Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility.

Published byMatthew Brooks Modified over 9 years ago

Similar presentations

Presentation on theme: "Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility."— Presentation transcript:

1 Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility

2 Intro to Mobi-D 2 Mobi-D: Executive Summary What: draft-barrett-mobile-dtls-00.txt Host based mobility (HBM) using secure identities to provide end to end mobility A small extension to DTLS DTLS (Datagram TLS) is IETF standard protocol (RFC 4347) Extension provides mobility for single or multi access devices Mobi-D IP Browser 3GPP Internet Mobi-D client UDP apps WLAN Mobi-D server

3 Intro to Mobi-D 3 Mobi-D: Executive Summary Why: host based mobility (HBM) Avoids the considerable delay in doing a connection handshake when a mobility event occurs Avoids additional handshake overhead of application reconnecting after mobility Can add mobility to DTLS VPN Can be used where there is no support for PMIP or client MIP Can be used in client-server or mobile-to-mobile connectivity Can be implemented in application, middleware or in kernel Can be distributed to most existing clients as library or software upgrade Requires no proxy, agents, signaling or triangular routing needed Traverses NATs No privacy issues due to middle boxes or bindings between L2 or L3 addresses and higher layers

4 Intro to Mobi-D 4 Host Based Mobility based on Secure Identities Mobi-D extends DTLS in four ways: 1.A new DTLS Hello extension (Mobility) 2.A new TLS Hello extension (OP) 3.An additional field in the Record Layer (connection_id) 4.A new type of message (OP) Flow instantiation follows TLS oriented client host and server model Host and server discover Mobility extension and OP extension Mutually authenticate each other, exchange keys Host and server each allocate a mobility connection (MoCo) identifier Host and server exchange packets using the MoCo and keys When host moves and gets new IP address (or uses another interface with a different IP address), host sends next packet from new IP address as usual Server accepts packet because it has the MoCo and valid key Server updates return IP address Host can send new TLS OP proactively to update IP address if there are no other packets to send

5 Intro to Mobi-D 5 Current Status DTLS Stable spec since 2006 Open SSL based implementations available IETF I-D draft-barrett-mobile-dtls-00.txt in first draft draft-barrett-mobile-dtls-00.txt Review from some in TLS community expressed interest, positive feedback Implementation Nokia working on implementation, looking for other partners Is there working group interest?

6 Michael G. Williams, Jeremey Barrett 6 Backup slides Host based mobility

7 Intro to Mobi-D 7 Short Background of DTLS TLS Extremely widely deployed TLS layers between transport and application to provide security TLS requires reliable transport DTLS RFC 4347 (2006) Datagram TLS provides UDP based transport while using TLS security As with UDP, doesn’t re-order or re-transmit packets DTLS developed to provide same ease of use and implementation as TLS but with UDP transport Designed not to require kernel modifications to implement Use in industry Work near completion to provide keying support for SIP / VoIP Used as a transport for IETF’s CAPWAP protocol, connects APs and ACs

8 Intro to Mobi-D 8 Short Description of Mobi-D Differences from DTLS Adds mobile connection identifier (MoCo) to the DTLS record layer Automatically updates IP address of mobile host with or without signalling Adds TLS OP for optimized notifying TLS client or server of IP address change, and other uses Enables multiplexing and mobility using the existing TLS Security Parameters Host Based Mobility (HBM) Complements PMIP: PMIP supplies mobility in the network side without client support Also compliments client MIP: Mobi-D supplies host based mobility, without network support Can be used when neither PMIP nor MIP are available in the network Individual flows can be switched between interfaces Application doesn’t need to participate or be aware above middleware Stack-Internal signalling available from Mobi-D implementation can notify app to handle mobility changes if desired

9 Intro to Mobi-D 9 Use Cases for Mobi-D For Wide Area only device Handover of UDP based applications between operators without operator support Can work with any packet based wide area access including existing For multi-access Local and Wide Area interface device Handover of UDP based applications between local and wide area Can work with existing local area networks today Applications Media players on Linux and Symbian DTLS VPNs Managed IP TV Like Adobe and Flash RTMFP (Real time media flow protocol over UDP) Legitimizing P2P, Air, Stratus rendezvous server Server or serverless voice, Messaging File transfer Maps Games P2P mobile

10 Intro to Mobi-D 10 Scenarios for Mobi-D (1 of 3) Single Interface device Device and server perform TLS handshake and MoCo allocation for each flow that needs multiplexing or mobility Device moves to new network and changes IP address, with continuous connection Other end continues connection that is using the MoCo and TLS Security Parameters Automatically updates IP address of mobile host without signalling MoCo per flow enables the device to have multiple flows on an interface Portals with UDP services Mobi-D client (Mobi-D server) ANDSF server? Mobi-D IP WLAN Different Local Area (LA) subnets Different Wide Areas (WA) Mobi-D IP 3GPP data Mobility with address change UDP apps Browser UDP apps Browser Mobility with address change

11 Intro to Mobi-D 11 (Mobi-D server) ANDSF server? Mobi-D client (in TLS server role) IP WLAN Scenarios for Mobi-D (2 of 3) Multi Interface device A variety of possibilities with multiple interfaces Subnet change in local area (LA) only Mobi-D IP WLAN Loss of LA coverage Mobi-D UDP apps Mobility with address change Mobility with loss of coverage Browser UDP apps Browser 192.168.0… 192.168.2… 10.46.20… 192.168.0… Mobi-D client (in TLS server role) Mobi-D client Portals with UDP services (Mobi-D server) ANDSF server? Portals with UDP services

12 Intro to Mobi-D 12 Mobi-D IP Mobility with loss of coverage Change interface LA to WA or WA to LA 3G / LTE Operator LA RAT WA RAT NAT FW/WLAN Router Mobi-D IP Mobility with loss of coverage Change interface LA to WA or WA to LA Server based app Mobi-D client Scenarios for Mobi-D (3 of 3) NAT Server based application or mobile to mobile scenario with NAT(s) 3G / LTE Operator LA RAT WA RAT NAT FW/WLAN Router ISP Mobile to mobile UDP apps Browser UDP apps Browser (Mobi-D server) ANDSF server? Portals with UDP services

Download ppt "Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility."

Similar presentations

SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Using HIP to solve MULTI-HOMING IN IPv6 networks YUAN Zhangyi Beijing University of Posts and Telecommunications.

Using HIP to solve MULTI-HOMING IN IPv6 networks YUAN Zhangyi Beijing University of Posts and Telecommunications.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
Voice over IP Fundamentals

Voice over IP Fundamentals
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Chapter 7: Transport Layer

Chapter 7: Transport Layer
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Transport Layer.

William Stallings Data and Computer Communications 7 th Edition (Selected slides used for lectures at Bina Nusantara University) Transport Layer.
Host Identity Protocol

Host Identity Protocol
Process-to-Process Delivery:

Process-to-Process Delivery:
Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.
1 Transport Layer Computer Networks. 2 Where are we?

1 Transport Layer Computer Networks. 2 Where are we?
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Chapter 17 Networking Dave Bremer Otago Polytechnic, N.Z. ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings.

Chapter 17 Networking Dave Bremer Otago Polytechnic, N.Z. ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William Stallings.

Similar presentations

Ads by Google