Presentation is loading. Please wait.

Presentation is loading. Please wait.

URP Usage Scenarios for Mobility James Kempf Sun Microsystems, Inc.

Published byVernon Doyle Modified over 8 years ago

Similar presentations

Presentation on theme: "URP Usage Scenarios for Mobility James Kempf Sun Microsystems, Inc."— Presentation transcript:

1 URP Usage Scenarios for Mobility James Kempf Sun Microsystems, Inc.

2 Problem Statement:Service Authorization Protocol exchange involved in authorizing a Mobile Node for particular network services after handover is often more extensive than actually setting up the service itself (ex. COPS flows in draft-thomas- seamoby-rsvp-analysis-00.txt). –Could seriously delay Mobile Node obtaining authorized service. –Possible to solve efficiently at edge with context transfer. –Difficult to solve back in network, alternatives unappealing: Context transfer flooding. Selective context transfer based on tracking of mobile node’s routes. Initial URP registration provides Mobile Node with something like a lightweight encrypted capabilities token, the possession of which is sufficient to identify the Mobile Node as authorized for a collection of network level services. –Each router examines token, grants Mobile Node’s packets the requested service if allowed. –Router acts as both PDP and PEP since Mobile Node’s initial packets contain authorization token.

3 Problem Statement: Authentication Challenge The network requires some means to issue a lightweight challenge the Mobile Node to authenticate, for example, after handover The Mobile Node requires some means to challenge the network. –Especially true for 802.11, where anybody can set up an access point (e.g. fake bank teller problem). Initial URP exchange sets up. –URP RA provides the Mobile Node with a cryptographically protected response token to present when challenged. –Mobile Node provides URP RA with a cryptographically protected response token with which to reply when challenged.

4 Motivation: Privacy Network operator or user may want to hide the fact that a particular mobile is in a particular subnet. –Can’t use IPv6 for IP address. Draft talks about using an identity token. –Possible but better ways to do this (e.g. SUCV, BAKE, etc.). –Somewhat half baked. BUT...URP can provide the vehicle for setting up initial conditions (keying, etc.).

5 Requirements Provide a means whereby a Mobile Node’s packets can securely prove authorization for a particular network level service after handover without requiring an extensive protocol exchange. Provide a secure authentication tokens whereby a Mobile Node can challenge the network after handover, and the network can challenge the Mobile Node. Set up initial conditions for masking Mobile Node’s location and origin.

Download ppt "URP Usage Scenarios for Mobility James Kempf Sun Microsystems, Inc."

Similar presentations

Security Issues In Mobile IP

Security Issues In Mobile IP
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Doc.: IEEE 802.11-02/243r0 Submission March 2002 James Kempf, DoCoMo LabsSlide 1 802.11 and IP James Kempf Seamoby WG Co-chair DoCoMo Labs USA

Doc.: IEEE /243r0 Submission March 2002 James Kempf, DoCoMo LabsSlide and IP James Kempf Seamoby WG Co-chair DoCoMo Labs USA
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
1 Introduction to Mobile IPv6 IIS5711: Mobile Computing Mobile Computing and Broadband Networking Laboratory CIS, NCTU.

1 Introduction to Mobile IPv6 IIS5711: Mobile Computing Mobile Computing and Broadband Networking Laboratory CIS, NCTU.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.

Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT 1 1 1 0 11 0.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.

Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.
NISNet Winter School Finse 2008 1 Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology

NISNet Winter School Finse Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.

Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.
A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

Similar presentations

Ads by Google