Presentation is loading. Please wait.

Presentation is loading. Please wait.

Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.

Published byCameron Chapman Modified over 8 years ago

Similar presentations

Presentation on theme: "Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria."— Presentation transcript:

1 Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria Telecom Italia Lab (TILab) Julien Bournelle GET/INT Rafa Marin Lopez University of Murcia

2 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 2 Current Scope of the I-D Draft about the design goals/requirements of the AAA-HA interface –interface between the AAA infrastructure of MSP/MSA and HA Description of 4 scenarios/frameworks –2 related to dynamic bootstrapping –2 related to static bootstrapping List of goals/requirements for the design of such an interface –some related to bootstrapping solutions and others more general (e.g. accounting) –matching between goals and frameworks

3 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 3 Current Scope of the I-D (cont.) Home Agent AAA-MSP Server AAA-MSA Server Mobility Service Authorizer Mobility Service Provider Home Agent AAA-MSP Server Mobility Service Provider and Authorizer Covered by this I-D Should be covered by this I-D X Notrealistic

4 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 4 AAA-HA interface capabilities Core capabilities –Mobile IPv6 service authorization and maintenance (e.g. asynchronous service termination in case of credit exhaustion) –exchange of accounting data (e.g. time of creation and removal of binding cache entries) Dynamic bootstrapping capabilities –mobile node authentication (e.g. EAP-based) –delivery of configuration parameters to the HA (e.g. PSK for peer authentication in IKE phase 1)

5 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 5 Usage scenario n.1 Bootstrapping directly with the HA –using IKEv2 (draft-ietf-mip6-ikev2-01, draft-chakrabarti-mip6-bmip-01) –or using PANA multi-hop (draft-tschofenig-mip6-bootstrapping-pana- 00) AAA-MSA Server Home Agent NAS EAP (IKEv2, PANA multi-hop) AAA-HA protocol User authentication and authorization (EAP transport) AAA-MSP Server

6 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 6 Usage scenario n.2 Bootstrapping during network access –using EAP (draft-giaretta-mip6-authorization-eap-02) –using RADIUS or Diameter AVPs (draft-ohba-mip6-boot-arch-dhcp- 00, draft-jee-mip6-bootstrap-pana-00, etc.) AAA-MSP Server Home Agent NAS AAA-HA protocol Piggybacking of MIPv6 data within EAP AAA-HA protocol MIPv6 RADIUS or Diameter AVPs PANA, L2 or DHCP specific extensions A) B) MIPv6 state set-up

7 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 7 Usage scenarios n.3 and n.4 AAA-MSP Server Home Agent NAS IKEv1/IKEv2 AAA-HA protocol MN is statically provisioned with bootstrapping data (HoA, HA address, etc.) –also the IPsec SA can be statically configured Explicit authorization of MIPv6 –service may not be authorized if MN's credit is going to exhaust BU AAA-HA protocol BA Binding Authorization MIPv6 Authorization n.3 n.4

8 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 8 Goals Security Service Authorization Accounting Mobile node authentication  Mutual authentication  Integrity protection  Replay protection  Confidentiality  Inactive peer detection  NAI to identify the MN  HA must be able to query AAA- MSP to verify MN authorization  AAA-MSP should be able to enforce auth. restrictions of HA .......  Transfer of accounting records (e.g. bytes transferred in bi- directional tunneling) Delivery of config. data  MN authentication with HA as NAS and AAA-MSP as backend authentication server (e.g. EAP) .......  AAA-MSP should be able to poll HA for the allocation of a HoA  AAA-MSP should be able to send security data to HA (e.g. PSK) ........ Common goals Scenario n.1 Scenario n.2

9 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 9 Suggested changes from mip6 ML More text about scenarios/frameworks –some text from Alper's draft Split usage scenarios 2 in two A.using network access AAA to deliver MIPv6 configuration parameters from the AAA server to the MN B.using network access AAA to deliver MIPv6 configuration parameters from the AAA server to the NAS note that the goals for the AAA-HA interface are the same for these two scenarios

10 March, 2005 IETF 62 nd – mip6 WG draft-giaretta-mip6-aaa-ha-goals-00 10 Discussion on how to proceed Scope of the I-D? –keep focused to AAA-HA interface and cover other interfaces in separate I-Ds –extend the draft to encompass all AAA requirements for MIPv6 and consider other networks elements (e.g. NAS) Scenarios/Frameworks description –current purpose is to highlight that different frameworks have some common goals (and some different ones) and match goals with frameworks –should we instead select a framework and then list goals for it? –coordination with MIPv6 bootstrapping solution DT needed WG item?

Download ppt "Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria."

Similar presentations

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.

EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
1 DSMIP6 Support QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota Notice.

1 DSMIP6 Support QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota Notice.
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.

Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.

Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
Bootstrapping MIP6 Using DNS and IKEv2 (BMIP) James Kempf Samita Chakrarabarti Erik Nordmark draft-chakrabarti-mip6-bmip-01.txt Monday March 7, 2005.

Bootstrapping MIP6 Using DNS and IKEv2 (BMIP) James Kempf Samita Chakrarabarti Erik Nordmark draft-chakrabarti-mip6-bmip-01.txt Monday March 7, 2005.
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
AAA-Mobile IPv6 Frameworks Alper Yegin IETF 62. 2 Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
Internet Goes Mobile Alper Yegin KIOW 2003 at APNIC 16 August 19th, 2003. Seoul, Korea.

Internet Goes Mobile Alper Yegin KIOW 2003 at APNIC 16 August 19th, Seoul, Korea.
November 200461st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,

November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,
7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.

7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.
1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and 802.11i IKEv2 EAP authentication.

1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and i IKEv2 EAP authentication.
KAIS T Security architecture in a multi-hop mesh network Conference in France, 2006 2006. 9. 26. Presented by JooBeom Yun.

KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.
Subject: Scenarios Designed for the Verification of Mobile IPv6 Enabling Technologies

Subject: Scenarios Designed for the Verification of Mobile IPv6 Enabling Technologies
3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.
DHCP - Prefix Delegation for NEMO Ralph Droms (Cisco) Pascal Thubert (Cisco) 59th IETF, NEMO WG.

DHCP - Prefix Delegation for NEMO Ralph Droms (Cisco) Pascal Thubert (Cisco) 59th IETF, NEMO WG.

Similar presentations

Ads by Google