D) TLS Handshake over MIH MIH SA established Protected MIH messages w access control MIH Messages w EAP over L2 frame EAP messages over L2 frame 21-09-00xx-00-0sec

Proactive Authentication (App. II.a) MN (1) MIH PoS MIH User MIHF Candidate MSA Layer 2 MSK’/rMSK’ AS (1) EAP over media specific L2 frames through protected MIH messages 21-10-00xx-00-0sec

Approach II.b Proactive Authentication Carry EAP over MIH to candidate PoS PoS is an EAP authenticator Two cases: Same MSK’/rMSK’ received by PoS is sent to the MSA A MSK (different from MSK’/rMSK’) is derived from a MS-PMK and distributed somehow to the MSA. 21-10-0000-00-0sec

Approach II.b contd.. PoS AS MN MSA (TLS Server and EAP auth.) (D) TLS Handshake over MIH MIH SA established MSA Protected MIH messages w access control EAP over protected MIH EAP messages/AAA messages Key Distr. Mech. 21-09-00xx-00-0sec

Proactive Authentication (App. II.b): Case 1 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK’/rMSK’ MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The same MSK’/rMSK’ is sent to the MSA. 21-09-00xx-00-0sec

Proactive Authentication (App. II.b): Case 2 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The MSK is derived somehow from the MS-PMK (Key hierarchy required). 21-09-00xx-00-0sec

Approach III: EAP over MIH for MIH service level authentication. Use EAP for MIH service level authentication PoS is an EAP authenticator PoS holds MSK’ (Master Session Key) or rMSK’ (Re-authentication MSK’) generated by EAP MIH SA is established after successful EAP authentication and subsequent MIH messages are protected MSK’ or rMSK’ is used for deriving media-independent pair-wise master key (MI-PMK) MI-PMK is used to build the MIH SA and protect MIH messages Note: In this approach, EAP is used instead of (D) TLS as opposed to Approach-I and Approach- II for MIH service level authentication 21-09-00xx-00-0sec

Approach III.a Proactive Authentication with the PoA Use protected MIH transport to carry EAP over media specific L2 frame to candidate PoS PoS relays the EAP messages to media specific candidate authenticator(s) (MSA(s)) 21-10-00xx-00-0sec

Approach III.a contd.. PoS AS MN MSA (EAP authenticator) EAP over MIH EAP messages/AAA messages MIH SA established MSA Protected MIH messages w access control MIH Messages w EAP over L2 frame EAP messages over L2 frame 21-09-00xx-00-0sec

Proactive Authentication (App. III.a) MN (1) MIH PoS MIH User MIHF Candidate MSA Layer 2 MSK’/rMSK’ AS (1) EAP over media specific L2 frames through protected MIH messages 21-09-00xx-00-0sec

Approach III.b Proactive Authentication Carry EAP over MIH to candidate PoS PoS is an EAP authenticator Two cases: Same MSK’/rMSK’ received by PoS is sent to the MSA A MSK (different from MSK’/rMSK’) is derived at the PoS using MI-PMK as root key and distributed somehow to the MSA. 21-10-00xx-00-0sec

Approach III.b contd.. PoS AS MN MSA (TLS Server and EAP auth.) EAP over MIH EAP messages/AAA messages MIH SA established MSA Protected MIH messages w access control EAP over protected MIH EAP messages/AAA messages Key Distr. Mech. 21-09-00xx-00-0sec

Proactive Authentication (App. III.b): Case 1 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK’/rMSK’ MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The same MSK’/rMSK’ is sent to the MSA. 21-09-00xx-00-0sec

Proactive Authentication (App. III.b): Case 2 MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK MIHF Candidate MSA Layer 2 AS  EAP over MIH through protected MIH messages  The MSK is derived at the PoS (Key hierarchy required). 21-09-00xx-00-0sec

Approach III.c Proactive Authentication Using the key material exported by the EAP authentication over MIH for MIH service level authentication new key material is derived: A MSK (different from MSK’/rMSK’ received by the PoS ) is derived at the PoS using MI-PMK as root key and distributed somehow to the MSA. A Key hierarchy is needed 21-10-00xx-00-0sec

Approach III.c contd.. PoS AS MN MSA (TLS Server and EAP auth.) EAP over MIH EAP messages/AAA messages MIH SA established MSA Protected MIH messages w access control Key Distr. Mech. Key derivation 21-09-00xx-00-0sec

Proactive Authentication (App. III.c) MN (1) MIH PoS MIH User MSK’/rMSK’ (2) MSK MIHF Candidate MSA Layer 2 AS  EAP over MIH through MIH messages  The MSK is derived at the PoS (Key hierarchy required). 21-09-00xx-00-0sec

Proposed Approaches at a Glance Service Level Authentication Proactive Authentication Key Hierarchy (exported by EAP) Carrying EAP over L2 frames Carrying EAP over MIH To protect MIH signaling To be used in proactive authentication I a (D) TLS Yes No b II (D) TLS over MIH III EAP over MIH c 21-10-00xx-00-0sec