Presentation is loading. Please wait.

Presentation is loading. Please wait.

EAP Method Requirements for Emergency Services

PublishΑμάλθεια Βυζάντιος Modified over 5 years ago

Similar presentations

Presentation on theme: "EAP Method Requirements for Emergency Services"— Presentation transcript:

1 EAP Method Requirements for Emergency Services
May 2007 doc.: IEEE /0508r0 May 2007 EAP Method Requirements for Emergency Services Date: Authors: Notice: This document has been prepared to assist IEEE It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures < ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement "IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being developed within the IEEE Working Group. If you have questions, contact the IEEE Patent Committee Administrator at Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

2 May 2007 doc.: IEEE /0508r0 May 2007 Abstract This presentation discusses requirements for the EAP method for use with emergency calls over networks, and is intended to serve as a basis for asking the IETF to recommend an EAP method for such a deployment scenario. Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

3 Types of Emergency Calls in 802.11u
May 2007 doc.: IEEE /0508r0 May 2007 Types of Emergency Calls in u Unencrypted calls on networks using the Emergency Services Only (ESO) bit for signaling APs advertising the ESO bit will accept any non-AP STA without L2 security Network responsible for enforcing access control to only VoIP services with VLANs, ACLs, etc. Encrypted calls using public credentials Network is shared with other uses Default Emergency Services NAI gives non-AP STAs a user name to send in 802.1X/EAPOL to get access to emergency services Key exchange for L2 data security requires a PMK, which must be exchanged by either PSK or EAP method Regulatory requirements may require use of link encryption, which forces use of the public credential case Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

4 Why not just use a PSK? The PSK must be widely known
May 2007 doc.: IEEE /0508r0 May 2007 Why not just use a PSK? The PSK must be widely known It should be the same for every network in the world, so that a phone can be used in any network for emergency services The only practical way to get this to happen is to put the PSK into the standard, where everybody can read it PSKs can have poor DoS resistance Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

5 EAP Issues with Emergency Calls
May 2007 doc.: IEEE /0508r0 May 2007 EAP Issues with Emergency Calls Negotiating compatible method may take time This is a problem for TGu to solve Existing EAP methods were designed for closed networks OK to have pre-configured trust relationships, and important to get cryptography right May depend on reachability of AS Should be an optional implementation choice for AP vendor to do something simple Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

6 Requirement #1: No Pre-configured Trust Relationship
May 2007 doc.: IEEE /0508r0 May 2007 Requirement #1: No Pre-configured Trust Relationship Every network that uses public credentials for emergency services needs to identify itself Credentials (PSK or certificate) should not be published PSK has scaling problems and potential security issues Implementations should not require multiple certificate chains to validate trust because many devices will have small storage (e.g. phones); single certificate may be challenging Anonymous cryptography is acceptable, since the network will need to manage access rights as part of allowing session establishment Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

7 Requirement #2: “Small” Number of Messages
May 2007 doc.: IEEE /0508r0 May 2007 Requirement #2: “Small” Number of Messages Emergency calls are a lower security bar Users are anonymous at L2 in this scenario – user accounts not required Acceptable to eliminate some crypto features (e.g. perfect forward secrecy) to reduce message count and handshake time Implementation of L2 security within AP should be possible; some networks may look up access rights via AS Each round-trip message adds latency Wireless latency is small, AP-to-AS latency can be larger depending on deployment Matthew Gast, Trapeze Networks Matthew Gast, Trapeze Networks

Download ppt "EAP Method Requirements for Emergency Services"

Similar presentations

Doc.: IEEE 802.11-07/0508r0 Submission May 2007 Matthew Gast, Trapeze NetworksSlide 1 EAP Method Requirements for Emergency Services Notice: This document.

Doc.: IEEE /0508r0 Submission May 2007 Matthew Gast, Trapeze NetworksSlide 1 EAP Method Requirements for Emergency Services Notice: This document.
LB84 General AdHoc Group Sept. Closing TGn Motions

LB84 General AdHoc Group Sept. Closing TGn Motions
[ Interim Meetings 2006] Date: Authors: July 2005

[ Interim Meetings 2006] Date: Authors: July 2005
Motions Date: Authors: January 2006

Motions Date: Authors: January 2006
IEEE White Space Radio Contribution Title

IEEE White Space Radio Contribution Title
TGu/TGv Joint Session Date: Authors: July 2005 July 2005

TGu/TGv Joint Session Date: Authors: July 2005 July 2005
London TGu Motions Authors: January 2007 Date: Month Year

London TGu Motions Authors: January 2007 Date: Month Year
LB73 Noise and Location Categories

LB73 Noise and Location Categories
LB73 Noise and Location Categories

LB73 Noise and Location Categories
Waveform Generator Source Code

Waveform Generator Source Code
TGu Closing Report Date: Authors: November 2005

TGu Closing Report Date: Authors: November 2005
March 2014 Election Results

March 2014 Election Results
TGp Closing Report Date: Authors: July 2007 Month Year

TGp Closing Report Date: Authors: July 2007 Month Year
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
Attendance and Documentation for the March 2007 Plenary

Attendance and Documentation for the March 2007 Plenary
3GPP Extended Date: Authors: July 2005 July 2005

3GPP Extended Date: Authors: July 2005 July 2005
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
[ Policies and Procedure Summary]

[ Policies and Procedure Summary]
3GPP liaison report May 2006 May 2006 Date: Authors:

3GPP liaison report May 2006 May 2006 Date: Authors:
Motion to accept Draft p 2.0

Motion to accept Draft p 2.0

Similar presentations

Ads by Google