Robert Moskowitz ICSAlabs

Slides:



Advertisements
Similar presentations
Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.
Advertisements

Achieving Seamless IP Optical Network Integration OIF Interoperability Update Amy Wang, Avici Systems.
Report from the Networking in Times of Disaster. What is a Disaster? Networks that work in times of disaster should address: Events that affect a network.
LinkSec Architecture Attempt 3
1 IEEE Media Independent Handoff Overview of services and scenarios for 3GPP2 Stefano M. Faccin Liaison officer to 3GPP2.
1 2/20/03 Link Security Scenarios Ali Abaye Charles Cook Norm Finn Russ Housley Marcus Leech Mahalingam Mani Bob Moskowitz Dave Nelson Antti Pietilainen.
Extended Service Set (ESS) Mesh Network Daniela Maniezzo.
Layer 2 Gateway (L2GW) draft-xia-nvo3-l2gw-01
UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.
Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
ConnectionMigration 818L Network Centric Computing Spring 2002 Ishan Banerjee.
Fundamentals of Computer Security Geetika Sharma Fall 2008.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
SP Wi-Fi Services over Residential Architectures (draft-gundavelli-v6ops-community-wifi-svcs) IETF 84 - August, 2012 Authors: Sri Gundavelli(Cisco) Mark.
Abstraction and Control of Transport Networks (ACTN) BoF
Doc.: IEEE /492r0-I Submission Robert Moskowitz, Trusecure/ICSALabsSlide 1 March 2002 An Authentication layering model Robert Moskowitz Trusecure.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Web Services Igor Wasinski Olumide Asojo Scott Hannan.
“IMS in a Bottle”: Initial Experiences from an OpenSER-based Prototype Implementation of the 3GPP IP Multimedia Subsystem Author:Joachim Fabini, Peter.
Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.
Helsinki Institute of Physics (HIP) Liberty Alliance Overview of the Liberty Alliance Architecture Helsinki Institute of Physics (HIP), May 9 th.
1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
WLAN-GPRS Integration For Next-Generation Mobile Data Networks Wireless Communications IEEE 2002 報告者:陳崇凱.
MIPSHOP – November, 2005 Event Services and Command Services for Media Independent Handover Presentation prepared by: Srini Sreemanthula Presented by:
1 6/3/2003 IEEE Link Security Study Group, June 2003, Ottawa, Canada Secure Frame Format PAR: 5 Criteria.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Module 6: Network Policies and Access Protection.
November 2001 Lars Falk, TeliaSlide 1 doc.: IEEE /617r1 Submission Status of 3G Interworking Lars Falk, Telia.
March 2014 doc.: IEEE Submission Jaehwan Kim (ETRI) Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
1 01/27/03 Scenarios. 2 01/27/03 Business Applications Scenario 1: Secure EPON – FTTH/FTTB (provider network) Scenario 2: IEEE 802 Link Security – RPR.
SDN/NFV DDoS Requirements "The Mobile Use Case – 5G" Bipin Mistry, VP Product Management © 2015 Corero
Problem Statement: Media Independent Handover Signalling draft-hepworth-mipshop-mih-problem-statement-01 Ele Hepworth (*), Greg Daley, Srinivas Sreemanthula,
Port Based Network Access Control
UNIT 7 SEMINAR Unit 7 Chapter 9, plus Lab 13 Course Name – IT482 Network Design Instructor – David Roberts – Office Hours: Tuesday.
Introduction to “Tap – Dance ”. Company Proprietary Presentation Topics  Introduction  Handover scenarios  Inter-Network Handover consequences  Common.
Doc.: 802_Handoff_Linksec_Presentation Submission May David Johnston, IntelSlide Handoff LinkSec Handoff Issues? David Johnston
BITS Pilani Pilani | Dubai | Goa | Hyderabad EA C451 Vishal Gupta.
Month Year doc.: IEEE yy/xxxxr0 July 2017
Suresh Krishnan Secure Proxy ND Suresh Krishnan
An Architecture for Wireless LAN/WAN Integration
IEEE 802 OmniRAN Study Group: SDN Use Case
Virtual Wireless Port based Bridging
Grid Network Services: Lessons from SC04 draft-ggf-bas-sc04demo-0.doc
Jee sook, Eun May 2004 Presented in IEEE 802.1af - key management
Virtual LANs.
Authentication Authorization Accounting(AAA) Protocol
Vision of 2010 Internet IPv6 is not only for IT industry, but for all industrial segments, by the improvement of RoI and by applying the Internet technology.
IEEE P802.1CF for vertical applications
Brief Introduction to IEEE P802.1CF
Chapter 12: Wide Area Networks
ESS Mesh Deployment Usage Model
OmniRAN Overview and status
The Business Value of MPLS VPNs
Technical Requirements for IEEE ESS Mesh Networks
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.
RADIUS Client Kickstart
ESS Mesh Deployment Usage Model
OSI Model The Seven Layers
Good Morning 1/17/2019.
IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx
Open Standards Policy in Belgium
Link Setup Flow July 2011 Date: Authors: Name Company
A View on s Routing A Framework for a Discussion
Unit 8 Network Security.
Link Setup Flow July 2011 Date: Authors: Name Company
TruSecure Corporation
Presentation transcript:

Robert Moskowitz ICSAlabs LinkSec Architecture Robert Moskowitz ICSAlabs

LinkSec Network Model A Provider IEEE 802 Infrastructure Provider Links Cross-Provider Links Network attachment points Jointly controlled by Provider and Subscriber Network Authentication Link Authorization Link privacy and integrity

Provider View Of LinkSec Support billing No money, no network Subscriber and cross-provider Legal obligations Subscriber expectations Legal intercept function of deployment, not protocols Control access to Network Attachment Points

Subscriber View of LinkSec Network exists to service Subscribers LinkSec exists to protect Subscribers Trust in Network Authenticate the Provider Restriction of exposure Trust in billing Only charged for real usage

Business-Driven Requirements Provider Network centric IEEE 802 networks only Provider link protection Intra-Provider, Inter-Provider, Subscriber to NAPs Authentication always needed Helps limit miss-use of network Privacy and Integrity protection

Business-Driven Requirements Not Included Link Transparency Virtual, trusted links across hostile bridges See Norm’s comments Impact on multi-party Adhoc networks Legal Intercept Solved by deployment methodology not provisions in LinkSec

Requirements Details Multi-link model Consider all links as ephemeral Each node has N points of connection N = 1 is the degenerate case Consider all links as ephemeral “permanent links” are just long-lived ephemeral links Bi-directional nature of Authentication Both ends of a link authenticate the other even though one side starts the authentication Mutual Authentication is not always bi-directional

More Requirements Details Layer Signalling of LinkSec Support for Handoff between NAPs No direct support of Handoff mechanisms in LinkSec. I.E. Transparency Privacy of Data frames Integrity of Management frames

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.