Presentation is loading. Please wait.

Presentation is loading. Please wait.

Seamless & Secure Mobility Nada Golmie Advanced Networking Technologies Division National Institute of Standards and Technologies Gaithersburg, MD 20899.

Published byCarol Walsh Modified over 9 years ago

Similar presentations

Presentation on theme: "Seamless & Secure Mobility Nada Golmie Advanced Networking Technologies Division National Institute of Standards and Technologies Gaithersburg, MD 20899."— Presentation transcript:

1 Seamless & Secure Mobility Nada Golmie Advanced Networking Technologies Division National Institute of Standards and Technologies Gaithersburg, MD 20899 USA www.antd.nist.gov

2 2 Seamless Future Networks IP Based Core Networks Media Access Systems Services and Applications Short Range Connectivity cellular Wireline DSL/modem WLAN Interworking Mobility Management Roaming Network of Networks

3 3 Everyday Usage Scenarios Internet Ethernet Wi-Fi Cellular Wi-Fi Wi-Max In the office In the car Out of Town Wi-Fi AP1 AP2 AP3

4 4 Emergency Response Scenario Satellite 3G WiFi 3G

5 5 Military Usage Scenario Satcom GPRS 3G WiMax Satcom WiMax “Always Best Connected”

6 6 Mobility Granularity Horizontal Handover Vertical Handover Multiple Interface Management Multiple Flow Management A handover is initiated when mobile device exits the boundaries of an administrative domain. Single interface is used. A mobile device does need to move in order to initiate a handover. Multiple interfaces are required, but use one interface at a time. Simultaneous use of multiple interfaces and access networks. Association of an application with an interface Ability to split individual flows between links with respect to the requirements of the flows and the user preferences Complexity Level

7 7 Key Challenges Scalability – roaming from any access network to any other access network (2G, 3G, 4G, Wi-Fi, Wi-Max, Bluetooth, Satellite, Ethernet) Standard handover interfaces – interoperability between different vendor equipment. Cross-layer solutions - extensions to layer 1 & layer 2 functionalities in order to optimize higher layer mobility architectures (MIPv4, MIPv6, SIP). QOS guarantees during handover – no disruption to user traffic: extreme low latency, signaling messages overhead and processing time, resources and routes setup delay, near-zero handover failures and packet loss rate Security – user maintains the same level of security when roaming across different access networks.

8 8 Access Scalability Wide variety of access network technologies including cellular (2G, 2.5G, 3G), wireless (Wi-Fi, Wi-Max, Bluetooth, UWB) and wired (DSL, cable modems, Ethernet) Data Rate (Mb/s) IEEE 802.16a Coverage Area & Mobility IEEE 802.11n IEEE 802.15.1 Bluetooth IEEE 802.15.3a Local Area IEEE 802.15.4 Zigbee Metro Area 802.3 Ethernet 10 base-T 1000 base-T 100 base-T IEEE 802.20 IEEE 802.11a IEEE 802.15.3 IEEE 802.11g Personal Area IEEE 802.11b 0.01 0.11 10100 1000 Wide Area High Speed Vehicular Rural Vehicular Urban Pedestrian Indoor Fixed Urban Personal Area 2G GSM, CDMA 2.5G GPRS 3G CDMA2000, UMTS DSL Cable Modem

9 9 Access Media Properties Different media and coverage areas from few square meters to hundred of kilometers Different architectures and protocols for routing, transport, mobility management Different authentication, key management and encryption schemes Different services offered and user demands ranging from low-data-rate non-real-time applications, to high-speed real-time multimedia applications.

10 10 Industry and Standards Activities UMA Technology Session Initiation Protocol IP Multimedia Subsystem Internet Engineering Task Force Detecting Network Attachment Processing Layer 2 Triggers Mip4 Mobile IP version 6 Mip6 Mobile IP version 4 Mipshop MIPv6 signaling and Handoff Optimization Mobopts IP Mobility optimizations research group Nemo Network Mobility Higher Layers No single standard interface! IEEE 802 IEEE 802.21 Media Independent Handovers IEEE 802.11r IEEE 802.11 Fast handovers IEEE 802.11u Interworking with external networks IEEE 802.20 Mobile broadband wireless access Layer 2 Layer 3 FMCA NOKIA KT

11 11 Cross-Layer Protocol Interactions Profile Manager Access Media Applications Policy Mobility Decision Cellular PHY MAC Link measurements: RSSI, Noise, Interference Performance Measure.: QOS, ACK Handover Layer Network Layer Mobile IP trigger Transport Layer SCTP Application Layer SIP trigger Handover support What are the mobility architectures considered? What are the protocols and messages needed? What measurements will be used in the handover decision? What are the mobility scenarios envisaged? How can mobility performance be evaluated?

12 12 Secure Mobility Level 1 Level 2 Access Net. 1 Level 3 What additional encryption mechanisms and policies should be applied for secure access network transitions? How to characterize security levels? Level 2 Level 3 Level 1 Level 2 Level 3 Access Net. 2 Access Net. 3 Eg. GSM Eg. Wi-Fi Eg. Wi-Max Encryption + Authentication Integrity Checking Confidentiality Non-Repudiation Authentication Authorization

13 13 CCM-Mode 128 bit AES data encryption CCM-Mode 128 bit AES data authentication ECB mode AES, 128-bit key TEK encryption CBC-Mode 56-bit DES data encryption no data authentication RSA, 1024 TEK encryption Comparing Cryptographic Suites CBC-Mode 56-bit DES data encryption no data authentication 3-DES,128 TEK encryption No data encryption no data authentication RSA, 1024 TEK encryption No data encryption, no data authentication 3-DES,128-bit TEK encryption What are possible mappings? IEEE 802.16 Security offered by different access network technologies does not compare. CCMP data encryption 802.1X authentication 802.1X key management IEEE 802.11 WRAP data encryption 802.1X authentication 802.1X key management TKIP data encryption 802.1X authentication 802.1X key management WEP-104 data encryption 802.1X authentication 802.1X key management WEP data encryption 802.1X authentication 802.1X key management CCMP data encryption 802.1X authentication No key management WRAP data encryption 802.1X authentication No key management TKIP data encryption 802.1X authentication No key management WEP-104 data encryption 802.1X authentication No key management WEP data encryption 802.1X authentication No key management

14 14 Factors Impacting Security 1.Radio Transmission 2.Network Architecture  Cellular  Mesh 3.Internetworking 4.Shared Medium  CSMA/CA  Polling 5.Cryptography 6.Mobility 7.Changing Network Topology 8.Limited Energy resources 9.Node Association 10.Power Save Mode 11.Logical channel sensing 12.Retransmission 13.Fragmentation 14.Threat Environment

15 15 Practical Issues in Secure Mobility Single administrative domain – pairing of user security levels on different access networks Multiple administrative domain – need for (re)authentication Lack of quantitative measures for security performance Menu driven security options for equipment vendors and service providers increase complexity Dependence on threat environment, equipment capabilities and usage scenarios.

16 16 Project Roadmap Tool Development Protocol Analysis Protocol Development Deliverables Why NIST? Technology Gap Lack of measurement tools Opportunity Lack of standards Industry Standards Sponsors Plug-and-play simulations - Choice of platform - Extensions - Abstractions Analytical models Performance Metrics Usage Scenarios IEEE 802 > development of standard interfaces IETF > lower layer meas. Engage potential customers Determine need/requirements Advertise program Information Assurance Workshop, Feb. 2005 Quantify handover performance in terms of latency, loss, signaling, security Identify protocol cross-layer interactions Explore and map lower layer measurements Devise service/ security profiles mappings Mobility architecture Decision algorithms and optimizations Extensions to existing protocols Policy Mapping Start Mobility tool & measurement repository Publication of comparative performance analysis results User guidelines Best practices Contributions to Industry standard developments Competence Impact Strategic Technical

17 17 An Approach to Secure Mobility Transitional Security Security Levels Mappings Single Admin. Domain Multi-Admin. Domain Vulnerability analysis: - Are there any additional threats and weaknesses posed by the mobility? handover? - What are they? -Under what threat models? - How to mitigate them? 1)Select two technologies as a starting point: for example 802.11b and 802.16 2)Assess vulnerabilities associated with handover scenarios and related threat models 3)Identify security levels or tiers based on weakness analysis available for each technology 4)Devise security level mappings between different technologies 5)Extend the analysis to the multi-administrative domain case Identify levels of security based on protocol description and weakness analysis: -How to map comparable levels of security? -What additional security policies and mechanisms need to be applied in order to maintain the same level of security (or vulnerability)? Extensions of vulnerability analysis: -Investigate scenario and application specific cases - Devise taxonomy Extensions of security levels: - what are the security policies required for specific mobility and application scenarios? Start Complexity Level Deliverables are in the form: Mobility security requirements Security levels and mappings User Guidelines Lessons learned Limits of technology Feasibility study

18 Secure & Seamless Mobility Action Plan Develop plug-and-play mobility simulation platform: - Assess state of the art & availability of tools available in the public domain. - Build model extensions and abstractions to accurately characterize protocol interactions Derive analytical models for evaluating handover latency, and transition blocking probability. Devise benchmarks and realistic usage scenarios. Devise metrics for quantifying handover performance. Devise and evaluate handover protocol optimizations and decision algorithms. Devise access link security profiles and mappings across access link technologies. Technical Approach Investigate mobility protocols and methods that characterize & improve their performance. Bridging the interconnection gap between heterogeneous and “stovepipe” access network technologies Deliverables Contribute to standard group activities such as IETF and IEEE 802: conduct comparative performance evaluation of handover mechanisms being considered in IEEE 802 Create and maintain a repository of tools, benchmarks and performance metrics on NST Web site. Publish performance analysis results in conference / journal articles: characterize implications on handover performance including mobility management, QOS, and security. Key Questions How to support seamless mobility across different access network technologies? How to maintain security when handing over a connection from one access link to another access link? Internet

Download ppt "Seamless & Secure Mobility Nada Golmie Advanced Networking Technologies Division National Institute of Standards and Technologies Gaithersburg, MD 20899."

Similar presentations

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.
1 Mobility Management for All-IP Mobile Networks: Mobile IPv6 vs. Proxy Mobile IPv6 Ki-Sik Kong; Wonjun Lee; Korea University Youn-Hee Han; Korea university.

1 Mobility Management for All-IP Mobile Networks: Mobile IPv6 vs. Proxy Mobile IPv6 Ki-Sik Kong; Wonjun Lee; Korea University Youn-Hee Han; Korea university.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.

UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.
How are we going to get there? Perry Correll Xirrus, Principal Technologist How will White Spaces impact the consumer market?

How are we going to get there? Perry Correll Xirrus, Principal Technologist How will White Spaces impact the consumer market?
SEAMLESS MOBILITY Is it where the future of telecom headed?

SEAMLESS MOBILITY Is it where the future of telecom headed?
1 Sideseadmed (IRT0040) loeng 4/2010 Avo

1 Sideseadmed (IRT0040) loeng 4/2010 Avo
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
Wireless vs. mobile S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WLAN vs. 2G/3G Performance, roaming, mobility, security...

Wireless vs. mobile S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WLAN vs. 2G/3G Performance, roaming, mobility, security...
Wireless Network Taxonomy Wireless communication includes a wide range of network types and sizes. Government regulations that make specific ranges of.

Wireless Network Taxonomy Wireless communication includes a wide range of network types and sizes. Government regulations that make specific ranges of.
WiMAX Forum Conference, January 2007 Seamless Mobility in WiMAX Nada Golmie and Richard Rouil Advanced Networking Technologies Division National Institute.

WiMAX Forum Conference, January 2007 Seamless Mobility in WiMAX Nada Golmie and Richard Rouil Advanced Networking Technologies Division National Institute.
Rev A8/8/021 ABC Networks

Rev A8/8/021 ABC Networks
Emerging Technologies in Wireless LANs. Replacement for traditional Ethernet LANs Several Municipalities Portland, OR Philadelphia, PA San Francisco,

Emerging Technologies in Wireless LANs. Replacement for traditional Ethernet LANs Several Municipalities Portland, OR Philadelphia, PA San Francisco,
Chapter 6 High-Speed LANs1 Chapter 6 High-Speed LANs.

Chapter 6 High-Speed LANs1 Chapter 6 High-Speed LANs.
Cognitive Radio Networks Breakout GENI Wireless Workshop 28 March 2007.

Cognitive Radio Networks Breakout GENI Wireless Workshop 28 March 2007.
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.

1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.
WiMAX Vs Wi-Fi. 2 WiMAX Worldwide Interoperability for Microwave Access Brand licensed by the WiMax Forum. “a standards-based technology enabling the.

WiMAX Vs Wi-Fi. 2 WiMAX Worldwide Interoperability for Microwave Access Brand licensed by the WiMax Forum. “a standards-based technology enabling the.
Colombo, Sri Lanka, 7-10 April 2009 Multimedia Service Delivery on Next Generation Networks Pradeep De Almeida, Group Chief Technology Officer Dialog Telekom.

Colombo, Sri Lanka, 7-10 April 2009 Multimedia Service Delivery on Next Generation Networks Pradeep De Almeida, Group Chief Technology Officer Dialog Telekom.
CSI5175 Wireless and Mobile Electronic Commerce Networks and their Applications Mao Zhang 2009.03.20 Wireless Hotspots: Current Challenges and Future Directions.

CSI5175 Wireless and Mobile Electronic Commerce Networks and their Applications Mao Zhang Wireless Hotspots: Current Challenges and Future Directions.
“Approaches to Interoperability Standardization” by Timothy Schoechle, PhD CyberLYNX Technology Corporation Boulder, Colorado, USA for National Conference.

“Approaches to Interoperability Standardization” by Timothy Schoechle, PhD CyberLYNX Technology Corporation Boulder, Colorado, USA for National Conference.

Similar presentations

Ads by Google