1. 1 IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: DCN:21-07-xxx-00-0000 Title: Security Optimization During Handovers: 802.21 SG Proposal Date Submitted: xx, 2007 Authors or Source(s): Yoshihiro Ohba (Toshiba), Subir Das (Telcordia), Marc.Meylemans (Intel), Suman Sharma (Intel), Madjid Nakhjiri (Huawei), Qiaobing Xie (Motorola), Junghoon Jee (ETRI), Soohong Daniel Park (Samsung), Robert Hsieh (Deutsche Telekom) Abstract: This document proposes IEEE 802.21 Study Group on Security Optimization During Handovers

2. 2 IEEE 802.21 presentation release statements This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein. The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21. The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual and in Understanding Patent Issues During IEEE Standards Development http://standards.ieee.org/board/pat/guide.html> Section 6.3 of the IEEE-SA Standards Board Operations Manualhttp://standards.ieee.org/guides/opman/sect6.html#6.3 http://standards.ieee.org/board/pat/guide.html

3. 3 Current 802.21 WG PAR PAR says: “The purpose is to improve the user experience of mobile devices by facilitating handover between 802 networks whether or not they are of different media types, including both wired and wireless, where handover is not otherwise defined and to make it possible for mobile devices to perform seamless handover where the network environment supports it. These mechanisms may also be useable for handovers between 802 networks and non 802 networks.” IEEE 802.21 WG decided not to address the security aspect of handovers as part of the current project (see 5 Criteria document) –Due to lack of well defined problem space for security

4. 4 Seamless Handover Aspects Link Selection & Connection Establishment Security* Service Continuity (QoS) Handover * Security is the topic of our discussion today Proper Link Selection and Connection Establishment Service Continuity (e.g. minimize packet loss, maintaining QoS) Maintaining same level of Security (at least) Without proper mechanism in place, this can add significant delay

5. 5 Usage scenario 1 Example: A mobile device can make a transition between two different LANs within the same administrative domain –Transition between two different subnets based on the same media, e.g. 802.11 –Transition between two different subnets based on different media, e.g. 802.11 and 802.16 Authenticator1 Authenticator2 WiFi, WiMAX and/or Cellular AAA/EAP server MN WiFi, WiMAX and/or Cellular Subnet 1 Subnet 2 Single Administrative Domain* * An administrative domain is a logical network that is administered by a single authority using its own authentication and authorization mechanisms

6. 6 Potential Solution Approach Key Hierarchy-based Transition –Since in the same administrative domain, no intrinsic reason to authenticate on transition An already established key hierarchy is all that is needed to support transition Re-key is still needed between mobile device and the new point of attachment –New context must be bound to the new key

7. 7 Usage scenario 2 Example: A mobile device can make a transition between two LANs deployed by different administrative domains –Transition between two administrative domains based on the same media, e.g. 802.11 –Transition between two administrative domains based on different media, e.g. 802.11 and 802.16 Authenticator1 Authenticator2 AAA/EAP server WiFi, WiMAX and/or Cellular MN AAA/EAP server Domain1 Domain2 Multiple Administrative Domains

8. 8 Potential Solution Approach Authentication-based Transition –Since different administrative domains, in general authentication can not be avoided There is no reason for the new domain to “trust” keys from the old domain, and no reason for mobile device to “trust” the new domain with keys it used with its old domain Some administrative domains may have “roaming agreements,” but this is not the general (or even normal) case –From a security perspective, “roaming agreements” are a special case of key hierarchy based transition, since key hierarchy rooted in the mobile device’s “home” domain is used

9. 9 What is the Problem? Security-related signaling can add significant delays to seamless handover efforts and in many cases service continuity can not be met, in particular, for real-time applications This becomes even more problematic when handovers occur between heterogeneous networks (e.g. inter-technology, inter- administrative domains scenarios)

10. 10 What’s Available Today? In principle, the Key Hierarchy-based transition problem is being addressed by IETF HOKEY WG –HOKEY is defining a key hierarchy meant to support transitions across subnet boundaries; focus is on transitions within the same administrative domain –HOKEY will not define any protocol or mechanism, if required, between Point of Attachments and mobile devices to effect this No standards group seems chartered to work on the Authentication-based transition problem –Some variant pre-authentication scheme (e.g., doc 21-06-0727- 01) seems like one plausible approach to this problem

11. 11 Proposed Direction Different 802 (e.g. 11r) and 3G (e.g. UMTS AKA) technologies have addressed (or are addressing) latency caused by L2 security signaling in handovers (fast roaming, pre-auth etc.) but these are limited to intra-technology handover scenarios Needs to be looked at from a wider perspective given that –Seamless heterogeneous handovers are becoming a reality (inter- technology and inter-administrative domains) E.g., Wi-Fi - 3G, Wi-Fi – WiMAX –Each access technology has its own way of managing the security aspect  A media independent way to reduce the security latency during handovers seems to be more appropriate

12. 12 Study Group Objectives Identify use cases for pro-active and re-active security latency optimization during handovers that can potentially improve the user experience –SG will get feedback from IEEE 802.11, 802.16, 3GPP on use cases to improve handover performance Investigate Key Hierarchy-based transition issues: –Investigate if HOKEY covers all the transition scenarios –Identify Mobile Node to Point of Attachment issues –Identify LAN-specific sub-problems Investigate Authentication-based transition issues: –No Standards Organization seems to be working on this problem –Identify Pre-Authentication scheme –Identify LAN-specific sub-problems The SG will work on a preliminary Security Architecture that covers the different use cases and can be used as a foundation for security signaling optimization  Make sure that all work identified is within scope of 802.21 and does not solve a problem that is being worked in an other standard

13. 13 Q & A?

14. 14 Handover Security SG Motion Motion to get 802.21 WG approval to form a 802.21 Study Group which will identify a security framework that helps optimizing the security signaling during handovers –Moved by: –Seconded by: –Yes: –No: –Abstain: –Result: