50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)

Slides:

Advertisements

Similar presentations

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.

Advertisements

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

Company LOGO Interworked WiMAX-3G Cellular Data Networks: An Architecture for Mobility Management and Performance Evaluation 指導教授：童曉儒教授學生：許益晨 IEEE TRANSACTIONS.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

A Computation Management Agent for Multi-Institutional Grids

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego

Rev BMarch 2004 The ABC Service as a Research Infrastructure Rajesh Mishra Per Johansson Cahit Akin Salih Ergut.

Session Initiation Protocol (SIP) By: Zhixin Chen.

History Since created in 1995, RADIUS has been used to provide authentication, authorization and generate accounting information for dial-in users. However,

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

Host Identity Protocol

July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das

Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Open Standards for Network Access Control Trusted Network Connect.

Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia.

1 © NOKIA 1999 FILENAMs.PPT/ DATE / NN SIP Service Architecture Markus Isomäki Nokia Research Center.

November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,

Mobility and Protocols Toward State of the Art Analysis of IETF Protocols: Mobility Support Issues Omar Alfandi.

1 IPv6 Deployment Scenarios in (e) Networks draft-ietf-v6ops deployment-scenarios-01 Myung-Ki Shin, ETRI Youn-Hee Han, KUT Sang-Eon Kim, KT.

Slide 1 Jose Costa-Requena, Raimo Kantola, Nicklas Beijar / MobileMAN Kick-off/ CNR,Pisa MobileMAN kick-off Jose Costa-Requena, Raimo Kantola,

IP Services over Bluetooth: Leading the Way to a New Mobility Markus Albrecht Matthias Frank Peter Martini Markus Schetelig Asko Vilavaara Andre Wenzel.

1 Multimedia Services Service provider Service client Service registry Publish Find/discovery Bind Multimedia Services Framework and architecture.

1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.

George Tsirtsis “BURP Requirements behind draft-ietf-dhc-aaa-ra-00.txt”

EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),

1 Local Security Association (LSA) The Temporary Shared Key (TSK) draft-le-aaa-lsa-tsk-00.txt Stefano M. Faccin, Franck Le.

INTRODUCTION. 1.1 Why the Internet Protocol Multimedia Subsystem 1.2 Where did it come from?

AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

1 A VPN based approach to secure WLAN access John Floroiu

1 NetLMM Vidya Narayanan Jonne Soininen

Problem Scope Objective To demonstrate/determine clearly the need for an edge protocol that allows a user to interact with an agent in the network for.

Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks Haitham Cruickshank University of Surrey workshop on Ubiquitous.

Santhosh Rajathayalan ( ) Senthil Kumar Sevugan ( )

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

Agenda Pattern Authenticate a user against UCWA Operations happen using the user’s identity Interact with the UCWA service endpoint Make HTTP requests.

Basic User Registration Protocol BoF Basavaraj Patil/Nokia Subir Das/Telcordia Technologies IETF-50 March 20, 2001.

DSLF Subscriber Auth Requirements and IETF PANA Protocol PANA WG Chairs IETF 70 Dec 7, 2007 – Vancouver, Canada.

Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.

DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.

Michael G. Williams, Jeremey Barrett 1 Intro to Mobi-D Host based mobility.

San Diego, August 2004 IETF 60 th – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-01) Gerardo Giaretta.

Paris, August 2005 IETF 63 rd – mip6 WG Mobile IPv6 bootstrapping in split scenario (draft-ietf-mip6-bootstrapping-split-00) mip6-boot-sol DT Gerardo Giaretta,

DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.

IEEE MEDIA INDEPENDENT HANDOVER DCN:

SIP over MANETs Introduction to SIP SIP vs MANETs Open Issues

Virtual Private Networks

Network Based Connectivity and Mobility Management for IPv4 draft-chowdhury-netmip4-00.txt Kuntal Chowdhury IETF-65.

Media-Independent Pre-authentication (MPA) Framework

Pre-authentication Overview

EA C451 Vishal Gupta.

with distributed anchor routers

MobileMAN Workshop 2 Cambridge 2 –

GPRS GPRS stands for General Packet Radio System. GPRS provides packet radio access for mobile Global System for Mobile Communications (GSM) and time-division.

Pat R. Calhoun Sun Microsystems, Inc.

Application Layer Mobility Management Scheme for Wireless Internet

IEEE MEDIA INDEPENDENT HANDOVER

User Registration Protocol BoF

3GPP and SIP-AAA requirements

Software interoperability in the NGN Service layer

Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation

Read this to find out how the internet works!

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)

50 th IETF BURP BOF, March 20, 2001 Access control issue (1) Managed access control L2 access control basically provides "all-or-nothing" access control Simple and useful for some cases (DSL, Cable) Flexible access control would also be useful in certain cases (network access in public area), e.g., Allow any user to get access to a web site within the edge subnet to get local area guide information Deny unauthorized user to access beyond the edge subnet

50 th IETF BURP BOF, March 20, 2001 Access control issue (2) Multi-homing A host may associate with multiple Access Routers (ARs) If all ARs belong to the same AAA domain, performing AAA per AR may not be a good idea If each AR belongs to a different AAA domain, AAA per AR would be necessary These ARs may speak IPv4 only, IPv6 only, or both. A host may have multiple interfaces If all interfaces belong to the same AAA domain, performing AAA per interface may not be a good idea AR1 AR2 H H AR1

50 th IETF BURP BOF, March 20, 2001 AAA application protocol issue AAA application protocols: MIP, SIP,... Each protocol design started without AAA (base spec.) Later on, AAA interaction is considered Fortunately, no modification is needed for the base spec. in terms of the last two 'A's (good for modularity) Need consideration to deal with the first 'A' How to establish an SA with "out of the blue" client? MIPv4 has AAA extention to carry registration keys It would be very nice if a protocol can be "AAA-ready" without any modification to its base spec. Coupling user registration with key distribution

50 th IETF BURP BOF, March 20, 2001 BURP (Basic User Registration Protocol) Is a client-server type protocol that Performs user registration to the visiting AAA domain Works with Diameter/RADIUS, leveraging AAA infrastructure in the network based on the information gathered in the registration phase Is a light-weight, application layer protocol that is applicable To various devices (e.g., PDA, cellular, laptop) without modifying kernel or device drivers To flexibile access control To multi-homing environment Is is also used for key distribution for AAA application protocols

50 th IETF BURP BOF, March 20, 2001 Thank you!

50 th IETF BURP BOF, March 20, 2001 Example of BURP applicability to SIP Step 1: The user performs user registration by using BURP Step 2: If step 1 is successful, authorization information is pulled from AAA infrastracture. The information includes application specific one such as: a SIP registration key Also, access control parameters will be set to access routers Step 3: The user run SIP. Thanks to the previous steps, authentication for SIP registration can be done w/o contacting to AAA. (The example can be applied to other protocol "X" by replacing "SIP" with "X".)

50 th IETF BURP BOF, March 20, 2001 User Terminal BURP ServerSIP Server/Proxy AAA infrastracture in the core network

50 th IETF BURP BOF, March 20, 2001 Basic Part of Each Application Protocol (independent of AAA) Possible architecture AAA Protocol Entity (Diameter/RADIUS) SIP Server Mobile IP Mobility Agent AR/AP BURP Server (Registration Agent) BURP Client SIP Client Mobile IP Mobile Node... User Terminal Network L2 Auth. Client AAA info. (incl. registratin keys) AAA info. (incl. Registration keys) BURP messages AAA Protocol Entity