Download presentation
Presentation is loading. Please wait.
1
AAA Research Problems Bernard Aboba IETF 53 Minneapolis, MN March 19, 2002
2
Outline Metropolitan Area Networks Security issues
3
Link Aggregation IEEE 802.1 supports link aggregation Allows peer to use more than one IEEE 802 link and aggregate them –Example: Want to send 2 Gbps of traffic on a switch with 1 Gbps ports IEEE 802 Link aggregation model –Authentication (IEEE 802.1X occurs before aggregation) Question: How is link aggregation authorized? –Not as simple as old Ascend Port-Limit attribute Contact: Paul_Congdon@hp.com, IEEE 802.11aa PARPaul_Congdon@hp.com
4
Provisioning the EtherNAS The old way –Order a 56 Kbps link and wait… –Install and debug the 56 Kbps link. –Outgrow it –Order a T1 and wait…. –Install and debug the T1 link. –Outgrow it –Order a DS3 and wait… The new way: Ethernet ISPs –Growing in popularity: Telseon, Yipes, etc. Promises dramatic increases in speed, decrease in cost, wait Install big pipe to customer premises –1 Gbps or 10 Gbps Ethernet Allow customers to provision their own bandwidth via a web page Change takes effect in seconds instead of weeks Contact: Andrew Smith
5
Provisioning the EtherNAS HeterogeneousServers MAN EtherNAS 1+ Gbps switch with DWDM support Array Controller with Disks Array Controller with Disks (optional) Tape Library VLAN,MPLSTags Customer site 1 GbE link
6
EtherNAS Provisioning Draft-congdon-8021x-radius-17.txt describes VLAN provisioning –All packets on the port tagged with VLANID We’re only scratching the surface –Bandwidth limits –More sophisticated VLANs (application VLANs) –Lambda grooming –MPLS tagging
7
Security Issues Understanding the security implications of AAA keying Security analysis of current AAA keying techniques –Example: Diameter NASREQ, MIP keying Understanding the role of 3-way secure key agreement protocols such as Bellare- Rogaway Recommended contact: Bill Arbaugh
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.