Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le.

Published byNoah Gilbert Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le."— Presentation transcript:

1 1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le

2 2 What? A secure mechanism to setup a Local Security Association between the user and the visited domain An LSA can be utilized for various purposes, including: securing message exchanges between user and the visited domain deriving secondary LSAs between user and visited domain without involving home domain The mechanism proposed in the draft defines a Temporary Shared Key to setup the LSA Mechanisms to setup LSAs can be of benefit to URP as an edge protocol (LSA between user and the Registration Agent or Access Router)

3 3 The Framework Home Domain Visited Domain AAAh AAAl AAAc RA NAS LT-SA Assumptions: a long term SA is shared between the user and its home domain long term SA used for: user/network authentication for generation of LSAs URP LT-SA FA Scope of LT-SA Scope of LSA

4 4 TSK Features The Temporary Shared Key is securely established between the user and the visited domain TSK allows subsequent: user authentication without involvement of the home domain network authentication without involvement of the home domain establishment of secondary LSAs (e.g. MN-AR, MN-FA)

5 5 TSK Applicability applicable to any application, e.g. Mobile IPv4: – Authentication – Key distribution Examples of key distribution scenarios key distribution to FA (MIPv4) key distribution to HA in Foreign Domain (MIPv4) keys for User-AR: data protection over the access link

6 6 TSK Benefits Use of TSK reduces the signaling between the home and visited domains enables frequent user authentications Enables frequent refreshing of secondary LSAs Use of TSK reduces the time delay of procedures (user authentication and key distribution)

7 7 draft-le-aaa-lsa-tsk-00.txt The TSK draft describes the procedures for: TSK Establishment TSK Distribution TSK Update TSK Revocation

8 8 TSK and URP Draft-le-aaa-lsa-tsk-00.txt describes the exchange of information between the user and the visited and home domains No protocol is specified to carry such information URP is a good candidate Usage of LSA empowers URP as edge protocol Relation between URP and AAA from the point of view of LSA Registration Agent is AAAc

9 9 Conclusion A potential mechanism for URP to setup a Local Security Association between the user and the visited/access network: the TSK TSK as the mechanism used together with URP to setup LSA

Download ppt "1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le."

Similar presentations

Security Issues In Mobile IP

Security Issues In Mobile IP
Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.

Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.

INTRODUCTION WIRELESS TECHNOLOGY BECOMING HOTTER WIRELESS TECHNOLOGY BECOMING HOTTER TRANSITION TOWARDS MOBILITY OVER PAST 20 YEARS TRANSITION TOWARDS.
Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
1 Introduction to Mobile IPv6 IIS5711: Mobile Computing Mobile Computing and Broadband Networking Laboratory CIS, NCTU.

1 Introduction to Mobile IPv6 IIS5711: Mobile Computing Mobile Computing and Broadband Networking Laboratory CIS, NCTU.
Network Research Lab. Sejong University, Korea Jae-Kwon Seo, Kyung-Geun Lee Sejong University, Korea.

Network Research Lab. Sejong University, Korea Jae-Kwon Seo, Kyung-Geun Lee Sejong University, Korea.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Mobile IPv6 趨勢介紹 1. Mobile IP and its Variants Mobile IPv4 (MIPv4) – MIPv4 – Low-Latency Handover for MIPv4 (FMIPv4) – Regional Registration for MIPv4.

Mobile IPv6 趨勢介紹 1. Mobile IP and its Variants Mobile IPv4 (MIPv4) – MIPv4 – Low-Latency Handover for MIPv4 (FMIPv4) – Regional Registration for MIPv4.
H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
Omniran-13-0040-00-0000 1 3GPP Trusted WLAN Access to EPC Use Case Analysis Date: 2013-05-15 Authors: NameAffiliationPhoneEmail Max RiegelNSN+49 173 293.

Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT 1 1 1 0 11 0.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.

Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.

Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.

1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003

A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003

Similar presentations

Ads by Google