Presentation is loading. Please wait.

Presentation is loading. Please wait.

Carrying Location Objects in RADIUS Presentation written by: Hannes Tschofenig, Allison Mankin Draft Authors: Hannes Tschofenig, F. Adrangi, A. Lior, M.

Published byJoleen Daniel Modified over 8 years ago

Similar presentations

Presentation on theme: "Carrying Location Objects in RADIUS Presentation written by: Hannes Tschofenig, Allison Mankin Draft Authors: Hannes Tschofenig, F. Adrangi, A. Lior, M."— Presentation transcript:

1 Carrying Location Objects in RADIUS Presentation written by: Hannes Tschofenig, Allison Mankin Draft Authors: Hannes Tschofenig, F. Adrangi, A. Lior, M. Jones

2 Current Status The recent draft update raised some discussions on the RADEXT mailing list because of the generic capability functionality. Ideally, the GEOPRIV scenarios should not depend on capability work in the RADEXT working group. Suggested approach for dealing with the problem is outlined in the subsequent slides. NAS AAA Server Access-Request + Capability Access-Challenge +Capability Access-Request + Location-Information

3 Static Scenario NAS AAA Server Start Auth. Phase RADIUS Access-Request + Location-Information MN NAS and AAA have a prior agreement on the transmission of location information

4 Dynamic Scenario for location-based authorization Case A: NAS is Geopriv Capable NAS Start Auth. Phase RADIUS Access-Request +Supported-Loc Access-Challenge +Required-Info MN Access-Request +Location-Information NAS understands Geopriv and can provide the requested information Access-Accept AAA Server

5 Dynamic Scenario for location-based authorization Case B: NAS cannot deliver requested info NAS Start Auth. Phase RADIUS Access-Request +Supported-Loc Access-Reject + Error-Cause (Location-Info-Required) MN NAS understands Geopriv but does not provide what AAA server wants AAA Server

6 Dynamic Scenario for location-based authorization Case C: NAS does not support Challenge NAS Start Auth. Phase RADIUS Access-Request +Supported-Loc Access-Challenge +Required-Info MN Access-Request +Location-Information NAS does not understand Challenge  Resend Access-Request without asking the user for the password again Access-Reject AAA Server

7 Dynamic Scenario Location for Billing, Taxation and Accounting NAS Start Auth. Phase Access-Request +Supported-Loc Access-Challenge MN Access-Request NAS might provide location information Access-Accept +Required-Info AAA Server Accounting-Request Location-Information Accounting-Response

8 Impact for Scenarios The 3GPP Rel-6 I-WLAN deployment scenario requires Challenge to be supported by the NAS since EAP is used. GSMA IR.61 WLAN roaming scenario does not mandate the support for a Challenge but mandates the transport of certain location attributes.

9 Questions?

Download ppt "Carrying Location Objects in RADIUS Presentation written by: Hannes Tschofenig, Allison Mankin Draft Authors: Hannes Tschofenig, F. Adrangi, A. Lior, M."

Similar presentations

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.

EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.

SCENARIO Suppose the presenter wants the students to access a file Supply Credenti -als Grant Access Is it efficient? How can we make this negotiation.
T Computer Networks II AAA

T Computer Networks II AAA
T-110.5110 Computer Networks II AAA 3.11.2008 Prof. Sasu Tarkoma.

T Computer Networks II AAA Prof. Sasu Tarkoma.
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller
Radius Dave Grizzanti Steve Curti. What is RADIUS? Remote Authentication Dial-In User Service (RADIUS) is a protocol for remote user authentication and.

Radius Dave Grizzanti Steve Curti. What is RADIUS? Remote Authentication Dial-In User Service (RADIUS) is a protocol for remote user authentication and.
Radius Security Extensions using Kerberos V5 draft-kaushik-radius-sec-ext.

Radius Security Extensions using Kerberos V5 draft-kaushik-radius-sec-ext.
RADIUS Prepaid Extension draft-lior-radius-prepaid-extensions-05.txt Avi Lior, Yong Li, Bridgewater Systems Parviz Yegani, Cisco Systems Kuntal Chowdhury.

RADIUS Prepaid Extension draft-lior-radius-prepaid-extensions-05.txt Avi Lior, Yong Li, Bridgewater Systems Parviz Yegani, Cisco Systems Kuntal Chowdhury.
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,

Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.

ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.

Implementing RADIUS AAA Phil & Rick. Content Terms and Concepts Access Control What is AAA? Benefits of AAA What is RADIUS? Microsoft IAS Overview Installation.
Doc.: IEEE 802.11-01/TBD Submission November 2001 Warren Barkley, Tim Moore, Bernard Aboba/Microsoft IEEE 802.1X and RADIUS Security Bernard Aboba Ashwin.

Doc.: IEEE /TBD Submission November 2001 Warren Barkley, Tim Moore, Bernard Aboba/Microsoft IEEE 802.1X and RADIUS Security Bernard Aboba Ashwin.
Report about the Design Team on Diameter Routing (Tina Tsou)

Report about the Design Team on "Diameter Routing" (Tina Tsou)
Doc: 11-03-0763-00-0000 Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.

Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
Credit Control and Prepaid Applications Avi LiorBridgewater Systems Parviz YeganiCisco

Credit Control and Prepaid Applications Avi LiorBridgewater Systems Parviz YeganiCisco
Doc.: IEEE 802.11-08/0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE 802.11-IETF Liaison Report Date: 2008-03-19 Authors:

Doc.: IEEE /0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:

Similar presentations

Ads by Google