Doc.: IEEE 802.11-07/2161r1 Submission July 2007 Slide 1 July 2007 Donald Eastlake 3rd, MotorolaSlide 1 Segregated Data Services in 802.11 Date: 2007-07-17.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1120r2 Submission September 2008 Guido R. Hiertz et al., PhilipsSlide 1 Terminology changes in a nutshell … Date: Authors:
Advertisements

Doc.: Handoff_WNG_Presentation r3 Submission July David Johnston, IntelSlide Handoff Presentation to WNG David Johnston.
Submission doc.: IEEE 11-12/0420r2 March 2012 Fei Tong, CSRSlide 1 Providing extended range with limited transmission power in ah network Date: 14-March-2012.
Doc.: IEEE /1323r0 November 2012 Submission Relays for ah Date: Authors: Slide 1.
OmniRAN SoA and Gap Analysis Date: [ ] Authors: NameAffiliationPhone Antonio de la Juan Carlos
Submission doc.: IEEE /1003r1 July 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Upper Layer Data on Management frames Date:
Submission doc.: IEEE 11-12/0589r0 May 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
Submission doc.: IEEE 11-12/0589r2 July 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
Submission doc.: IEEE /1015r1 September 2015 Guido R. Hiertz et al., EricssonSlide 1 Proxy ARP in ax Date: Authors:
Doc.: IEEE /1308r0 Submission November 2009 Donald Eastlake 3rd, Stellar SwitchesSlide 1 Editorial remarks for Draft 3.05 Date: Author:
Doc.: IEEE /0270r2 Submission March 2007 Matthew Gast, Dave StephensonSlide 1 Emergency Call Setup Procedure Notice: This document has been prepared.
Doc.: IEEE /1054r0 Submission Sep Santosh Pandey (Cisco)Slide 1 FILS Reduced Neighbor Report Date: Authors:
Submission doc.: IEEE 11-12/0589r1 May 2012 Donald Eastlake 3rd, Huawei R&D USASlide 1 General Links Date: Authors:
Submission doc.: IEEE /1003r2 July 2011 Hiroki Nakano, Trans New Technology, Inc.Slide 1 Upper Layer Data on Management frames Date:
Submission doc.: IEEE 11-12/0281r0 March 2012 Jarkko Kneckt, NokiaSlide 1 Recommendations for association Date: Authors:
Doc.: IEEE /2778r1 Submission November 2007 Sandra Qin et al., SamsungSlide 1 Content Protection Support in Date: Authors:
Doc.: IEEE /0617r0 Submission May 2008 Tony Braskich, MotorolaSlide 1 Refining the Security Architecture Date: Authors:
Doc.: IEEE 11-04/0319r0 Submission March 2004 W. Steven Conner, Intel Corporation Slide 1 Architectural Considerations and Requirements for ESS.
Doc.: IEEE /2491r00 Submission September 2007 D. Eastlake (Motorola), G. Hiertz (Philips)Slide 1 WLAN Segregated Data Services Date:
Doc.: IEEE /114r1 Submission January 2008 D. Eastlake (Motorola)Slide 1 Segregated Data Services Date: Authors:
Submission doc.: IEEE ai September 2012 Lei Wang, InterDigital CommunicationsSlide 1 Ad Hoc Discussions of ai Passive Scanning during.
Doc.: IEEE /0357r0 Submission March 2008 Michelle Gong, Intel, et alSlide 1 Enhancement to Mesh Discovery Date: Authors:
Submission doc.: IEEE 11-13/0526r1 May 2013 Donald Eastlake, HuaweiSlide 1 Sub-Setting Date: Authors:
Doc.: IEEE /1091-r0 SubmissionGuenael Strutt, Jan KruysSlide 1 July 2006 Interworking Considerations Date: Authors: Notice: This document.
Doc.: IEEE /0448r0 Submission March, 2007 Srinivas SreemanthulaSlide 1 Joiint TGU : Emergency Identifiers Notice: This document has been.
Doc.: IEEE /1313r1 Submission November 2013 Stephen McCann, BlackberrySlide 1 TGaq Mini Tutorial Date: Authors:
Doc.: IEEE /1313r2 Submission November 2013 Stephen McCann, BlackberrySlide 1 TGaq Mini Tutorial Date: Authors:
Doc.: IEEE /0174r1 Submission Hang Liu, et al. March 2005 Slide 1 A Routing Protocol for WLAN Mesh Hang Liu, Jun Li, Saurabh Mathur {hang.liu,
Doc.: IEEE /0817r1 Submission July 2009 McCann et al. (RIM)Slide 1 QoS support in Management Frames Date: Authors:
Doc.: IEEE /1468r1 Submission Jan 09 Ashish Shukla, Marvell SemiconductorSlide 1 ERP Protection in IEEE s Mesh Network Date:
Doc.: Submission July 2010 D. Stanley (Aruba), B.Kraemer (Marvell) Slide 1 P802.11v report to EC on request for conditional approval to proceed.
Submission doc.: IEEE /871r3 July 2015 Guido R. Hiertz et al., EricssonSlide 1 Efficiency enhancement for ax Date: Authors:
Doc.: IEEE /1313r4 Submission November 2013 Stephen McCann, BlackberrySlide 1 TGaq Mini Tutorial Date: Authors:
Doc.: IEEE /0103r0 Submission January 2004 Jesse Walker, Intel CorporationSlide 1 Some LB 62 Motions January 14, 2003.
Doc.: IEEE P /823r0 Submission May 2007 Donald Eastlake 3rd, MotorolaSlide 1 TGs Montreal Closing Report Notice: This document has been prepared.
Relationship between peer link and physical link
Content Protection Support in
FILS Reduced Neighbor Report
More “what is u?” Date: Authors: March 2006
Segregated Data Services
May 2007 doc.: IEEE c doc.: IEEE /0783r0 July 2007
November 2008 doc.: IEEE /1437r1 July 2010
WLAN Segregated Data Services
Lightweight Mesh Point – A confusing term
Content Protection Support in
Enhancements to Mesh Discovery
Enhancement to Mesh Discovery
FILS Reduced Neighbor Report
Segregated Data Services
TGs PAR Amendment Authors: March 2007 Date: March 2007
Lightweight Mesh Point – A confusing term
Discovery of ESS services
TGaq Mini Tutorial Date: Authors: November 2013
Infrastructure Service Discovery
TGs PAR Amendment Authors: March 2007 Date: March 2007
November 2008 doc.: IEEE /1437r1 November 2010
Terminology changes in a nutshell …
Infrastructure Service Discovery
Relationship between peer link and physical link
Lightweight Mesh Point – A confusing term
Segregated Data Services in
Document Structure Discussion
Lightweight Mesh Point – A confusing term
Requirement Motions Date: Authors: July 2005 July 2005
TGu Requirements Check
Remedy for beacon bloat
TGu/TGv Joint Meeting Date: Authors: May 2008 Month Year
MAC Address Spoofing in Mesh
Lightweight Mesh Point – A confusing term
Remedy for beacon bloat
Presentation transcript:

doc.: IEEE /2161r1 Submission July 2007 Slide 1 July 2007 Donald Eastlake 3rd, MotorolaSlide 1 Segregated Data Services in Date: Authors:

doc.: IEEE /2161r1 Submission July 2007 Slide 2 July 2007 Donald Eastlake 3rd, MotorolaSlide 2 Abstract Essentially all networks need VLANs or a similar mechanism for segregated data services. The need varies from a mild requirement to distinguish “visitors” from “residents” in a one AP home network to much stronger and more complex requirements in enterprise, municipal, and other systems. Scenarios and requirements for adding segregated services / VLANs to IEEE are presented along with some comments on existing or prospective mechanisms.

doc.: IEEE /2161r1 Submission July 2007 Slide 3 July 2007 Donald Eastlake 3rd, MotorolaSlide 3 Motivation Segregating traffic for “visitors” who should only have access to the Internet and limited facilities, from “insider” traffic. Provision of different services for free and subscriptions services in Hot Zone or Municipal systems. (May also segregate subscription service through different carriers.) In mesh environments, ability to safely forward data through nodes with limited trust. To enable aggregation of traffic over a single infrastructure for efficient deployment. Dedicated traffic segregation by type, such as VoIP

doc.: IEEE /2161r1 Submission July 2007 Slide 4 Example Scenario I (unified infrastructure, single interface end stations) MAP 1 Guest Station MAP 2 AP 2 Guest Station Local Station Internet Local Station Protected Services Local Station Local VLAN Guest VLAN Wired Connection Firewall

doc.: IEEE /2161r1 Submission July 2007 Slide 5 Example Scenario II (diverse mesh, multi-interface mesh points) Org 1 MP Internet Org 1 MP Org 2 MP Org 3 MP Org 1 MP Organization 1 Infrastructure Org 1 MPP Local Mesh ServiceOrganization 1 ServiceOrganization 2 Service Organization 2 Infrastructure Org 2 MPP

doc.: IEEE /2161r1 Submission July 2007 Slide 6 July 2007 Donald Eastlake 3rd, MotorolaSlide 6 Tentative Requirements 1.Advertising Availability of Services 2.Associating/Authenticating/Authorizing for One or more Specific Services 3.Multiple Service Security Channels Between Two Stations 4.Transit Frame Labelling 5.Protection of Segregated Data from Unauthorized Access 6.Configuration and Management

doc.: IEEE /2161r1 Submission July 2007 Slide 7 July 2007 Donald Eastlake 3rd, MotorolaSlide 7 1. Advertising Availability of Services Current practice: Transmit multiple Beacons, as is done at IEEE 802 meetings. Work in progress: General Advertisement Service (GAS) mechanisms in TGu (Interworking with External Networks). –Includes SSIDC (SSID Container IE) for transmission of multiple SSIDs (with or without multiple BSSIDs) in a single beacon. Possible new work: –Extensions to TGu GAS. –Other mechanisms.

doc.: IEEE /2161r1 Submission July 2007 Slide 8 July 2007 Donald Eastlake 3rd, MotorolaSlide 8 2. Associating/Authenticating/Authorizing for a Specific Service Current practice: Only one association, i security. Work in progress: –TGw (Protected Management Frames) to extends security to some control messages –TGs (Mesh Networking) with authentication to mesh distinguished from authentication to an AP –TGu (Interworking with External Networks) different credentials/authentication for different back end carriers Possible new work: Different credentials/authentication for different Services/VLANs.

doc.: IEEE /2161r1 Submission July 2007 Slide 9 July 2007 Donald Eastlake 3rd, MotorolaSlide 9 3. Multiple Service Security Channels Between Two Stations Current Practice: –AP can have multiple security associations but each with a different end station. –Two stations can have multiple IPsec security associations or the like at the application level. Work in Progress: TGs (Mesh Networking) permits multiple associations but each with a different mesh point. Possible new work: –Different security associations for different services/VLANs –Development of a new Authenticator PAE function that can manage multiple SAs with a given neighbor

doc.: IEEE /2161r1 Submission July 2007 Slide 10 July 2007 Donald Eastlake 3rd, MotorolaSlide Transit Frame Labelling Current Practice: –Current standard explicitly permits 802.1Q-Tag in payload ( Annex M) but Q-Tag’s priority and VLAN ID fields are otherwise ignored. –Only obvious way is to use different MAC addresses. Work in Progress: none...(?) Possible new work: –Header addition to distinguish Service/VLAN –Other mechanisms

doc.: IEEE /2161r1 Submission July 2007 Slide 11 July 2007 Donald Eastlake 3rd, MotorolaSlide Protection of Segregated Data from Unauthorized Access Current Practice: Have to use IPsec or some similar application level mechanism to protect data at intermediate hops. Work in Progress: none... Possible new work: –Optional edge-to-edge security between original source station and final destination station. But not all services would require this. (If VLAN mapping is possible, authentication should be keyed to SSID, not VLAN ID.)

doc.: IEEE /2161r1 Submission July 2007 Slide 12 July 2007 Donald Eastlake 3rd, MotorolaSlide Configuration and Management Current Practice: –SNMP (Simple Network Management Protcol) –GVRP (GARP VLAN Registration Protocol) –Proprietary command line interfaces and protocols Work in Progress: SNMP MIB (Management Information Base) additions by TGu (Interworking with External Networks) Possible new work: –MIB additions or other mechanisms for configuration and management including setting-up and deleting VLANs

doc.: IEEE /2161r1 Submission July 2007 Slide 13 July 2007 Donald Eastlake 3rd, MotorolaSlide 13 Straw Polls Results in WNG SC during morning session on 17 July: –Should the WNG SC proceed at this time to vote on a motion to set up a Study Group? Yes: 6No: 27 Abstain: 18 –Should receive further presentations on the topic of segregated data services? Yes: 46No: 0 Abstain: 1

doc.: IEEE /2161r1 Submission July 2007 Slide 14 July 2007 Donald Eastlake 3rd, MotorolaSlide 14 Motion (not voted on in WNG) Moved, To request the IEEE Working Group to approve and forward to the IEEE 802 Executive Committee the creation of a “WLAN Multiple Segregated Data Services” Study Group to draft a PAR and 5 Criterion for the provision of secure segregated data services in , such services to include some or all of the following: –advertising and associating with such services; labeling frames per service; security of data within a service; and the configuration and management of such services. Moved:Seconded: Yes:No:Abstain:

doc.: IEEE /2161r1 Submission July 2007 Slide 15 July 2007 Donald Eastlake 3rd, MotorolaSlide 15 References Standard – WLANs Standard 802.1Q-2005 – VLANs, GVRP Draft s D1.05 – ESS Mesh Networking Draft u D1.0 – Interworking with External Networks Draft w D2.0, – Protected Management Frames IETF STD 62 (IETF RFCs 3411 through 3418) – SNMP

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.