Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security issues in public access WLAN architectures

Published byNorah Miles Modified over 6 years ago

Similar presentations

Presentation on theme: "Security issues in public access WLAN architectures"— Presentation transcript:

1 Security issues in public access WLAN architectures
March 2002 Security issues in public access WLAN architectures Mats Näslund, Stefan Rommer Ericsson Mats Näslund & Stefan Rommer, Ericsson

2 Traditional WLAN Environment
March 2002 sjkasjhd March 2002 Traditional WLAN Environment Corporate Intranet protected Crypto Protection AP AP - Trusted environment - No charging Mats Näslund & Stefan Rommer, Ericsson John Doe, His Company

3 Public Access WLAN Environment
March 2002 sjkasjhd March 2002 Public Access WLAN Environment HOME AIRPORT WLAN “HOT-SPOTS” 3G Roaming Net HOTEL OFFICE/WORK PUBLIC AREA Mats Näslund & Stefan Rommer, Ericsson John Doe, His Company

4 Corporate Network or Service Network
March 2002 Access Scenario UTRAN RNC Node B SGSN GGSN/FA Gn Iu Gr(MAP) HSS AuC HLR Gi 3GPP Core Network Access Server/HA AAA Subscriber Mgmt Charging/Billing AAA Corporate Network or Service Network Wx (Diameter) IP AP WSN/FA AAA Roaming Partner Signalling and User Data Signalling Data Protection AP WRAN HOTSPOT Could be highly untrusted! Mats Näslund & Stefan Rommer, Ericsson

5 Security End-points Protected! (Physically secured) Confidentiality
March 2002 Security End-points WRAN AP WSN/FA Protected! (Physically secured) AP Confidentiality (soon: integrity) No protection! Could be tampered with. No protection! Robust charging requires at least integrity protection. Mats Näslund & Stefan Rommer, Ericsson

6 WLAN Public Access Public access is an important WLAN scenario.
March 2002 WLAN Public Access Public access is an important WLAN scenario. Security in public scenarios should be important to TGi. How can TGi secure traffic in the AP and the connecting cable? Make it possible to move the security endpoint into the wired network Other (less secure) possibilities AP in tampering-proof box? Make physical access to Ethernet cable impossible? More? Mats Näslund & Stefan Rommer, Ericsson

7 Moving the security endpoint
March 2002 Moving the security endpoint It should be possible to signal the AP not to perform data authentication (a node inside the wired network will check integrity). Optionally, decryption and the whole security association could be moved. Consequences: Higher security in public scenarios. Transparent for RSN-capable mobile nodes. Little point in using OCB, separate MIC preferred. Simpler/legacy APs (without RSN) could be used. Have to be solved: Signaling between AP and network node, fragmentation, etc. Mats Näslund & Stefan Rommer, Ericsson

Download ppt "Security issues in public access WLAN architectures"

Similar presentations

LinkSec Architecture Attempt 3

LinkSec Architecture Attempt 3
1MEDIACON 2004 © 2001, Cisco Systems, Inc. A View on Mobility for Multimedia Arthur Feather Mobile Wireless Group Cisco Systems Arthur Feather Mobile Wireless.

1MEDIACON 2004 © 2001, Cisco Systems, Inc. A View on Mobility for Multimedia Arthur Feather Mobile Wireless Group Cisco Systems Arthur Feather Mobile Wireless.
Network Evolution Scenarios Dr. Klaus-D. Kohrt Product Portfolio Management Siemens I&C Mobile Networks.

Network Evolution Scenarios Dr. Klaus-D. Kohrt Product Portfolio Management Siemens I&C Mobile Networks.
Always Best Connected Architecture and Design Rajesh Mishra Ericsson Berkeley Wireless Center.

Always Best Connected Architecture and Design Rajesh Mishra Ericsson Berkeley Wireless Center.
Cryptography in Public Wireless Networks Mats Näslund Communication Security Lab Ericsson Research Feb 27, 2004.

Cryptography in Public Wireless Networks Mats Näslund Communication Security Lab Ericsson Research Feb 27, 2004.
EMC/QX/R-04:063 Uen Rev A CDG IR Team 2004-12-131 IP MultiMedia Subsystem (IMS) New Service Possibilities Alain Bouvier CDG.

EMC/QX/R-04:063 Uen Rev A CDG IR Team IP MultiMedia Subsystem (IMS) New Service Possibilities Alain Bouvier CDG.
Doc.: IEEE 802.11-04/0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.

Doc.: IEEE /0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.
SIP in 3GPP August 12th, 2000 Adam Roach

SIP in 3GPP August 12th, 2000 Adam Roach
Doc.:IEEE 802.11 02/106 Submission Jamshid Khun-Jush, Ericsson January, 2002 Slide 1 Integration of WLAN and Wide Area Mobile Networks Author: Jamshid.

Doc.:IEEE /106 Submission Jamshid Khun-Jush, Ericsson January, 2002 Slide 1 Integration of WLAN and Wide Area Mobile Networks Author: Jamshid.
1 Terena Networking Conference 2003 Applying Radius-based Public Access Roaming in the Finnish University Network (FUNET) Sami Keski-Kasari Karri Huhtanen.

1 Terena Networking Conference 2003 Applying Radius-based Public Access Roaming in the Finnish University Network (FUNET) Sami Keski-Kasari Karri Huhtanen.
LTE roaming – a whole new world Acme Packet 3 Session Border Control (SBC) category creator and leader with over 60% market share Mission: enable delivery.

LTE roaming – a whole new world Acme Packet 3 Session Border Control (SBC) category creator and leader with over 60% market share Mission: enable delivery.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.
Lucent Technologies – Proprietary Use pursuant to company instruction 1 3GPP2 Workshop MMD IMS Architecture June 28, 2005 Anne Y. Lee IMS Systems Engineering.

Lucent Technologies – Proprietary Use pursuant to company instruction 1 3GPP2 Workshop MMD IMS Architecture June 28, 2005 Anne Y. Lee IMS Systems Engineering.
Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.

Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.
Confidential and proprietary material for authorized Verizon Wireless personnel only. Use, disclosure or distribution of this material is not permitted.

Confidential and proprietary material for authorized Verizon Wireless personnel only. Use, disclosure or distribution of this material is not permitted.
Doc.: IEEE 802.11-03/229r0 Submission Tan Pek-Yew, Panasonic Slide 1 March 2003 Interworking – QoS and Authorization Tan Pek Yew & Cheng Hong Panasonic.

Doc.: IEEE /229r0 Submission Tan Pek-Yew, Panasonic Slide 1 March 2003 Interworking – QoS and Authorization Tan Pek Yew & Cheng Hong Panasonic.
“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.

“Securing IP Multimedia Subsystem (IMS) infrastructures …,” M. Tsagkaropoulos UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless.
Understanding 3GPP Bearers LTE / HSPA / EPC ‘knowledge nuggets’ Neil Wiffen - nwiffen@red-banana.org More free downloads at www.red-banana.org Public.

Understanding 3GPP Bearers LTE / HSPA / EPC ‘knowledge nuggets’ Neil Wiffen - More free downloads at Public.
3GPP ”All-IP” vision Long and short term What do we want to obtain ? How to get there (phasing) ? What do 3GPP need to do ? Issues to be resolved.

3GPP ”All-IP” vision Long and short term What do we want to obtain ? How to get there (phasing) ? What do 3GPP need to do ? Issues to be resolved.

Similar presentations

Ads by Google