1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.

Slides:

Advertisements

Similar presentations

Inter WISP WLAN roaming

Advertisements

Authentication.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.

Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN

Network Access and 802.1X Klaas Wierenga SURFnet

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 Dagstuhl DTN Workshop 2005 Delay Tolerant Networks - Some Thoughts about Security Hannes Tschofenig This presentation has been produced in the context.

1 Arkko et al, DIMACS Workshop Nov ‘04 Secure and Efficient Network Access DIMACS Workshop, November 3 rd, 2004, Piscataway, NJ, USA Jari Arkko Ericsson.

An Architectural Framework for Providing WLAN Roaming D.Vassis G.Kormentzas Dept. of Information and Communication Systems Engineering University of the.

Ubiquitous Access Control Workshop 1 7/17/06 Access Control and Authentication for Converged Networks Z. Judy Fu John Strassner Motorola Labs {judy.fu,

Using Digital Credentials On The World-Wide Web M. Winslett.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

D1 - 29/06/2015 The present document contains information that remains the property of France Telecom. The recipient’s acceptance of this document implies.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

1 CHEETAH software OCS/AAA module Routing decision module Signaling module VLSR module Include TL1 proxy for Cisco MSPP Router disconnect module.

RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.

Omniran IEEE 802 Scope of OmniRAN Date: Authors: NameAffiliationPhone Max RiegelNSN

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012.

Network Security1 – Chapter 5 (B) – Using IEEE 802.1x Purpose: (a) port authentication (b) access control An IEEE standard

Remedies Use of encrypted tunneling protocols (e.g. IPSec, Secure Shell) for secure data transmission over an insecure networktunneling protocolsIPSecSecure.

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

70-411: Administering Windows Server 2012

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Doc.: IEEE /751r0 Submission July 2004 Max Riegel, SiemensSlide 1 Selling network access Views from a business perspective Max Riegel Siemens.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

SAML CCOW Work Item HL7 Working Group Meeting San Antonio - January 2008 Presented by: David Staggs, JD CISSP VHA Office of Information Standards.

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

2003/12/291 Security Aspects of 3G-WLAN Interworking 組別： 2 組員：陳俊文 , 李奇勇 , 黃弘光 , 林柏均

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.

EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.

Network access security methods Unit objective Explain the methods of ensuring network access security Explain methods of user authentication.

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

All Rights Reserved © Alcatel-Lucent 2006, ##### NZNOG 2007 Control Planes and RADIUS Bitses Alastair Johnson Senior IP Technologist, Alcatel-Lucent

Secure Active Network Prototypes Sandra Murphy TIS Labs at Network Associates March 16,1999.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

EAP Extensions for EAP Early Authentication Protocol (EEP) Hao Wang, Yang Shi, Tina Tsou.

EAP-based Mediating Network Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( ) ACKNOWLEDGEMENTS:

Lecture 24 Wireless Network Security

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.

Omniran IEEE 802 Scope of OmniRAN Date: Authors: NameAffiliationPhone Max RiegelNSN

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Wireless security Wi–Fi (802.11) Security

Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.

Doc.: IEEE /0027r0 Submission January 2006 Slide 1 WiNOT Consortium: Proposal for online enrollment cluster Notice: This document has been prepared.

Doc.: IEEE /0310r0 Submission Sept 2007 Srinivas Sreemanthula Slide 1 IEEE MEDIA INDEPENDENT HANDOVER DCN: MIH-Security-Options.ppt.

1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.

Doc.: IEEE /0371r0 Submission May 2005 S. McCann & E. Hepworth, Siemens Roke ManorSlide 1 IEEE 802 Architecture Issues Notice: This document has.

IETF #65 Network Discovery and Selection Problem draft-ietf-eap-netsel-problem-04 Farooq Bari Jouni Korhonen.

Presentation at ISMS WG Meeting1 ISMS – March 2005 IETF David T. Perkins.

Omniran CF00 1 Key Concepts of Authentication and Trust Establishment Date: Authors: NameAffiliationPhone Max RiegelNokia Networks+49.

EAP over HRPD Comments Qualcomm, Inc. Vidya Narayanan, Dondeti, Lakshminath, Jun Wang, Pete Barany Notice: QUALCOMM Incorporated grants a free, irrevocable.

Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.

Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.

Omniran IEEE 802 Scope of OmniRAN Date: Authors: NameAffiliationPhone Max RiegelNSN

Port Based Network Access Control

Katrin Hoeper Channel Bindings Katrin Hoeper

Security of a Local Area Network

Secure Authentication System for Public WLAN Roaming

IEEE 802 Scope of OmniRAN Abstract

Presentation transcript:

1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of the Ambient Networks project. The Ambient Networks project is part of the European Community's Sixth Framework Program for research and is as such funded by the European Commission. All information in this document is provided “as is” and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. For the avoidance of all doubts, the European Commission has no liability in respect of this document, which is merely representing the authors‘ view.

2 Background Main focus areas of wireless network security: Authentication & key exchange Per-packet encryption & integrity protection Assumptions Authorization “happens” at some point Policy lookup based on authenticated identity Not entirely accurate picture… This is work in progress Issues that should be taken into account in the future, not finished solutions

3 Business aspects Enforcing policies about money is somewhat different from policies about authenticated identities “Anyone who pays is allowed” “A, B, and C are allowed” In traditional “subscription” model with off-line accounting these are quite close But not in, e.g., credit card payment Or pre-paid with on-line “reservations” Much more than “authentication problem” New meanings for messages RADIUS Access-Accept = “Yes, give access” (intra-operator) “I agree to pay the costs for this user’s session” (inter-operator) Authentication After authentication, AP does not necessarily know any long-term identifier for the user

4 Multiple players Not just “the network” Multiple entities/players involved in authorization WLAN access point Access network/WISP AAA + maybe other entities Roaming broker/mediating network AAA Home network/ISP AAA + maybe other entities Enterprise buying the service for its employees

5 Protocol boundaries Multi-party system specified as several two-party protocols Often developed separately Difficult to get the boundaries right And difficult to change them when requirements change Current list i 802.1X-REV EAP framework EAP methods RADIUS base (RFC2865) RADIUS EAP support (RFC3579) RADIUS EAP key transport (RFC2548) E.g., authentication of access point (or access network) identifier to client in the system including the protocols listed above We don’t even have a good name for this system…!

6 Lots of protocols, but… System with N participants has potentially possible interactions Do we have communication channels for all those? Client – AP: , 11i, 1X Client – Home AAA: EAP framework + methods AP – AAA proxies – Home AAA: RADIUS ( ) N2N2

7 Missing protocol! Missing: communication channel between client and AAA infrastructure (other than home AAA)! Current experience suggests this is needed for information about the access network (not just single AP) Roaming relationships Services provided Handoff Current approaches Modify non-integrity-protected fields in EAP messages Proprietary EAP method run between client/access network before the “real” authentication “Browser hijack”

8 Problems with current approaches Not secure Who is the “authority” for the information? Usually not the access point… Very limited amount of information can be transferred “Browser hijack” breaks other network uses than browsing EAP-based methods work only in the beginning Proprietary solutions not widely adopted Performance (potentially)

9 Authorization aspects in handoffs Scope Is the new AP covered by the home network’s “promise to pay”? Does the new AP accept this promise? Currently scope not communicated explicitly But including the policy in Access-Accept means only some policies can be expressed What kind of policies are really needed? Are APs the right place to evaluate this policy anyway? Does the AP have the information needed to evaluate it?

10 Authorization and handoffs Context transfer between old and new AP is not enough Session termination initiated by the network Upstream AAA proxy needs to be notified “Chasing the fly around the room”  use handoffs to escape disconnect messages draft-liu-aaa-diameter-session-mobility-00 (expired) Can e.g. price be different in new AP?

11 What can be learned? This is not (just) a “key management problem” And handoffs are not (just) a “context transfer problem” Design is often incremental Dial-up PPP with PAP/CHAP RADIUS between NAS and AAA server Inter-domain RADIUS Per-packet encryption/integrity protection EAP for user authentication WLAN as “wired Ethernet replacement” Mutual authentication in EAP Public WLAN networks Network discovery/selection Three-party authentication in EAP? “WLAN as 4G”??

12 What can be learned? Business aspects Avoid hardcoding business models and policies into protocols Cannot be avoided totally, though Network-initiated messages in current AAA Difficult to route Problems with handoffs Credit card payment and i Reuse of existing user databases and credentials One thing EAP got right? Rise of the “mediating network”

13 What can be learned? Protocols Reusing existing components is sound engineering practice But so is throwing away components that don’t fit Be explicit about what is meant and expected of others E.g., NAS/AP does not tell what attributes it wants from the AAA server Get modular boundaries right Separating “security protocol” and protocol for “doing the real work” not always a good idea Create a protocol for doing the work securely instead Cf “network attachment” and 11i/1X “secure network attachment” … Not always clear what the “real work” is? IKEv1 was designed for “key management” “Real work” turned out to be VPN access

14 Multi-party systems New uses may require new parties in the system Do not design individual components in a vacuum Acknowledge that system has multiple parties, not just 2 Make them “first class citizens”: explicitly identify them Provide proper communication channels E.g., “go to this URL to do something about your authorization” instead of “browser hijack” Prior, during, and after network attachment Network discovery/selection information Notifications during network access Prepare for extensibility But in a way that fits to the overall architecture

15 Conclusions We don’t know how to do multi-party systems well And no silver bullets in this presentation either Challenges Incremental change Re-use of existing components vs. designing new ones Unexpected uses Component vs. system focus “Business security” vs. “information security” focus?