Presentation is loading. Please wait.

Presentation is loading. Please wait.

50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)

Published byJanice Parrish Modified over 8 years ago

Similar presentations

Presentation on theme: "50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)"— Presentation transcript:

1 50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)

2 50 th IETF BURP BOF, March 20, 2001 Access control issue (1) Managed access control • L2 access control basically provides "all-or-nothing" access control • Simple and useful for some cases (DSL, Cable) • Flexible access control would also be useful in certain cases (network access in public area), e.g., • Allow any user to get access to a web site within the edge subnet to get local area guide information • Deny unauthorized user to access beyond the edge subnet

3 50 th IETF BURP BOF, March 20, 2001 Access control issue (2) Multi-homing • A host may associate with multiple Access Routers (ARs) • If all ARs belong to the same AAA domain, performing AAA per AR may not be a good idea • If each AR belongs to a different AAA domain, AAA per AR would be necessary • These ARs may speak IPv4 only, IPv6 only, or both. • A host may have multiple interfaces • If all interfaces belong to the same AAA domain, performing AAA per interface may not be a good idea AR1 AR2 H H AR1

4 50 th IETF BURP BOF, March 20, 2001 AAA application protocol issue • AAA application protocols: MIP, SIP,... • Each protocol design started without AAA (base spec.) • Later on, AAA interaction is considered • Fortunately, no modification is needed for the base spec. in terms of the last two 'A's (good for modularity) • Need consideration to deal with the first 'A' • How to establish an SA with "out of the blue" client? • MIPv4 has AAA extention to carry registration keys •It would be very nice if a protocol can be "AAA-ready" without any modification to its base spec. • Coupling user registration with key distribution

5 50 th IETF BURP BOF, March 20, 2001 BURP (Basic User Registration Protocol) • Is a client-server type protocol that • Performs user registration to the visiting AAA domain • Works with Diameter/RADIUS, leveraging AAA infrastructure in the network based on the information gathered in the registration phase • Is a light-weight, application layer protocol that is applicable • To various devices (e.g., PDA, cellular, laptop) without modifying kernel or device drivers • To flexibile access control • To multi-homing environment •Is is also used for key distribution for AAA application protocols

6 50 th IETF BURP BOF, March 20, 2001 Thank you!

7 50 th IETF BURP BOF, March 20, 2001 Example of BURP applicability to SIP Step 1: The user performs user registration by using BURP Step 2: If step 1 is successful, authorization information is pulled from AAA infrastracture. • The information includes application specific one such as: a SIP registration key • Also, access control parameters will be set to access routers Step 3: The user run SIP. • Thanks to the previous steps, authentication for SIP registration can be done w/o contacting to AAA. (The example can be applied to other protocol "X" by replacing "SIP" with "X".)

8 50 th IETF BURP BOF, March 20, 2001 User Terminal BURP ServerSIP Server/Proxy AAA infrastracture in the core network 1 1 2 2 2 3

9 50 th IETF BURP BOF, March 20, 2001 Basic Part of Each Application Protocol (independent of AAA) Possible architecture AAA Protocol Entity (Diameter/RADIUS) SIP Server Mobile IP Mobility Agent AR/AP BURP Server (Registration Agent) BURP Client SIP Client Mobile IP Mobile Node... User Terminal Network L2 Auth. Client AAA info. (incl. registratin keys) AAA info. (incl. Registration keys) BURP messages AAA Protocol Entity

Download ppt "50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)"

Similar presentations

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授: 童曉儒 教授 學生:許益晨 IEEE TRANSACTIONS.
Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.

IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
A Computation Management Agent for Multi-Institutional Grids

A Computation Management Agent for Multi-Institutional Grids
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego

Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego
Rev BMarch 2004 The ABC Service as a Research Infrastructure Rajesh Mishra Per Johansson Cahit Akin Salih Ergut.

Rev BMarch 2004 The ABC Service as a Research Infrastructure Rajesh Mishra Per Johansson Cahit Akin Salih Ergut.
Session Initiation Protocol (SIP) By: Zhixin Chen.

Session Initiation Protocol (SIP) By: Zhixin Chen.
History Since created in 1995, RADIUS has been used to provide authentication, authorization and generate accounting information for dial-in users. However,

History Since created in 1995, RADIUS has been used to provide authentication, authorization and generate accounting information for dial-in users. However,
Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
AAA-Mobile IPv6 Frameworks Alper Yegin IETF 62. 2 Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.
Host Identity Protocol

Host Identity Protocol
July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das

July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das
Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.
Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.

Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.
Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Open Standards for Network Access Control Trusted Network Connect.

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Open Standards for Network Access Control Trusted Network Connect.

Similar presentations

Ads by Google