Presentation is loading. Please wait.

Presentation is loading. Please wait.

Media-Independent Pre-authentication (MPA) Framework

Published byKelley Pearson Modified over 6 years ago

Similar presentations

Presentation on theme: "Media-Independent Pre-authentication (MPA) Framework"— Presentation transcript:

1 Media-Independent Pre-authentication (MPA) Framework
draft-ohba-mobopts-mpa-framework-04.txt Ashutosh Dutta Victor Fajardo Yoshihiro Ohba Kenichi Taniuchi Henning Schulzrinne (See also draft-ohba-mobopts-mpa-implementation-03.txt for performance results)

2 Media-independent Pre-Authentication (MPA)
MPA is a mobile-assisted higher-layer authentication, authorization and handover scheme that is performed before establishing L2 connectivity to a network where mobile may move in near future MPA provides a secure and seamless mobility optimization that works for Inter-subnet handoff, Inter-domain handoff and Inter-technology handoff MPA works with any mobility management protocol AP Switching Client Authentication IP address configuration & IP handover AP Discovery Conventional Method Time Pre-authentication MPA Time Packet Loss Period

3 MPA Phases Pre-authentication: EAP pre-authentication to CTN (Candidate Target Network) Pre-configuration: Proactive IP address acquisition from CTN Pre-switching: L3 HO execution over MN-nAR tunnel Switching: L2 handover Post-switching: Tunnel deletion Not all MPA phases have to be executed and can be replaced with other mechanisms MPA Operation can stop at phase 1 (pre-auth only) or at phase 2 (pre-auth + pre-authorization),

4 Proactive Handover Tunnel in pre-switching phase
Home Network HA CN BU Tunneled Data AR Serving Network Target Network MN

5 Investigated Issues Operational Issues: Pre-Authorization techniques:
Pre-authentication to multiple Candidate Target Networks Tunnel management Ping-pong considerations Authentication state management Packet loss prevention techniques: Buffering, reachability test Authentication in initial network attachment Link-layer security and mobility (see mpa-implementation draft for results) Pre-Authorization techniques: Proactive IP address acquisition (IKEv2,DHCP,stateless autoconf, etc.) Proactive DAD / Address resolution issues Pre-allocation of QoS resources (for both end-to-end and edge network) Co-existence with other mobility management protocols MIPv4 FA-CoA, ProxyMIPv6, FMIPv6 In some case, proactive handover tunnel is terminated at serving AR instead of MN For ProxyMIPv6 + MPA, see draft-taniuchi-netlmm-mpa-proxymipv6-00.txt Multicast mobility

6 Applicability Statement Added
MPA is categorized as a proactive handover optimization mechanism. In other words, MPA is more applicable where an accurate prediction of movement can be easily made Even if accurate prediction of movement is easily made, effectiveness of MPA may be relatively reduced if the network employs network-controlled localized mobility management in which the MN does not need to change its IP address while moving within the network. Effectiveness of MPA may also be relatively reduced if signaling for network access authentication is already optimized for movements within the network, e.g., when simultaneous use of multiple interfaces during handover is allowed In other words, MPA is most viable solution for inter-administrative domain predictive handover without simultaneous use of multiple interfaces An administrative domain (or a domain hereafter) is a logical network that is administered by a single authority using its own authentication and authorization mechanisms

7 Focus on inter-domain handover optimization
Problem Statement: Inter-domain handover optimization cannot be solved solely by existing mobility management protocols Requires SA between mobility agents across domains Different domains may use different M-M protocols (e.g., CMIPPMIP handover optimization) MPA’s ability to work across multiple-domains can enhance performance of inter-domain handover MPA as a helper for existing M-M protocols for inter-domain handover More focus on pre-authorization and proactive handover tunneling part of MPA for inter-domain handover optimization Pre-authentication signaling is being discussed in IETF / IEEE Possible Research topics: Co-existence with FMIPv6, PMIP and for inter-domain handover optimization

8 Summary The draft has been presented 4 times since IETF62
Feedback from the members has been reflected Experimental results have been shown in the past (MPA with MIPv6, MPA with bootstrapping L2sec, etc.) Possible direction: focus on pre-authorization and proactive handover tunneling part of MPA for inter-domain handover Possible Research topics: Co-existence with FMIPv6, PMIP and for inter-domain handover optimization We are willing to commit to work on this topic and provide more experimental results

9 Thank You!

Download ppt "Media-Independent Pre-authentication (MPA) Framework"

Similar presentations

Handover Management for Mobile Nodes in IPv6 Networks Nicolas Montavont and Thomas Noël, IEEE Communications Magazine, August 2002 Speaker:

Handover Management for Mobile Nodes in IPv6 Networks Nicolas Montavont and Thomas Noël, IEEE Communications Magazine, August 2002 Speaker:
MIP Extensions: FMIP & HMIP

MIP Extensions: FMIP & HMIP
Network Research Lab. Sejong University, Korea Jae-Kwon Seo, Kyung-Geun Lee Sejong University, Korea.

Network Research Lab. Sejong University, Korea Jae-Kwon Seo, Kyung-Geun Lee Sejong University, Korea.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
1 Mobility Management for All-IP Mobile Networks: Mobile IPv6 vs. Proxy Mobile IPv6 Ki-Sik Kong; Wonjun Lee; Korea University Youn-Hee Han; Korea university.

1 Mobility Management for All-IP Mobile Networks: Mobile IPv6 vs. Proxy Mobile IPv6 Ki-Sik Kong; Wonjun Lee; Korea University Youn-Hee Han; Korea university.
Distributed mobility management in the context of the MEDIEVAL project MEVICO Final Seminar, part 2 23 rd November 2012 Carlos J. Bernardos, UC3M

Distributed mobility management in the context of the MEDIEVAL project MEVICO Final Seminar, part 2 23 rd November 2012 Carlos J. Bernardos, UC3M
Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.

AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
A Seamless Handoff Approach of Mobile IP Protocol for Mobile Wireless Data Network. 資研一 黃明祥.

A Seamless Handoff Approach of Mobile IP Protocol for Mobile Wireless Data Network. 資研一 黃明祥.
Inter-Subnet Mobile IP Handoffs in 802.11b Wireless LANs Albert Hasson.

Inter-Subnet Mobile IP Handoffs in b Wireless LANs Albert Hasson.
1 DHCP-based Fast Handover protocol NTT Network service systems laboratories 2005. 3. 10 Takeshi Ogawa draft-ogawa-fhopt-00.txt 62nd IETF - Minneapolis.

1 DHCP-based Fast Handover protocol NTT Network service systems laboratories Takeshi Ogawa draft-ogawa-fhopt-00.txt 62nd IETF - Minneapolis.
DAD Optimization Youn-Hee Han Samsung Advanced Institute of Technology 57 th IETF, Vienna, Austria July 13-18, 2003.

DAD Optimization Youn-Hee Han Samsung Advanced Institute of Technology 57 th IETF, Vienna, Austria July 13-18, 2003.
AAA-Mobile IPv6 Frameworks Alper Yegin IETF 62. 2 Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.

AAA-Mobile IPv6 Frameworks Alper Yegin IETF Objective Identify various frameworks where AAA is used for the Mobile IPv6 service Agree on one (or.
Formal Approach to Mobility Modeling IETF 78 – IRTF MOBOPTS Ashutosh Dutta Bryan Lyles Henning Schulzrinne 1.

Formal Approach to Mobility Modeling IETF 78 – IRTF MOBOPTS Ashutosh Dutta Bryan Lyles Henning Schulzrinne 1.
67 th IRTF MOBOPTS – 1 Media Independent Pre-Authentication and Implementation (draft-ohba-mobopts-mpa-framework-03.txt) (draft-ohba-mobopts-mpa-implementation-03.txt)

67 th IRTF MOBOPTS – 1 Media Independent Pre-Authentication and Implementation (draft-ohba-mobopts-mpa-framework-03.txt) (draft-ohba-mobopts-mpa-implementation-03.txt)
Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia.

Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia.
Introducing Reliability and Load Balancing in Home Link of Mobile IPv6 based Networks Jahanzeb Faizan, Mohamed Khalil, and Hesham El-Rewini Parallel, Distributed,

Introducing Reliability and Load Balancing in Home Link of Mobile IPv6 based Networks Jahanzeb Faizan, Mohamed Khalil, and Hesham El-Rewini Parallel, Distributed,
50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)

50 th IETF BURP BOF, March 20, 2001 Applicability of a User Registration Protocol Yoshihiro Ohba (Toshiba America Research, Inc.) Henry Haverinen (Nokia)
IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-11-0045-00-0000 Title: Distributed Mobility Management using IEEE 802.21 Date Submitted: March 16, 2011.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Distributed Mobility Management using IEEE Date Submitted: March 16, 2011.
IEEE P802 Handoff ECSG Submission May 2003 Paul Lin, Intel Corp Proposed Problem and Scope Statements for Handoff ECSG Huai-An (Paul) Lin Intel Corp. May.

IEEE P802 Handoff ECSG Submission May 2003 Paul Lin, Intel Corp Proposed Problem and Scope Statements for Handoff ECSG Huai-An (Paul) Lin Intel Corp. May.

Similar presentations

Ads by Google