Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility.

Slides:



Advertisements
Similar presentations
SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Advertisements

Using HIP to solve MULTI-HOMING IN IPv6 networks YUAN Zhangyi Beijing University of Posts and Telecommunications.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
Voice over IP Fundamentals
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
CCNA – Network Fundamentals
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Chapter 7: Transport Layer
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Transport Layer.
Host Identity Protocol
Process-to-Process Delivery:
Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.
1 Transport Layer Computer Networks. 2 Where are we?
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Chapter 17 Networking Dave Bremer Otago Polytechnic, N.Z. ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings.
Mobile IP, PMIP, FMC, and a little bit more
Review: –What is AS? –What is the routing algorithm in BGP? –How does it work? –Where is “policy” reflected in BGP (policy based routing)? –Give examples.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Jaringan Komputer Dasar OSI Transport Layer Aurelio Rahmadian.
1 Computer Networks DA Chapter 1-3 Introduction.
I-D: draft-rahman-mipshop-mih-transport-01.txt Transport of Media Independent Handover Messages Over IP 67 th IETF Annual Meeting MIPSHOP Working Group.
Network Layer4-1 DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network.
Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.
CS 3214 Computer Systems Godmar Back Lecture 23. Announcements Project 5 due Dec 8 Exercise 10 handed out Exercise 11 coming before Thanksgiving CS 3214.
Ch 1. Computer Networks and the Internet Myungchul Kim
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
Lectu re 1 Recap: “Operational” view of Internet r Internet: “network of networks” m Requires sending, receiving of messages r protocols control sending,
Page 1 Network Addressing CS.457 Network Design And Management.
Prepared by: Azara Prakash L.. Contents:-  Data Transmission  Introduction  Socket Description  Data Flow Diagram  Module Design Specification.
Multimedia and Networks. Protocols (rules) Rules governing the exchange of data over networks Conceptually organized into stacked layers – Application-oriented.
4.1.4 multi-homing.
Some use cases and requirements for handover Information Services Greg Daley MIPSHOP Session IETF 64.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Routing Information Protocol
01_NF_Ch04 – OSI Transport Layer ( 傳輸層 ) Source: CCNA Exploration.
K. Salah1 Security Protocols in the Internet IPSec.
S Postgraduate Course in Radio Communications. Application Layer Mobility in WLAN Antti Keurulainen,
Postech DP&NM Lab Session Initiation Protocol (SIP) Date: Seongcheol Hong DP&NM Lab., Dept. of CSE, POSTECH Date: Seongcheol.
HIP-Based NAT Traversal in P2P-Environments
Unit 7: DHCP, APIPA and NTP. Static versus dynamic IP addressing Dynamic IP addresses can change each time you connect to the Internet, while static IP.
Chapter 7: Transport Layer
VoIP ALLPPT.com _ Free PowerPoint Templates, Diagrams and Charts.
The Transport Layer Implementation Services Functions Protocols
Chapter 9: Transport Layer
Instructor Materials Chapter 9: Transport Layer
WebRTC enabled multimedia conferencing and collaboration solution
Slides taken from: Computer Networking by Kurose and Ross
4.1.5 multi-homing.
Working at a Small-to-Medium Business or ISP – Chapter 7
2002 IPv6 技術巡迴研討會 IPv6 Mobility
Working at a Small-to-Medium Business or ISP – Chapter 7
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
Network Virtualization
Working at a Small-to-Medium Business or ISP – Chapter 7
Multimedia and Networks
Process-to-Process Delivery:
CS4470 Computer Networking Protocols
Computer Networks DA2402.
Process-to-Process Delivery: UDP, TCP
Computer Networks Protocols
Presentation transcript:

Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility

Intro to Mobi-D 2 Mobi-D: Executive Summary What: draft-barrett-mobile-dtls-00.txt Host based mobility (HBM) using secure identities to provide end to end mobility A small extension to DTLS DTLS (Datagram TLS) is IETF standard protocol (RFC 4347) Extension provides mobility for single or multi access devices Mobi-D IP Browser 3GPP Internet Mobi-D client UDP apps WLAN Mobi-D server

Intro to Mobi-D 3 Mobi-D: Executive Summary Why: host based mobility (HBM) Avoids the considerable delay in doing a connection handshake when a mobility event occurs Avoids additional handshake overhead of application reconnecting after mobility Can add mobility to DTLS VPN Can be used where there is no support for PMIP or client MIP Can be used in client-server or mobile-to-mobile connectivity Can be implemented in application, middleware or in kernel Can be distributed to most existing clients as library or software upgrade Requires no proxy, agents, signaling or triangular routing needed Traverses NATs No privacy issues due to middle boxes or bindings between L2 or L3 addresses and higher layers

Intro to Mobi-D 4 Host Based Mobility based on Secure Identities Mobi-D extends DTLS in four ways: 1.A new DTLS Hello extension (Mobility) 2.A new TLS Hello extension (OP) 3.An additional field in the Record Layer (connection_id) 4.A new type of message (OP) Flow instantiation follows TLS oriented client host and server model Host and server discover Mobility extension and OP extension Mutually authenticate each other, exchange keys Host and server each allocate a mobility connection (MoCo) identifier Host and server exchange packets using the MoCo and keys When host moves and gets new IP address (or uses another interface with a different IP address), host sends next packet from new IP address as usual Server accepts packet because it has the MoCo and valid key Server updates return IP address Host can send new TLS OP proactively to update IP address if there are no other packets to send

Intro to Mobi-D 5 Current Status DTLS Stable spec since 2006 Open SSL based implementations available IETF I-D draft-barrett-mobile-dtls-00.txt in first draft draft-barrett-mobile-dtls-00.txt Review from some in TLS community expressed interest, positive feedback Implementation Nokia working on implementation, looking for other partners Is there working group interest?

Michael G. Williams, Jeremey Barrett 6 Backup slides Host based mobility

Intro to Mobi-D 7 Short Background of DTLS TLS Extremely widely deployed TLS layers between transport and application to provide security TLS requires reliable transport DTLS RFC 4347 (2006) Datagram TLS provides UDP based transport while using TLS security As with UDP, doesn’t re-order or re-transmit packets DTLS developed to provide same ease of use and implementation as TLS but with UDP transport Designed not to require kernel modifications to implement Use in industry Work near completion to provide keying support for SIP / VoIP Used as a transport for IETF’s CAPWAP protocol, connects APs and ACs

Intro to Mobi-D 8 Short Description of Mobi-D Differences from DTLS Adds mobile connection identifier (MoCo) to the DTLS record layer Automatically updates IP address of mobile host with or without signalling Adds TLS OP for optimized notifying TLS client or server of IP address change, and other uses Enables multiplexing and mobility using the existing TLS Security Parameters Host Based Mobility (HBM) Complements PMIP: PMIP supplies mobility in the network side without client support Also compliments client MIP: Mobi-D supplies host based mobility, without network support Can be used when neither PMIP nor MIP are available in the network Individual flows can be switched between interfaces Application doesn’t need to participate or be aware above middleware Stack-Internal signalling available from Mobi-D implementation can notify app to handle mobility changes if desired

Intro to Mobi-D 9 Use Cases for Mobi-D For Wide Area only device Handover of UDP based applications between operators without operator support Can work with any packet based wide area access including existing For multi-access Local and Wide Area interface device Handover of UDP based applications between local and wide area Can work with existing local area networks today Applications Media players on Linux and Symbian DTLS VPNs Managed IP TV Like Adobe and Flash RTMFP (Real time media flow protocol over UDP) Legitimizing P2P, Air, Stratus rendezvous server Server or serverless voice, Messaging File transfer Maps Games P2P mobile

Intro to Mobi-D 10 Scenarios for Mobi-D (1 of 3) Single Interface device Device and server perform TLS handshake and MoCo allocation for each flow that needs multiplexing or mobility Device moves to new network and changes IP address, with continuous connection Other end continues connection that is using the MoCo and TLS Security Parameters Automatically updates IP address of mobile host without signalling MoCo per flow enables the device to have multiple flows on an interface Portals with UDP services Mobi-D client (Mobi-D server) ANDSF server? Mobi-D IP WLAN Different Local Area (LA) subnets Different Wide Areas (WA) Mobi-D IP 3GPP data Mobility with address change UDP apps Browser UDP apps Browser Mobility with address change

Intro to Mobi-D 11 (Mobi-D server) ANDSF server? Mobi-D client (in TLS server role) IP WLAN Scenarios for Mobi-D (2 of 3) Multi Interface device A variety of possibilities with multiple interfaces Subnet change in local area (LA) only Mobi-D IP WLAN Loss of LA coverage Mobi-D UDP apps Mobility with address change Mobility with loss of coverage Browser UDP apps Browser … … … … Mobi-D client (in TLS server role) Mobi-D client Portals with UDP services (Mobi-D server) ANDSF server? Portals with UDP services

Intro to Mobi-D 12 Mobi-D IP Mobility with loss of coverage Change interface LA to WA or WA to LA 3G / LTE Operator LA RAT WA RAT NAT FW/WLAN Router Mobi-D IP Mobility with loss of coverage Change interface LA to WA or WA to LA Server based app Mobi-D client Scenarios for Mobi-D (3 of 3) NAT Server based application or mobile to mobile scenario with NAT(s) 3G / LTE Operator LA RAT WA RAT NAT FW/WLAN Router ISP Mobile to mobile UDP apps Browser UDP apps Browser (Mobi-D server) ANDSF server? Portals with UDP services