Presentation is loading. Please wait.

Presentation is loading. Please wait.

Doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 1 A vendor specific plan for centralized security Date: 2009-01-19 Authors:

Published byJack Keating Modified over 10 years ago

Similar presentations

Presentation on theme: "Doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 1 A vendor specific plan for centralized security Date: 2009-01-19 Authors:"— Presentation transcript:

1 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 1 A vendor specific plan for centralized security Date: 2009-01-19 Authors:

2 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 2 Abstract The complexity of the centralized security architecture defined in 802.11s is considered in the context of the pace of the task group. A proposal is introduced that could greatly simplify the 802.11s draft, permitting rapid progress toward sponsor ballot and task group completion. The proposal provides a framework for vendor-specific centralized security architectures in place of a standards-specified architecture (MSA).

3 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 3 Security and the Pace of TGs Progress The lack of progress in TGs is drawing attention The most contentious element within 802.11s today is centralized security Attempts to manage complexity in the security architecture have not achieved technical consensus. TotalOpenClosedPercent Closed General 6196255789.98% MAC 5279343482.35% Security 42511930672.00% RFI 3933036392.37%

4 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 4 Security Complexity Centralized security adds complexity regardless of the architecture chosen –MSA introduces new components to 802.11, namely a mesh key distributor (MKD) that creates keys for nodes in the mesh. –Mesh STAs must maintain a path to the MKD –New protocols are needed for transporting the keys between the MKD and mesh STAs. –Additional complexity is introduced due to: The interaction of link security with these key transport protocols The use of 802.1X (client-server) authentication with peer-to-peer link security The security architecture is also topology-dependent, which is a challenge for standardization –There were several comments on multiple MKDs during the previous LB, perhaps due to conflicting requirements –Questions about deploying MKDs may remain after MSA is upgraded Consensus resolution of issues will cause 802.11s to miss market window

5 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 5 Overview of Proposal A proposal modifying the TGs draft is available in 11-09/0112r0.11-09/0112r0 It makes centralized security a vendor-specific option. An identifier of the authentication protocol is defined as part of the mesh profile. –It allows SAE or a vendor-specific protocol to be chosen. –Carried within the mesh configuration element The mesh key hierarchy is removed (§8). –Security association definitions are updated to reflect the keys that are created via the selected authentication protocol & via Abbreviated HS MSA establishment procedure & MSA key holder communication protocols are removed (§11B.5) –New overview section is provided (§11B.5.1) –Abbreviated HS & Mesh Group Key HS sections remain

6 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 6 Decision Procedure for Link Setup Abbrev HS Succeeds? Session Do I share PMK with Peer? Did SAE succeed? Yes Peer Discovery Yes Null No SAE No Active Authentication Protocol PLM succeeds? No Yes A vendor-specific authentication protocol may also be selected.

7 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 7 Comments resolved & Draft complexity The proposal, if adopted, would resolve at least 75 comments (63% of open security comments). –Security subgroup progress would move to 90% (381/425). It would likely simplify the resolution of many of the remaining 44 comments, such as those commenting on Abbreviated HS. TGs Draft: Security clauses are reduced from occupying ~89 pages to ~40 pages, eliminating nearly 50 pages from the TGs draft.

8 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 8 Summary With this proposal, TGs can focus on continuing to improve protocols that have undergone a letter ballot (SAE, Abbr. HS). Further, it will allow TGs to pass letter ballot more quickly, shorten the cycle between letter ballots, and allow us to reach our goal of producing a quality, relevant standard.

9 doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 9 References T. Braskich et al, 11-09/0112r0, A vendor specific framework for centralized security, Jan. 2009.11-09/0112r0 T. Braskich, 11-09/0113r0, Comment Resolution for vendor specific centralized security, Jan. 2009.11-09/0113r0 D. Harkins and M. Audeh, 11-08/1263r0, A Modest Proposal…, Nov. 2008.11-08/1263r0 J. Walker et al, 11-08/1296r0, Key Distribution for Mesh Link Security, Nov. 2008.11-08/1296r0 S. Emeott and T. Braskich, 11-08/1361r0, Upgrades to MSA to support multiple MKD, Nov. 2008. (Also 11- 08/1364.)11-08/1361r011- 08/1364

Download ppt "Doc.: IEEE 802.11-09/0114r1 Submission January 2009 Tony Braskich, MotorolaSlide 1 A vendor specific plan for centralized security Date: 2009-01-19 Authors:"

Similar presentations

Doc.: IEEE 802.11-04/1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Doc.: IEEE 802.11-08/1326r1 Submission November 2008 Donald Eastlake 3rd, MotorolaSlide 1 TGs Process, November Date: 2008-11-13 Author:

Doc.: IEEE /1326r1 Submission November 2008 Donald Eastlake 3rd, MotorolaSlide 1 TGs Process, November Date: Author:
Doc.: IEEE 802.11-09/1259r0 Submission Nov 2009 Michael Bahr, Siemens AGSlide 1 RFI Tüddelkram Date: 2009-11-16 Authors:

Doc.: IEEE /1259r0 Submission Nov 2009 Michael Bahr, Siemens AGSlide 1 RFI Tüddelkram Date: Authors:
Doc.: IEEE 802.11-09/0623r1 Submission May 2009 Jon Rosdahl, CSRSlide 1 Proposal for P&P Change - #2009-1 Date: 2009-05-15 Authors:

Doc.: IEEE /0623r1 Submission May 2009 Jon Rosdahl, CSRSlide 1 Proposal for P&P Change - # Date: Authors:
Doc.: IEEE 802.11-09/0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced 802.11 Security Date: 2009-03-13 Authors:

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
Doc.: IEEE 802.11-08/1392r0 Submission November 12, 2008 De Vegt (Qualcomm)Slide 1 Inputs for a VHT Selection Procedure Date: 2008-11-10Authors:

Doc.: IEEE /1392r0 Submission November 12, 2008 De Vegt (Qualcomm)Slide 1 Inputs for a VHT Selection Procedure Date: Authors:
Doc.: IEEE 802.11-08/1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: 2008-11-10 Authors:

Doc.: IEEE /1263r0 Submission November 2008 Dan Harkins, Aruba NetworksSlide 1 A Modest Proposal…. Date: Authors:
IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-00xx-00-sec Title: IEEE 802.11r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: IEEE r Fast BSS Transition – A Study Date Submitted: September 21, 2009 Present.
Doc.: IEEE 802.11-08/1120r2 Submission September 2008 Guido R. Hiertz et al., PhilipsSlide 1 Terminology changes in a nutshell … Date: 2008-09-09 Authors:

Doc.: IEEE /1120r2 Submission September 2008 Guido R. Hiertz et al., PhilipsSlide 1 Terminology changes in a nutshell … Date: Authors:
IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-09-00xx-00-sec Title: Initiate An Exercise for Generating a 21a Document Date Submitted: September 21, 2009.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: Initiate An Exercise for Generating a 21a Document Date Submitted: September 21, 2009.
Doc.: IEEE 802.11-09/0237r0 Submission February 12, 2009 Rolf de Vegt (Qualcomm)Slide 1 Inputs for a 802.11ac Spec Framework Methodology Date: 2009-02-12.

Doc.: IEEE /0237r0 Submission February 12, 2009 Rolf de Vegt (Qualcomm)Slide 1 Inputs for a ac Spec Framework Methodology Date:
Doc.: IEEE 802.11-01/147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503) 712-1849.

Doc.: IEEE /147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503)
Doc.: IEEE 802.11-07/2079r0 Submission July 2007 Terry Cole, AMDSlide 1 WG Technical Editors Opening Report (July) Date: 2007-07-16 Authors:

Doc.: IEEE /2079r0 Submission July 2007 Terry Cole, AMDSlide 1 WG Technical Editors Opening Report (July) Date: Authors:
Doc.: IEEE 802.11-08/0559r0 Submission May 2008 Terry L Cole, AMDSlide 1 WG Technical Editors Opening Report (May) Date: 2008-05-12 Authors:

Doc.: IEEE /0559r0 Submission May 2008 Terry L Cole, AMDSlide 1 WG Technical Editors Opening Report (May) Date: Authors:
Doc.: IEEE 802.11-07/2389r0 Submission Sept 2007 Terry Cole, AMDSlide 1 WG Technical Editors Opening Report (September) Date: 2007-09-17 Authors:

Doc.: IEEE /2389r0 Submission Sept 2007 Terry Cole, AMDSlide 1 WG Technical Editors Opening Report (September) Date: Authors:
Doc.: IEEE 802.11-09/0445r0 Submission May 2009 Adrian Stephens, Intel CorporationSlide 1 802.11 TGn Editor Report May 2009 Date: 2009-05-11 Authors:

Doc.: IEEE /0445r0 Submission May 2009 Adrian Stephens, Intel CorporationSlide TGn Editor Report May 2009 Date: Authors:
Doc.: IEEE 802.11-09/1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: 2009-09-15 Authors:

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: VC1_16112009_EC_P&P_Update-opening_r0.ppt Submission EC Update on LMSC Governance Date: November 16 th, 2009 Author: Matthew Sherman 1 st Vice Chair,

Doc.: VC1_ _EC_P&P_Update-opening_r0.ppt Submission EC Update on LMSC Governance Date: November 16 th, 2009 Author: Matthew Sherman 1 st Vice Chair,
Doc.: IEEE 802.11-13/1226r0 Submission September 2013 Osama Aboul-Magd (Huawei Technologies)Slide 1 TGac September 2013 Closing Report Date: 2013-09-19.

Doc.: IEEE /1226r0 Submission September 2013 Osama Aboul-Magd (Huawei Technologies)Slide 1 TGac September 2013 Closing Report Date:
Doc.: IEEE 15-09-0769-00-004g TG4g - SUN November 2009 Phil Beecher, Beecher Communications Consultants Ltd Slide 1 Project: IEEE P802.15 Working Group.

Doc.: IEEE g TG4g - SUN November 2009 Phil Beecher, Beecher Communications Consultants Ltd Slide 1 Project: IEEE P Working Group.

Similar presentations

Ads by Google