3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

Slides:

Advertisements

Similar presentations

RadSec – A better RADIUS protocol

Advertisements

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

Lemonade and Mobile e- mail Stéphane H. Maes – Lemonade Intermediate meeting Vancouver, BC October 2004.

INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.

Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Visibility Services CRX & Interstandard Roaming June 15, 2007 Presented By: Linda Pennot Product Manager ®

History Since created in 1995, RADIUS has been used to provide authentication, authorization and generate accounting information for dial-in users. However,

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

SIP Update Spring VON 1999 Jim Nelson - founder, co-ceo.

Georgy Melamed Eran Stiller

1 CDMA/GPRS Roaming Proposals Raymond Hsu, Jack Nasielski Feb

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 9 Network Policy and Access Services in Windows Server 2008.

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.

Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.

Internet Goes Mobile Alper Yegin KIOW 2003 at APNIC 16 August 19th, Seoul, Korea.

Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.

1 © 1999, Cisco Systems, Inc. AAA/Mobile IP For 3G CDMA Systems Gopal Dommety and Allen Long.

Group Communications at Concordia J. William Atwood High Speed Protocols Laboratory Concordia University Montreal, Quebec, Canada.

1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.

© 1998 R. Gemmell IETF WG Presentation1 Robert Gemmell ROAMOPS Working Group.

AIMS’99 Workshop Heidelberg, May 1999 P805: Internet Roaming Giuseppe Sisto - Telecom Italia / CSELT Project participants:

1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.

AAA Registration Keys Charles E. Perkins/Nokia Research Pat R. Calhoun/Sun Microsystems.

1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le.

1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.

AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.

Common NAI/Password Fraud Issue 7/27/2005 Bryan Cook

1 A VPN based approach to secure WLAN access John Floroiu

Doc.: IEEE /209r0 Submission 1 March GPP SA2Slide 1 3GPP System – WLAN Interworking Principles and Status From 3GPP SA2 Presented.

111 © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID Mobile IPv4 Dynamic Home Agent Assignment Framework (draft-kulkarni-mobileip-dynamic-assignment-01.txt)

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

1 © NOKIA FILENAMs.PPT/ DATE / NN AAA-SIP Requirements Current draft: draft-loughney-sip-aaa-req-00.txt draft-calhoun-sip-aaa-reqs-04.txt may not be updated.

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

RADIUS What it is Remote Authentication Dial-In User Service

Doc.: IEEE /345r0 Submission May 2002 Albert Young, Ralink TechnologySlide 1 Enabling Seamless Hand-Off Across Wireless Networks Albert Young.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

September 28, 2006 Page 1 3GPP2 MMD Status for IMS Workshop Jack Nasielski

Draft-ietf-aaa-diameter-mip-15.txt Tom Hiller et al Presented by Pete McCann.

Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.

Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.

Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.

CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI.

1 Welcome to Designing a Microsoft Windows 2000 Network Infrastructure.

Paris, August 2005 IETF 63 rd – mip6 WG Mobile IPv6 bootstrapping in split scenario (draft-ietf-mip6-bootstrapping-split-00) mip6-boot-sol DT Gerardo Giaretta,

MIP6 RADIUS IETF-72 Update draft-ietf-mip6-radius-05.txt A. LiorBridgewater Systems K. ChowdhuryStarent Networks H. Tschofenig Nokia Siemens Networks.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 27 November 23, 2004.

Applicability of Proxy Mobile IPv6 for Service Provider Wi-Fi Deployments Byju Pularikkal Rajeev Koodli Sri Gundavelli.

KAPLAN SCHOOL OF INFORMATION SYSTEMS AND TECHNOLOGY IT375 Window Enterprise Administration Course Name – IT Introduction to Network Security Instructor.

Mobile IP Security Konidala M. Divyan International Research Center for Information Security Network Security (ICE 615) Term Project – 2002 Autumn.

Integration of and Third-Generation Wireless Data Networks

Mobile Networking (I) CS 395T - Mobile Computing and Wireless Networks

EA C451 Vishal Gupta.

IETF67 B. Patil, Gopal D., S. Gundavelli, K. Chowdhury

Wireless Communication CDMA EVDO Systems

Pat R. Calhoun Sun Microsystems, Inc.

Charles E. Perkins RFC 2002bis Charles E. Perkins

Security Activities in IETF in support of Mobile IP

Presentation transcript:

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM

3Com Confidential Proprietary 3G CDMA AAA Requirements Mobile Node Authentication in Foreign Network –Essential for Billing Mobile Node Authentication in Home Agent –Protects User Data Hijacking Quick Mobile Node Handoff Authentication –Reduces handoff data loss/delay Roaming Support Easier Mobile Node Provision Packet Data Accounting

3Com Confidential Proprietary Mobile IP AAA Servers RADIUS –Deployed in Dial-in Access Network –Simple and Stateless Operation –IETF RFC 2138 and RFC 2139 –Limited Support of 3G AAA Requirements DIAMETER –IETF Draft –Super set of RADIUS –Supports 3G AAA Requirements RADIUS Accounting + PKI (Public Key Infrastructure) –Flexible –Requires lots of computation –IETF Draft

3Com Confidential Proprietary 3Com Recommendation RADIUS in Version 1 PKI+RADIUS extension or DIAMETER in Version 2

3Com Confidential Proprietary Reasons RADIUS is simple. RADIUS has been deployed in Dial-in service for awhile. RADIUS works but with limited Mobile IP and roaming support. –For example, it does not support dynamic key distribution. Keys are required to be statically configured. –Proxy function requires static configuration. There is no protocol support for dynamic resolution of AAA server. DIAMETER and RADIUS extension + PKI are not mature. It will take some time to settle down. DIAMETER is in IETF draft state. We don't want to build a AAA used only for CDMA. We need to support ISPs which have deployed RADIUS as Home AAA.

3Com Confidential Proprietary What we get with RADIUS Packet Accounting: fully supports CDG specified accounting parameters. Mobile IP Foreign Agent Challenge/Response –Required to build trust relationship for billing. Dynamic Home Address Assignment feature from DIAMETER can be easily implemented in Home Agent. –Home Agent manages and assigns temporary Home Address. Roaming support by static configuration. Mobile node authentication through static configuration of shared key between mobile nodes and its Home Agents.

3Com Confidential Proprietary What we get with DIAMETER Foreign Agent Challenge/Response. Dynamic Key distribution for temporary Mobile IP registration authentication. Dynamic resolution of proxy AAA server. Packet Data Accounting. Dynamic Home Address Assignment. First Time Mobile IP Registration through DIAMETER.

3Com Confidential Proprietary 3Com Proposed RADIUS Based Foreign Agent Challenge/Response Implementation (First Time Registration)

3Com Confidential Proprietary 3Com Proposed RADIUS Based Foreign Agent Challenge/Response Implementation (Consecutive Registration)

3Com Confidential Proprietary Security Association