Network Smart Card Performing U(SIM) Functionalities in AAA Protocol Architectures Joaquin Torres, A. Izquierdo, M. Carbonell and J.M. Sierra Carlos III.

Slides:



Advertisements
Similar presentations
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Advertisements

EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.
UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.
Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
Rev A8/8/021 ABC Networks
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
SIP roaming solution amongst different WLAN-based service providers Julián F. Gutiérrez 1, Alessandro Ordine 1, Luca Veltri 2 1 DIE, University of Rome.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate
1 © NOKIA MitM.PPT (v0.2) / 6-Nov-02 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
802.1x EAP Authentication Protocols
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE Wireless Local Area Networks (WLAN’s).
Peer WLAN Consortium: A P2P Case Study Mobile Multimedia Laboratory Department of Informatics Athens University of Economics & Business Athens MMAPPS Meeting,
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
Network Security1 – Chapter 5 (B) – Using IEEE 802.1x Purpose: (a) port authentication (b) access control An IEEE standard
Remedies Use of encrypted tunneling protocols (e.g. IPSec, Secure Shell) for secure data transmission over an insecure networktunneling protocolsIPSecSecure.
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.
Doc.: IEEE /229r0 Submission Tan Pek-Yew, Panasonic Slide 1 March 2003 Interworking – QoS and Authorization Tan Pek Yew & Cheng Hong Panasonic.
“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
Completing the Convergence Puzzle: A Survey and A Roadmap IEEE Wireless Communications ‧ June 2009 DJAMAL-EDDINE MEDDOUR, USMAN JAVAID, AND NICOLAS BIHANNIC,
2003/12/291 Security Aspects of 3G-WLAN Interworking 組別: 2 組員: 陳俊文 , 李奇勇 , 黃弘光 , 林柏均
KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.
Cellular Access Control and Charging for Mobile Operator Wireless Local Area Networks H. Haverinen, J. Mikkonen and T. Takamaki, Nokia Wei-Jen, Lin Advanced.
Wireless Hotspots: Current Challenges and Future Directions CNLAB at KAIST Presented by An Dong-hyeok Mobile Networks and Applications 2005.
UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering Secure Authentication System for Public WLAN Roaming Ana Sanz Merino, Yasuhiko.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
Wireless Network Security and Interworking
後卓越計畫 進度報告 楊舜仁老師實驗室 GPP-WLAN Interworking (collaboration with ICL/ITRI)
EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),
WLAN-GPRS Integration For Next-Generation Mobile Data Networks Wireless Communications IEEE 2002 報告者:陳崇凱.
輔大資工所 在職研一 報告人:林煥銘 學號: Public Access Mobility LAN: Extending The Wireless Internet into The LAN Environment Jun Li, Stephen B. Weinstein, Junbiao.
Doc.: IEEE /209r0 Submission 1 March GPP SA2Slide 1 3GPP System – WLAN Interworking Principles and Status From 3GPP SA2 Presented.
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
Doc.: IEEE /345r0 Submission May 2002 Albert Young, Ralink TechnologySlide 1 Enabling Seamless Hand-Off Across Wireless Networks Albert Young.
Wireless security Wi–Fi (802.11) Security
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
September 28, 2006 Page 1 3GPP2 MMD Status for IMS Workshop Jack Nasielski
Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
Wireless Unification Theory William Arbaugh University of Maryland College Park.
N. Asokan, Kaisa Nyberg, Valtteri Niemi Nokia Research Center
November 2001 Lars Falk, TeliaSlide 1 doc.: IEEE /617r1 Submission Status of 3G Interworking Lars Falk, Telia.
San Diego, August 2004 IETF 60 th – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-01) Gerardo Giaretta.
KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.
Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.
Omniran OmniRAN SaMOG Use Case Date: Authors: NameAffiliationPhone Max RiegelNSN
S Postgraduate Course in Radio Communications. Application Layer Mobility in WLAN Antti Keurulainen,
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
1 Special Topics in Computer Engineering Supervised by Dr. Walid Abu-Sufah Jordan University Department of Computer Engineering.
Port Based Network Access Control
1 Rogue Mobile Shell Problem Verizon Wireless October 26, 2000 Christopher Carroll.
Discussions on FILS Authentication
Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008
SECURING WIRELESS LANS WITH CERTIFICATE SERVICES
IEEE MEDIA INDEPENDENT HANDOVER
AAA: A Survey and a Policy- Based Architecture and Framework
Presentation transcript:

Network Smart Card Performing U(SIM) Functionalities in AAA Protocol Architectures Joaquin Torres, A. Izquierdo, M. Carbonell and J.M. Sierra Carlos III University of Madrid, Spain Computer Science Department

Outline Smart Devices Convergence NGN …?

WISTP 2008, May 13-16, Introduction WLANs deployment: SOHO, campus, residential and public environments public hotspots the number of public hotspots is continuously proliferating, and this allows the information to be accessible in any time and any place 3G mobile systems as a competitive solution wide geographical area coverage effective roamings other advantages: such as reliability, throughput, value-added services and contents

WISTP 2008, May 13-16, Networks Convergence However, expensive investment expensive investment required by the 3G networks look for more profitable and versatile solutions  forces to the operators to look for more profitable and versatile solutions (leakage of subscribers?) Comparing features: WLANs significant transmission rates… provide services with significant transmission rates… high demand zones in high demand zones and mobility is not a requirement when the mobility is not a requirement 3G systems high mobility, wide coverage, well-established voice services… lower transmission rates low/medium demand …but lower transmission rates, so they are more adequate for low/medium demand

WISTP 2008, May 13-16, Convergence: 3G/WLAN interworking complementary WLAN and 3G networks are complementary: 3G/WLAN interworking I-3G/WLAN is a clear trend in the public access infrastructures (PWLAN, Public Wireless LAN) 3GPP TS v7.3.0: 3GPP System to Wireless Local Area Network (WLAN) Interworking System Description (September 2006)

WISTP 2008, May 13-16, 3G/WLAN Interworking features mobile services development of mobile services with high transmission rates e.g. IP-based multimedia services, IMS roaming transparent roaming between both technologies smart switching, with the goal: keep initiated sessions QoS Ad-hoc user services: QoS profiled subscribers, preserving the quality of services.

WISTP 2008, May 13-16, 3G/WLAN Authentication Infrastructure Subscriber authenticated must be authenticated before her access to network services is authorized credentials personalized credentials User’s multimode devices e.g. laptops, smartphones, PDAs, etc. secure module require the appropriate secure module Solution: the authentication schemes are based on a combination of the solutions that were initially supported by these two systems.

WISTP 2008, May 13-16, 3G/WLAN: authentication convergence SIM-based solution, simultaneously inherit from: EAPoL-based WLAN systems: EAPoL-based (i.e X/EAP, RADIUS or DIAMETER) chip card-based U(SIM) chip card-based U(SIM) inherited from stand-alone 3G systems subscriber registers authentication schemes supported by 3GPP subscriber registers (i.e. HLR/HSS) Advantages… Devices are ready! User is accustomed to SIM Module/HW secure 3G/WLAN Netw. Operators do not require additional security credentials

WISTP 2008, May 13-16, 3G/WLAN Reference Model 3GPP AAA Proxy Offline Charging System WAG Acceso IP WLAN/ 3GPP 3GPP AAA Server SLF Home 3GPP Network WLAN- UE PacketData Gateway HSS HLR Offline Charging System OCS ' Intranet/ Internet WLAN Access Network WLAN- UE PacketData Gateway HSS HLR Offline Charging System OCS ' Intranet/ Internet Visited 3GPP Network 3GPP AAA Proxy Offline Charging System WAG IP WLAN/ 3GPP Access 3GPP AAA Server SLF Internet 3GPP TS v7.3.0: 3GPP System to Wireless Local Area Network (WLAN) Interworking System Description (September 2006) ETSI TS V7.5.0, 3GPP System to Wireless Local Area Network (WLAN) Interworking Security System (June 2007)

WISTP 2008, May 13-16, 3G Mobile Systems Authentication: AKA {RAND||CK|| IK|| AUTN} AUTH [ {RAND||CK|| IK|| AUTN} ] 3G MSU(SIM) RES RNS3G-SGSN {RAND,XRES,CK, IK, AUTN} =f(IMSI) RES= f2(K, RAND) RES =? XRES HLR/AuC Verifies MAC by f1 Decrypts SQN by f5 Checks freshness SQN Derives CK by f3 Derives IK by f4

WISTP 2008, May 13-16, AAASERVER Visited WLAN Home WLAN Example scenario: convergence authentication Home 3G Network Proxy AAA HLR/AuC Proxy AAA 3G-SGSNgateway

WISTP 2008, May 13-16, 3G/WLAN: convergence in authentication EAP-SIM and EAP-AKA SIM-based authentication schemes standardized protocols mobile stationbackend authentication server End-to-end mutual authentication between the mobile station and the backend authentication server EAPoL EAP EAPoL EAP RADIUS/DIAMETER Client UDP/IP L2/L1 RADIUS/DIAMETER Server UDP/IP L2/L1 EAP EAP-SIM/AKA WLAN MS RADIUS/DIAMETER Proxies UDP/IP L2/L1 APNetwork AAA Proxies 3G AAA Server U(SIM) WLAN DOMAIN WAN DOMAIN + CELLULAR NETWORK

WISTP 2008, May 13-16, A quick trust analysis blindly trust both devices blindly trust each other unique supplicant they behave as an unique supplicant this is not a by default recommendable assumption against any potential scenario the authentication scheme should be designed to protect against any potential scenario a priori untrustworthy e.g.WLAN MS is an a priori untrustworthy terminal. Conclusion: additional authentication mechanisms additional authentication mechanisms should be provided?

WISTP 2008, May 13-16, Stand-alone device…stand-alone suplicant Access NetworkCore NetworkAccess DeviceSupplicant Device PSTN Dedicated-lines 3GPP Multimode MS Smart Cards AAA services IP-based AAA User Other Services InternetWLAN

WISTP 2008, May 13-16, Motivation a different authentication model Our new approach starts from a different authentication model that considers: an isolated U(SIM) with autonomy during the authentication process. participates as stand-alone supplicant or claimant, and not relies on the access terminal (i.e. WLAN mobile station) for this functionality. a priori untrustworthy environment Additionally, this work assumes an a priori untrustworthy environment: WLAN MSpotential attacker the WLAN MS is considered as a potential attacker. Hence, the WLAN MS should be authenticated by the network as a different host from U(SIM). Required: Device Authentication  previous to SM

WISTP 2008, May 13-16, Goals To define an AAA architecture, which represents a more robust and flexible solution in terms of security. Feasible for untrustworthy environments To provide efficient SIM-based mobile stations’ customization or personalization in critical or public environments. Convergence (netw1,netw2) Convergence (Smart Device, )Authentication

WISTP 2008, May 13-16, Our Network Smart Card concept Network Smart Card (NSC) with authentication purposes In a previous work, we proposed a Network Smart Card (NSC) with authentication purposes: Atomic smart card authentication protocol design: the authentication protocol should be designed as an integral part of the smart card. We propose a specific protocol stack for the card End-to-end mutual authentication schema: the smart card participates as a communication extreme. IETF Layer 2 authentication (IP layer is not required)

WISTP 2008, May 13-16, …details Our Network Smart Card (NSC) approach Other approaches… ISO7816 PPP EAP ISO7816 PPP EAP pass-through EAP-type Supplicant Smart Card Terminal Pass-through authenticator Pass-through authenticator according to EAP (acc. IETF) AP/ NAS EAP-based AP/ NAS EAP-based EAP-type=EAP-AKA

WISTP 2008, May 13-16, Related Work EAP-SIM/AKA solutions: many works but focused on 3G/WLAN interworking security (network side) usually, problems derived from original SIM/AKA protocols Alternatives: EAP-TTLS, EAP-TLS, etc. Assumption about the (U)SIM-WLAN_UE trust relationship blind trust: they behave as an unique supplicant Summarized: storessubscriber authentication credentials U(SIM) stores the corresponding subscriber authentication credentials cryptographic algorithms And computes the envisaged cryptographic algorithms in SIM/AKA protocols, on the behalf of mobile station.

WISTP 2008, May 13-16, Related Work Versatile solutions are missed Example: consider an U(SIM) that may be an external smart card that customizes (temporal personalization) a public wireless terminal for a 3G/WLAN access. In such a case, the U(SIM) behaviour as an stand-alone supplicant is highly recommendable. So it should be isolated and protected.

WISTP 2008, May 13-16, New NSC-based AAA Protocol Architecture in 3G/WLAN ISO7816 PPP EAP ISO7816 PPP EAP DIAMETER Client UDP/IP DIAMETER Server UDP/IP L2/L1 EAP EAP-AKA NSC-based U(SIM) DIAMETER Proxies UDP/IP L2/L1 WLAN MSNetwork AAA Proxies L2/L1 AP Bridge3G AAA Server

WISTP 2008, May 13-16, Features U(SIM) remote authentication scheme: stand-alone supplicant stand-alone supplicant functionality instead of split supplicant functionality: the U(SIM) and WLAN MS does not cooperate in the authentication process as an unique device. authentication protocol stack integral part of the U(SIM) the authentication protocol stack is designed as an integral part of the U(SIM) (atomic design) to participate as actual endpoint in the authentication process with a 3G AAA server. ISO7816 PPP EAP EAP-AKA NSC-based U(SIM)

WISTP 2008, May 13-16, …features Minimal changes in the original architecture 3G network side does not require changes proxies and end-equipments keep settings and implementation features. DIAMETER Server UDP/IP L2/L1 EAP EAP-AKA DIAMETER Proxies UDP/IP L2/L1 Network AAA Proxies 3G AAA Server

WISTP 2008, May 13-16, Network Access Server (NAS) implementing the role of pass-through authenticator WLAN Mobile Station participates as a Network Access Server (NAS) implementing the role of pass-through authenticator as a DIAMETER client This reinforces the stand-alone supplicant functionality in the U(SIM), since WLAN MS cannot act as supplicant and authenticator at the same time for the same U(SIM). ISO7816 PPP EAP DIAMETER Client UDP/IP WLAN MS L2/L1 AP Bridge

WISTP 2008, May 13-16, …features U(SIM) isolation: advantages with regard to assure the security of the entire scheme in untrustworthy scenarios. Our architecture takes advantage of the functions of the LCP protocol (i/ PPP): LCP/PPP protocol may be easily hosted in the U(SIM) stack. EAP was initially designed for PPP EAP Layer allows: packets exchange between the EAP-SIM/AKA methods and LCP frames duplication and retransmissions control.

WISTP 2008, May 13-16, Authentication Flow in our AAA Architecture WLAN MS 3G AAA Server NSC-based U(SIM) XRE S=? RES 4. DIAMETER/EAP Request/AKA-Challenge [RAND, AUTN, MAC, Encrypted ID] 4. DIAMETER/EAP Request/AKA-Challenge [RAND, AUTN, MAC, Encrypted ID] 2. PPP/EAP Response/Identity [IMSI or Pseudonym] 2. PPP/EAP Response/Identity [IMSI or Pseudonym] 6. PPP/EAP Response/AKA-Challenge [RES, MAC] 6. PPP/EAP Response/AKA-Challenge [RES, MAC] 7. DIAMETER/EAP Response/AKA-Challenge [RES, MAC] 7. DIAMETER/EAP Response/AKA-Challenge [RES, MAC] 3. DIAMETER/EAP Response/Identity [IMSI or Pseudonym] 3. DIAMETER/EAP Response/Identity [IMSI or Pseudonym] 0. EAP Request/Identity 0. EAP Request/Identity 5. PPP/EAP Request/AKA-Challenge [RAND, AUTN, MAC, Encrypted ID] 5. PPP/EAP Request/AKA-Challenge [RAND, AUTN, MAC, Encrypted ID] 9. DIAMETER/EAP Success 9. DIAMETER/EAP Success 11. Secure channel establishment 11. Secure channel establishment 10. PPP/EAP Success 10. PPP/EAP Success 1. PPP/EAP Request/Identity 1. PPP/EAP Request/Identity 8. Validation 8. Validation

WISTP 2008, May 13-16, Security and Trust Issues not proposing a new U(SIM) authentication protocol We are not proposing a new U(SIM) authentication protocol in the context of 3G/WLAN interworking. designed by well-known protocols Our architecture is designed by well-known protocols that are implemented inside the U(SIM) with a novel approach. new way to transport authentication messages between the U(SIM) and a 3G AAA server and U(SIM) takes the control in the user side. Security weakness and threats Security weakness and threats are derived by the own nature of such standardized protocols and the correctness of their implementation.

WISTP 2008, May 13-16, Security and Trust Issues new secure algorithms, key material or cryptographic techniques are not required new secure algorithms, key material or cryptographic techniques are not required EAP-AKA method is transparently reused The implementation of the EAP-AKA method is transparently reused, both in the U(SIM) side and in the 3G AAA Server side.

WISTP 2008, May 13-16, Trust Models Relevant impact of our proposal is related to the trust models original Trust model, derived from the original AAA protocol architecture in a 3G/WLAN interworking scenario: nAUT AAA 3GPP Server U(SIM) WLAN MS explicit Proxie s AP implicit explicit User Domain Pu blic Domain, untrustworthy environment blind

WISTP 2008, May 13-16, Our Trust Model “blind trust” assumption “blind trust” assumption should not be applied to all scenarios and a more flexible solution is required new trust model Our goal: to introduce a more realistic architecture, which a new trust model is derived from nAUT AAA 3GPP Server U(SIM) WLAN MS explicit Proxie s AP implicit explicit Public Domain, untrustworthy environment User Domain implicit

WISTP 2008, May 13-16, Our Trust Model 3G AAA server is supported by DIAMETER the trust relationship between the WLAN MS and the 3G AAA server is supported by DIAMETER protocol Access Point the WLAN MS is part of the network and it behaves as an Access Point for the U(SIM) just when U(SIM) and 3G AAA server mutually trust each other, then U(SIM) trusts WLAN MS. Our AAA architecture aims to provide robustness with this goal This is a reasonable result in a priori untrustworthy scenarios

WISTP 2008, May 13-16, Implementation and Testbed Testbed for the AAA network architecture for NSC- based U(SIM) Implemented by means of the OpenDiameter libraries: C++ API both to EAP and Diameter EAP NSC-based U(SIM) WLAN MS DIAMETER Client Network AAA Proxy 3G AAA Diameter Server

WISTP 2008, May 13-16, Details about implementation 3G AAA Server: back-end authentication server is basically implemented by: the libdiametereap and libeap libraries. The Diameter EAP API is extensible and allows define authorization (DEA attributes EAP API is extended in order to support EAP-AKA method. OpenSSL library (partially included) provides a set of AKA cryptographic functionalities. For simplicity’s sake, the implementation of functions f3 and f4 has not been carried out. Network AAA proxy standard Diameter base protocol procedure relay version (Diameter proxy) is provided by the libdiameter. Allows to complete the implementation of the protocol stack in a layer 2 wireless Access Point. WLAN MS common laptop - IEEE g wireless interface. functionality of NAS (Diameter client) is provided by the implementation of the libdiametereap library.

WISTP 2008, May 13-16, Details about implementation Network Smart Card with U(SIM) functionalities JavaCard: bulk LCP/EAP protocol stack -according to the standardized state-machines enhancing with a set of functionalities corresponding EAP-AKA method. CK and IK derivation, as well as, synchronization and re- authentication functionalities have been avoided with testbed experiments purposes. (rxReq, rxSuccess, rxFailure, reqId, reqMethod) = parseEapReq(eapReqData) RECEIVED if (allowMethod(reqMethod)) { aka.Method = reqMethod methodState = INIT } else { eapRespData = buildNak(reqId) } GET_METHOD ignore = aka.check(eapReqData) if (!ignore) { (methodState, decision, allowNotifications) = aka.process(eapReqData) eapRespData = aka.buildResp(reqId) if (aka.isKeyAvailable()) eapKeyData = aka.getKey() } AKA_METHOD lastId = reqId lastRespData = eapRespData eapReq = FALSE eapResp = TRUE SEND_RESPONSE eapRespData eapReqData

WISTP 2008, May 13-16, Conclusion Our testbed shows the feasibility and robustness of the proposed NSC-based AAA protocol architecture for 3G/WLAN interworking scenarios. Standardized EAP-AKA protocol is transparently implemented in a common U(SIM), which participates as stand-alone supplicant (NSC-based U(SIM)) A novel trust model that assumes an a priori untrustworthy environment is defined Therefore, our approach represents a more flexible solution in terms of security. Beyond these benefits, it also may provide efficient mobile stations’ customization or personalization in critical or public environments. Further works: Study and complete EAP-AKA functionalities New EAP-types methods

WISTP 2008, May 13-16, Network Smart Card Performing U(SIM) Functionalities in AAA Protocol Architectures Thank you for your attention! Questions/Comments?