Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of."— Presentation transcript:

1 1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of the Ambient Networks project. The Ambient Networks project is part of the European Community's Sixth Framework Program for research and is as such funded by the European Commission. All information in this document is provided “as is” and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. For the avoidance of all doubts, the European Commission has no liability in respect of this document, which is merely representing the authors‘ view.

2 2 Background Main focus areas of wireless network security: Authentication & key exchange Per-packet encryption & integrity protection Assumptions Authorization “happens” at some point Policy lookup based on authenticated identity Not entirely accurate picture… This is work in progress Issues that should be taken into account in the future, not finished solutions

3 3 Business aspects Enforcing policies about money is somewhat different from policies about authenticated identities “Anyone who pays is allowed” “A, B, and C are allowed” In traditional “subscription” model with off-line accounting these are quite close But not in, e.g., credit card payment Or pre-paid with on-line “reservations” Much more than “authentication problem” New meanings for messages RADIUS Access-Accept = “Yes, give access” (intra-operator) “I agree to pay the costs for this user’s session” (inter-operator) Authentication After authentication, AP does not necessarily know any long-term identifier for the user

4 4 Multiple players Not just “the network” Multiple entities/players involved in authorization WLAN access point Access network/WISP AAA + maybe other entities Roaming broker/mediating network AAA Home network/ISP AAA + maybe other entities Enterprise buying the service for its employees

5 5 Protocol boundaries Multi-party system specified as several two-party protocols Often developed separately Difficult to get the boundaries right And difficult to change them when requirements change Current list 802.11 802.11i 802.1X-REV EAP framework EAP methods RADIUS base (RFC2865) RADIUS EAP support (RFC3579) RADIUS EAP key transport (RFC2548) E.g., authentication of access point (or access network) identifier to client in the system including the protocols listed above We don’t even have a good name for this system…!

6 6 Lots of protocols, but… System with N participants has potentially possible interactions Do we have communication channels for all those? Client – AP: 802.11, 11i, 1X Client – Home AAA: EAP framework + methods AP – AAA proxies – Home AAA: RADIUS ( ) N2N2

7 7 Missing protocol! Missing: communication channel between client and AAA infrastructure (other than home AAA)! Current experience suggests this is needed for information about the access network (not just single AP) Roaming relationships Services provided Handoff Current approaches Modify non-integrity-protected fields in EAP messages Proprietary EAP method run between client/access network before the “real” authentication “Browser hijack”

8 8 Problems with current approaches Not secure Who is the “authority” for the information? Usually not the access point… Very limited amount of information can be transferred “Browser hijack” breaks other network uses than browsing EAP-based methods work only in the beginning Proprietary solutions not widely adopted Performance (potentially)

9 9 Authorization aspects in handoffs Scope Is the new AP covered by the home network’s “promise to pay”? Does the new AP accept this promise? Currently scope not communicated explicitly But including the policy in Access-Accept means only some policies can be expressed What kind of policies are really needed? Are APs the right place to evaluate this policy anyway? Does the AP have the information needed to evaluate it?

10 10 Authorization and handoffs Context transfer between old and new AP is not enough Session termination initiated by the network Upstream AAA proxy needs to be notified “Chasing the fly around the room”  use handoffs to escape disconnect messages draft-liu-aaa-diameter-session-mobility-00 (expired) Can e.g. price be different in new AP?

11 11 What can be learned? This is not (just) a “key management problem” And handoffs are not (just) a “context transfer problem” Design is often incremental Dial-up PPP with PAP/CHAP RADIUS between NAS and AAA server Inter-domain RADIUS Per-packet encryption/integrity protection EAP for user authentication WLAN as “wired Ethernet replacement” Mutual authentication in EAP Public WLAN networks Network discovery/selection Three-party authentication in EAP? “WLAN as 4G”??

12 12 What can be learned? Business aspects Avoid hardcoding business models and policies into protocols Cannot be avoided totally, though Network-initiated messages in current AAA Difficult to route Problems with handoffs Credit card payment and 802.11i Reuse of existing user databases and credentials One thing EAP got right? Rise of the “mediating network”

13 13 What can be learned? Protocols Reusing existing components is sound engineering practice But so is throwing away components that don’t fit Be explicit about what is meant and expected of others E.g., NAS/AP does not tell what attributes it wants from the AAA server Get modular boundaries right Separating “security protocol” and protocol for “doing the real work” not always a good idea Create a protocol for doing the work securely instead Cf. 802.11 “network attachment” and 11i/1X “secure network attachment” … Not always clear what the “real work” is? IKEv1 was designed for “key management” “Real work” turned out to be VPN access

14 14 Multi-party systems New uses may require new parties in the system Do not design individual components in a vacuum Acknowledge that system has multiple parties, not just 2 Make them “first class citizens”: explicitly identify them Provide proper communication channels E.g., “go to this URL to do something about your authorization” instead of “browser hijack” Prior, during, and after network attachment Network discovery/selection information Notifications during network access Prepare for extensibility But in a way that fits to the overall architecture

15 15 Conclusions We don’t know how to do multi-party systems well And no silver bullets in this presentation either Challenges Incremental change Re-use of existing components vs. designing new ones Unexpected uses Component vs. system focus “Business security” vs. “information security” focus?

Download ppt "1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of."

Similar presentations

Inter WISP WLAN roaming

Inter WISP WLAN roaming
Authentication.

Authentication.
www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.

The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.
Omniran-13-0040-00-0000 1 3GPP Trusted WLAN Access to EPC Use Case Analysis Date: 2013-05-15 Authors: NameAffiliationPhoneEmail Max RiegelNSN+49 173 293.

Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN
Network Access and 802.1X Klaas Wierenga SURFnet

Network Access and 802.1X Klaas Wierenga SURFnet
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
1 Dagstuhl DTN Workshop 2005 Delay Tolerant Networks - Some Thoughts about Security Hannes Tschofenig This presentation has been produced in the context.

1 Dagstuhl DTN Workshop 2005 Delay Tolerant Networks - Some Thoughts about Security Hannes Tschofenig This presentation has been produced in the context.
1 Arkko et al, DIMACS Workshop Nov ‘04 Secure and Efficient Network Access DIMACS Workshop, November 3 rd, 2004, Piscataway, NJ, USA Jari Arkko Ericsson.

1 Arkko et al, DIMACS Workshop Nov ‘04 Secure and Efficient Network Access DIMACS Workshop, November 3 rd, 2004, Piscataway, NJ, USA Jari Arkko Ericsson.
An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.

An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.
Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
D1 - 29/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

D1 - 29/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
1 CHEETAH software OCS/AAA module Routing decision module Signaling module VLSR module Include TL1 proxy for Cisco 15454 MSPP Router disconnect module.

1 CHEETAH software OCS/AAA module Routing decision module Signaling module VLSR module Include TL1 proxy for Cisco MSPP Router disconnect module.
RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.

RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.
Omniran-13-0032-04-0000 1 IEEE 802 Scope of OmniRAN Date: 2013-05-16 Authors: NameAffiliationPhone Max RiegelNSN+49 173 293

Omniran IEEE 802 Scope of OmniRAN Date: Authors: NameAffiliationPhone Max RiegelNSN
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

Similar presentations

Ads by Google