Presentation is loading. Please wait.

Presentation is loading. Please wait.

PAWS WG IETF-84 Device to Database Protocol for White Space July, 2012 Subir Das, John Malyar, Don Joslyn.

Published byShane Padilla Modified over 9 years ago

Similar presentations

Presentation on theme: "PAWS WG IETF-84 Device to Database Protocol for White Space July, 2012 Subir Das, John Malyar, Don Joslyn."— Presentation transcript:

1 PAWS WG IETF-84 Device to Database Protocol for White Space July, 2012 Subir Das, John Malyar, Don Joslyn

2 Protocol Layer +-+-+-+-+-+-+-+-+-+-+-+-+ | PAWS | +-+-+-+-+-+-+-+-+-+-+-+-+ | HTTPS | +-+-+-+-+-+-+-+-+-+-+-+-+ | TCP/IP | +-+-+-+-+-+-+-+-+-+-+-+-+ | IP | +-+-+-+-+-+-+-+-+-+-+-+-+ 2

3 Protocol Features/Functionalities WSD Initialization WSD Registration Database Query and Response Channel use Notification and Response WSD Validation WSD = White Space Device 3

4 Mailing List Discussion Points and Issues Purpose of WSD Initialization Purpose of WSD Registration Device Authentication Data Model Lat/Long representation Use of separate ‘geolocation’, ‘civiclocation’ elements Use if ‘vCard’ for ‘deviceowner’ data element Use of ‘iCalendar’ for channel availability time 4

5 WSD Initialization Assumption WSD Knows the URI of the DB or the discovery service WSD establishes HTTPS connection with the DB Server certificate is authenticated against a well known certificate authority WSD initialization is performed using INT-REQ and INT- RESP messages. The purpose of this step are two folds: To perform the Client authentication using a shared secret ( by using Digest Authentication) ‘Authinformation’ data element is used for this purpose To exchange several authority/domain specific information which are not possible to obtain during DB discovery, e.g., Device type, Serial number, Regulatory id, frequency when Master WSD should query the database, Result code and so on  ‘Capabilityinfo’ and ‘Protocolinfo’ data elements are used for this purpose 5

6 WSD Registration WSD registration is performed using REG-REQ and REG- RESP messages. The purpose of this step is: Provide the database with operational parameters such as owner and/or operator contact information, location and antenna height parameters and so on ‘Devicelocation’, and ‘Deviceowner’ data elements are used for this purpose This step may be required by some spectrum management authorities Registration can be mandatory upon its initial contact with the database, or when its registered parameters change 6

7 Device Authentication We believe that device authentication should be done by using a shared secret model instead of a client certificate and we provide the following: The use of Digest Authentication is identical to that for HTTP [RFC2617] and in particular SIP [RFC3261] with the following modifications: The URI and method included in the challenge are empty The realm represents one ‘security realm‘ The device’s serial number is currently mapped to ‘username‘ and the device’s shared secret is mapped to ‘password‘ MD5 is replaced by SHA-1 7

8 Data Model: Example Draft currently specifies the simple data elements for device location and device owner (light weight and self contained) 8 Device Location: Latitude ; type=float longitude ; type=float Locuncertainty; type==number Locconfidence; type=number HAGL; type=number HAGLuncertainty; type=float Antennatype; type= int Device Owner: Ownername; type=string Address ; type=string Phonenumber; type=alphanumeric Email; type=alphanumeric Using the structure as specified in RFC 5491 and RFC 5139 may be fine but we have concerns over future compatibility (e.g., recent open geospatial name space change seehttp://www.ogcnetwork.net/node/1829)http://www.ogcnetwork.net/node/1829

9 Use of vCard and ical Our understanding is that PAWS requirements would use less than 20% of the properties defined in vCard and iCal PAWS Requirements related to vCard use are Name; postal address; email address ; and phone number; PAWS Requirements related to ical use are Duration; and Time ; Can we simply use the following from iCalendar (RFC 5545)? DTSTART, DTEND / DURATION 9

10 Message Encoding with JSON: Example AVAIL-CHAN-REQ POST/AVAIL-CHAN-REQ HTTPS/1.1 Host:WSP.example.com:443 Content-Type:application/PAWS+json; charset=utf-8 content length: XX { "Protoversion": "1.0", "messagetype": "AVAIL_CHAN_REQ", "Authority": "US", "Devicetype": "F", "Deviceidentity": "TTT1234", "Deviceserialno": "01AB23CD45EF", "Latttitude": "40.5414", "Longitude": "-74.4750" "Locuncertainty": "2", "LocConfidence": "95", "HAGL: " 25", "HAGLuncertainty": "1", "Antennatype":"MM", "Geolocationcode":"DEFAULT", "Requesttype":"allchannels", "Authscheme": "DIGEST", "Realm":"PAWS-DDI", "Nonce": "7b52009b64fd0a2a49e6d8a939753077792b0554" "Cnonce":"bd307a3ec329e10a2cff8fb87480823da114f8f4", "qop": "auth" "resp": "4dfb972d427b4100c821d53b8bea9b2c33b74a7e", } 10 AVAIL-CHAN-RESP POST/AVAIL-CHAN-RESP HTTPS/1.1 200 OK Server: Example PAWS Date: Fri, 12 June 2012 06:24:27 GMT Expires: Fri, 12 June, June 2012, 20:30:00, GMT Cache-control : private Content-Type:application/PAWS+json; charset=utf-8 content length: YY { "Protoversion": "1.0", "Messagetype": "AVAIL_CHAN_RESP", "Authority": "US", "Resultcode": "success", "Authscheme": "DIGEST", "Realm":"PAWS-DDI "Nonce": "7b52009b64fd0a2a49e6d8a939753077792b0554"} "qop": "auth", "Channellist": [ { "Channelno": 2, "Minfreq": 54, "Maxfreq": 60 "MaxEIRP": 4000, "Datetime": "20120612T235959Z", "Duration": "1440, mins", "Availability": true.. { "Channelno": 51, "Minfreq": 692, "Maxfreq": 698, "MaxEIRP": 4000, "Datetime": "20120612T120000Z", "Duration": "720, mins ", "Availability": true }

11 Next Steps/Considerations We have received comments from several folks (Thanks to the reviewers!) such as, ‘Channel number’ should be optional and frequency should be mandatory Device authentication should be optional Device authentication may be performed by using cert where available Regulator specific attributes should be listed or profiled in the Appendix ‘Device owner/operatorinfo’ may be represented using ‘vcard’ ‘Channel/Frequency’ availability may be represented using ‘ical’ Our goal is to discuss further and address them as appropriate in our next version 11

12 Questions? Feedback? 12

13 Backup Slides 13

14 DB Query Database query and response are performed using AVAIL- CHAN-REQ, and AVAIL-CHAN-RESP messages. The purpose of the step is To query the WS database with the required parameters for obtaining WS channel/frequency information ‘Devicelocation’, and ‘Availablechannellist’, data elements are used for this purpose Used channel/frequency notification and response are performed using USE-CHAN-NOTIFY and USE-CHAN- RESP messages. The purpose of this step is, To notify the used channel/frequency information to the database ‘Devicelocation’, and ‘Usedchannellist’ data elements are used for this purpose 14

15 WSD Validation WSD validation is performed by using DEV-VALID-REQ and DEV-VALID-RESP messages. The purpose of this step is Master WSD verifies the identity of the slave WSDs when required by the spectrum management authority ‘Devicelocation’ and ‘Slavedevicelist’ data elements are used for this purpose 15

16 Data Model Structure 16 Object Element Attribute Initialization Registration DatabaseQuery Devicevalidation Capabilityinfo Protocolinfo Authenticationinfo Deviceowner Availablechannellist Devicelocation Usedchannellist Slavedevicelist Devicetype Deviceidentity Lattitude/Longitude Max/Min Freq HAGL MaxEIRP........

Download ppt "PAWS WG IETF-84 Device to Database Protocol for White Space July, 2012 Subir Das, John Malyar, Don Joslyn."

Similar presentations

1 White Space use cases & requirements Gabor Bajko, Basavaraj Patil, Scott Probasco I-D: draft-probasco-paws-overview-usecases.

1 White Space use cases & requirements Gabor Bajko, Basavaraj Patil, Scott Probasco I-D: draft-probasco-paws-overview-usecases.
PAWS: Use Cases I-D: draft-ietf-paws-problem-stmt-usecases-rqmts Basavaraj Patil, Scott Probasco (Nokia) Juan Carlos Zuniga (Interdigital) IETF 82.

PAWS: Use Cases I-D: draft-ietf-paws-problem-stmt-usecases-rqmts Basavaraj Patil, Scott Probasco (Nokia) Juan Carlos Zuniga (Interdigital) IETF 82.
Www.thales-esecurity.com Common Identifiers Providing Globally Unique Identifiers for UUID and Application IDs of keys and other objects.

Common Identifiers Providing Globally Unique Identifiers for UUID and Application IDs of keys and other objects.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.

A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.

SIP issues with S/MIME and CMS Rohan Mahy SIP, SIPPING co-chair.
Nokia Internal Use Only Outline Status of the PAWS protocol document: -06 Review proposed changes for -07 Open Items – Explicit “off” – Ability to encode.

Nokia Internal Use Only Outline Status of the PAWS protocol document: -06 Review proposed changes for -07 Open Items – Explicit “off” – Ability to encode.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
The Elbert HTTP Server HTTP Authentication, providing security in tough times By: Shawn M. Jones.

The Elbert HTTP Server HTTP Authentication, providing security in tough times By: Shawn M. Jones.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Nokia Internal Use Only PAWS Database Discovery Some considerations since the last Berlin meeting IETF 88, Vancouver, Canada.

Nokia Internal Use Only PAWS Database Discovery Some considerations since the last Berlin meeting IETF 88, Vancouver, Canada.
SIP Security Matt Hsu.

SIP Security Matt Hsu.
Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:

Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:
POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP e-mail access and retrieval protocol. It implements.

POP3 Post Office Protocol v.3. Intro The Post Office Protocol (POP) is currently the most popular TCP/IP access and retrieval protocol. It implements.
1 White Space requirements Gabor Bajko IETF 82 Taipei I-D: draft-ietf-paws-problem-stmt-usecases-rqmts-01.

1 White Space requirements Gabor Bajko IETF 82 Taipei I-D: draft-ietf-paws-problem-stmt-usecases-rqmts-01.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP does not maintain state. State Information can be passed using: HTTP Headers.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21, 2014 1.

SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,

Similar presentations

Ads by Google