Nov 10, 20031 EAP-based Mediating Network Discovery and Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation (

Slides:



Advertisements
Similar presentations
Inter WISP WLAN roaming
Advertisements

Doc.: IEEE /039 Submission January 2001 Haverinen/Edney, NokiaSlide 1 Use of GSM SIM Authentication in IEEE System Submitted to IEEE
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
Doc.: IEEE /275 Submission September 2000 David Halasz, Cisco Systems, Inc.Slide 1 IEEE 802.1X for IEEE David Halasz, Stuart Norman, Glen.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.
Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.
1 An overview Always Best Connected Networks Dênio Mariz Igor Chaves Thiago Souto Aug, 2004.
RADIUS Prepaid Extension draft-lior-radius-prepaid-extensions-05.txt Avi Lior, Yong Li, Bridgewater Systems Parviz Yegani, Cisco Systems Kuntal Chowdhury.
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.
ERP for IKEv2 draft-nir-ipsecme-erx-01. Why ERP for IKEv2? RFC 5296 and the bis document define a quick re- authentication protocol for EAP. ERP requires.
2007 © SWITCH TNC2007 Extending SWITCH Public Wireless LAN with EAP-SIM Kurt Baumann SWITCHmobile Project Leader
IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.
Interworking Architecture Between 3GPP and WLAN Systems 張憲忠, 何建民, 黃瑞銘, 紀嘉雄, 李有傑.
CAPWAP related draft-shao-opsawg-capwap-hybridmac-00 draft-chen-opsawg-capwap-extension-00 draft-zhang-opsawg-capwap-eap-00.
Report about the Design Team on "Diameter Routing" (Tina Tsou)
Packet Data Roaming Common Architecture Richard Xu Chief Architect +1(408) Aicent, Inc. November 11, 2005.
November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,
Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
1 © 1999, Cisco Systems, Inc. AAA/Mobile IP For 3G CDMA Systems Gopal Dommety and Allen Long.
DHCPv6 Route Option (draft-dec-dhcpv6-route-option-03.txt) IETF 77, March 2010 : Wojciech Dec Richard Johnson
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Proposal for IEEE Study Group on Security Signaling Optimization.
Submission November 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report November 2003 Dorothy Stanley – Agere Systems IEEE Liaison To/From.
Identities and Network Access Identifier in M2M Page 1 © GPP2 3GPP2 and its Organizational Partners claim copyright in this document and individual.
Cellular Access Control and Charging for Mobile Operator Wireless Local Area Networks H. Haverinen, J. Mikkonen and T. Takamaki, Nokia Wei-Jen, Lin Advanced.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
1 RADIUS Attribute Harmonization and Informational guidelines for PWLAN Farid Adrangi Intel Corporation ( )
Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.
EAP-based Mediating Network Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( ) ACKNOWLEDGEMENTS:
Doc.: IEEE /0638r0 Submission May 2004 Bernard Aboba, MicrosoftSlide 1 Network Selection Bernard Aboba Microsoft
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
PMIPv6 Route Optimization Protocol draft-qin-mipshop-pmipro-00.txt Alice Qin Andy Huang Wenson Wu Behcet Sarikaya.
March 17, 2003 IETF #56, SAN FRANCISCO1 Compound Authentication Binding Problem (EAP Binding Draft) Jose Puthenkulam Intel Corporation (
1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.
Enabling Binding Update via access authorization Charles Perkins, Basavaraj Patil IETF 82 [netext] WG / Taipei November 16, 2011.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
1 Bandwidth Profile Negotiation over AAA Farid Adrangi, Paul Congdon, Chuck Black, Avi Lior, Farooq Bari draft-adrangi-radius-bandwidth-capability-01.txt.
Connect. Communicate. Collaborate Deploying Authorization Mechanisms for Federated Services in the eduroam architecture (DAMe)* Antonio F. Gómez-Skarmeta.
Carrying Location Objects in RADIUS Presentation written by: Hannes Tschofenig, Allison Mankin Draft Authors: Hannes Tschofenig, F. Adrangi, A. Lior, M.
1 Network Selection Problem Definition Draft-ietf-eap-netsel-problem-01.txt Jari Arkko Bernard Aboba.
IETF #65 Network Discovery and Selection Problem draft-ietf-eap-netsel-problem-04 Farooq Bari Jouni Korhonen.
1 Extensible Authentication Protocol (EAP) Working Group IETF-57.
1 cellhost-ipv6-52.ppt/ December 13, 2001 / John A. Loughney Minimum IPv6 Functionality for a Cellular Host John Loughney, Pertti Suomela, Juha Wiljakka,
Paris, August 2005 IETF 63 rd – mip6 WG Mobile IPv6 bootstrapping in split scenario (draft-ietf-mip6-bootstrapping-split-00) mip6-boot-sol DT Gerardo Giaretta,
62 nd IETF RADIUS Bandwidth Capability Avi Lior, Bridgewater Systems Farid Adrangi, Intel Paul Congdon, ProCurve Networking Business Chuck Black, ProCurve.
DIME Virtual Interim Meeting 19th February, 8PM PST Dave Frascone Hannes Tschofenig.
Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.
August 4, 2004EAP WG, IETF 601 Authenticated service identities for EAP (draft-arkko-eap-service-identity-auth-00) Jari Arkko Pasi Eronen.
Eap STate machinE dEsign teaM (ESTEEM) Draft Team members Bernard Aboba, Jari Arkko, Paul.
November 18, 2002 IETF #55, ATLANTA1 Problem with Compound Authentication Methods Jesse Walker Intel Corporation (
Volker Hilt SIP Session Policies Volker Hilt
Discussion on DHCPv6 Routing Configuration
Informing AAA about what lower layer protocol is carrying EAP
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
Access Network Information Option for Proxy Mobile IPv6
Capability Exchange Requirements
Carrying Location Objects in RADIUS
Jari Arkko Bernard Aboba
Report about the Design Team on "Diameter Routing" ietf
Network Selection Issues
IETF Liaison Report November 2003 Dorothy Stanley – Agere Systems
Network Selection Bernard Aboba Microsoft
IEEE MEDIA INDEPENDENT HANDOVER DCN:
Network Selection Bernard Aboba Microsoft
IETF Network Discovery and Selection Overview
IETF Liaison Report July 2004 Dorothy Stanley – Agere Systems
Access Network Information Option for Proxy Mobile IPv6
Presentation transcript:

Nov 10, EAP-based Mediating Network Discovery and Selection Copyright © 2003, The Internet Society Farid Adrangi Intel Corporation ( ) ACKNOWLEDGEMENTS: JOE SALOWEY MARK GRAYSON – Cisco VICTOR LORTZ, JOSE PUTHENKULAM, - INTEL CORPORATION MARK WATSON – Nortel, PASI ERONEN – NOKIA, FAROOQ BARI – AT&T Wireless JOHANNA WILD – MOTOROLA, BLAIR BULLOCK – iPass, ADRIAN BUCKLEY - Rim JARI ARKKO – ERICSSON, BERNARD ABOBA - Microsoft draft-adrangi-eap-network-discovery-and-selection-00.txt

Nov 10, Tmobile Hotspot iPass GRIC AT&T Wireless Sprint Hotspot Mediating Networks (MN) Home Service Networks (HSN) - Sprint has a direct roaming relationship with AT&T HSN -Tmobile AN has an indirect roaming relationship with AT&T HSN via iPass or GRIC MNs Public Wireless LAN (PWLAN) Access Networks (AN) AT&T Subscriber - AT&T Subscriber has a preferred MN Scenarios for AAA Traffic Assumption: the subscriber has already selected the AP

Nov 10, Problem Statement EAP-based clients need information on which home network / Mediating Networks affiliated to Access Network EAP-based clients need ability to influence the selection of Mediating Network used for AAA EAP based clients “routing expression” need to work with existing AAA routing paradigms

Nov 10, Solution Properties Complies with RFC 2284bis It may not require any changes to Access Points (AP) already deployed in Access Networks (AN)

Nov 10, Solution Concepts Uses the EAP-Identity Request to deliver Network Information Uses Decorated NAI in EAP-Identity Response to influence the selection of the Mediating Network

Nov 10, EAP-Identity Request There are three possible options of delivering Network Information using an EAP- Identity Request : –Use the initial EAP-Identity Request issued by the PWLAN AP –Use the initial EAP-Identity Request issued by PWLAN RADIUS proxy –Use a subsequent EAP-Identity Request issued by the PWLAN RADIUS proxy

Nov 10, Initial EAP-Identity Request issued by the PWLAN AP Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI ) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success

Nov 10, Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server EAP-Identity Req EAP-Identity Resp (Normal NAI) Access-Req (EAP-Identity Resp+ Normal NAI) Access-Challenge (EAP-Identity Req+ Network Info) EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success Subsequent EAP-Identity Request issued by the PWLAN RADIUS Proxy

Nov 10, Subscriber AP PWLAN RADIUS Proxy MN RADIUS Proxy HSN RADIUS Server Association Access-Req (EAP-Start) Access-Challenge (EAP-Identity Req+ Network Info) EAP-Identity Req (Network Info) EAP-Identity Resp (Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Decorated NAI) Access-Req (EAP-Identity Resp+ Normal NAI) More EAP Over RADIUS Exchanges Access-Accept EAP-Success Initial EAP-Identity Request issued by the PWLAN RADIUS Proxy

Nov 10, Data Model Structured as a set of comma-separated attribute names and values Attribute=value, …Attribute=value

Nov 10, “Realms” Attribute The draft defines an attribute for specifying a list of realms corresponding to home or Mediating Networks that are recognized by the PWLAN AN. Example: Realms=gric.com;mnc123.mcc334.3gppnetwork.org

Nov 10, NAI Decoration Format/Syntax Selection Criteria –MUST be compliant with RFC 2486 & RFC 2706 –SHOULD be compliant with majority of the current RADIUS proxies deployed in networks today Alternatives –Prefix-based Syntax; Example: –Suffix-based Syntax; Example:

Nov 10, Next Steps How should we proceed with this draft? –Which WG does this belong to? –Should this be submitted as an individual RFC? Which NAI format and syntax should be used? Resolve upcoming issues

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.