Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jan 2008 Richard Paine, BoeingSlide 1 doc.: IEEE 802.11-08/0120r1 Submission Next Generation Security for 802.11 What is 21 st Century Security? 802.11.

Published byCleopatra Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Jan 2008 Richard Paine, BoeingSlide 1 doc.: IEEE 802.11-08/0120r1 Submission Next Generation Security for 802.11 What is 21 st Century Security? 802.11."— Presentation transcript:

1 Jan 2008 Richard Paine, BoeingSlide 1 doc.: IEEE 802.11-08/0120r1 Submission Next Generation Security for 802.11 What is 21 st Century Security? 802.11 Responsibilities VOIP/VoWLAN Reality Identity Solutions 802.11 Architecture

2 Jan 2008 Richard Paine, BoeingSlide 2 doc.: IEEE 802.11-08/0120r1 Submission Security comes from certainty about "Who, What, Where, When, How and Why". Whatever adds to that certainty increases security, and whatever obscures that certainty decreases security. Certainty is about knowing the neighborhood, including identity, the regulatory domains, location, and surrounding equipment. What is Security?

3 Jan 2008 Richard Paine, BoeingSlide 3 doc.: IEEE 802.11-08/0120r1 Submission Today’s 802.11 Wireless Security Tomorrow’s Security (for P2P VOIP) Fear Knowledge Low Quality Insecure on WLAN High Quality Secure on WLAN X X X Low Quality Insecure on WLAN Insecure on non-802.11 High Quality Secure on WLAN Secure on non-802.11 Near Future 802.11 Wireless Security (w 11k, 11n, 11r, 11s, 11u, 11w, 11y, 11z) X X X X X Insecure on non-802.11 Secure on non-802.11 Low Quality Insecure on WLAN Insecure on non-802.11 High Quality Secure on WLAN Secure on non-802.11 X

4 Jan 2008 Richard Paine, BoeingSlide 4 doc.: IEEE 802.11-08/0120r1 Submission 21 st Century Security Shared medium (all wireless in regulatory domains) Identity Assurance Location Privacy Transition from Fear to Safety Assurance From Spoofing to Identity Protection Uncertainty Protection and Minor Risk Acceptance Weapons of Internet Offense and Defense Reliability Assurance (protection from DOS attacks)

5 Jan 2008 Richard Paine, BoeingSlide 5 doc.: IEEE 802.11-08/0120r1 Submission How 802.11 Fits in 21 st Century Security Leading network standard (11ma, 11k,11n,11r, 11s, 11T, 11u, 11v, 11w, 11y, and 11z) Should be primary to deliver mobility/identity/location privacy/identity protection/uncertainty protection/independent from 802.3 and the Internet Reliability assurance during handoffs (11k and 11r)

6 Jan 2008 Richard Paine, BoeingSlide 6 doc.: IEEE 802.11-08/0120r1 Submission 802.11 Responsibilities 802.11 leadership in an unwired world Independence from previous wired thought VoWLAN – 802.11 issues (QoS, DOS, etc) Transition from ESS to P2P Enabling seamless secure wireless to wired (P2P as in VoWLAN) Enabling identity-based security wireless to wired (P2P as in VoWLAN)

7 Jan 2008 Richard Paine, BoeingSlide 7 doc.: IEEE 802.11-08/0120r1 Submission 802.11 Leadership 802.11 secure wireless (WPA and RSN) Transition to the wired network insecure AP is the source of the transition to the wired

8 Jan 2008 Richard Paine, BoeingSlide 8 doc.: IEEE 802.11-08/0120r1 Submission Previous Thought Security for wireless enough Applications must handle their own security Not the responsibility of the wireless realm 802.11 in prime position to solve the problem

9 Jan 2008 Richard Paine, BoeingSlide 9 doc.: IEEE 802.11-08/0120r1 Submission Future Thinking Security end-to-end will require IEEE 802.11 protocols (mobility and identity) VoWLAN will change the world IETF security not enough (HIP part of SMA) Transition to new thinking about Internet security (P2P) 802.11 should step up to new thinking

10 Jan 2008 Richard Paine, BoeingSlide 10 doc.: IEEE 802.11-08/0120r1 Submission VoWLAN - 802.11 Issues 11u VoWLAN projects – ENUM – ECRIT 11e/WMM discrepancies – Not adequate for widespread VoWLAN – Failure of the QSE proposed 802.11 work 802.11 security only addresses ESS Must address wireless to wired security

11 Jan 2008 Richard Paine, BoeingSlide 11 doc.: IEEE 802.11-08/0120r1 Submission VOIP Reality VOIP will operate over both wired and wireless SIP reality is over both wired and wireless Secure communications is BSS/ESS and VPN (not secure past the VPN server) VOIP to demand secure voice comm IETF working on securing P2P (P2PSIP)

12 Jan 2008 Richard Paine, BoeingSlide 12 doc.: IEEE 802.11-08/0120r1 Submission VoWLAN Reality VoWLAN entering the BSS and ESS via wire VOIP requiring peer-to-peer or end-to-end secure voice communications 802.11 must have an end-to-end and peer-to-peer transition and handoff solution

13 Jan 2008 Richard Paine, BoeingSlide 13 doc.: IEEE 802.11-08/0120r1 Submission End-to-End/Peer-to-Peer Tunnels SSL SIP/HIP (Host Identity Protocol)

14 Jan 2008 Richard Paine, BoeingSlide 14 doc.: IEEE 802.11-08/0120r1 Submission Transition from ESS to P2P Naming and Addressing –IP Addresses vulnerable –MAC addresses vulnerable –PKI Identity-based security associations OK IETF Middlebox Capabilities Potential Solution: AP must have middlebox features –HIP Middlebox possibilities or SSL Tunnel Handoffs

15 Jan 2008 Richard Paine, BoeingSlide 15 doc.: IEEE 802.11-08/0120r1 Submission Enabling Secure P2P – Wired and Wireless Possible Solutions –HIP –Secure Tunnels Security Solutions –IPv6/MIPv6 –Identity Based HIP 802.1x

16 Jan 2008 Richard Paine, BoeingSlide 16 doc.: IEEE 802.11-08/0120r1 Submission Identity-Based P2P HIP –Cryptographic Names/Identifiers –Security Associations –HIP-enabled communications Parity –Need ongoing parity –Overlap in BSS –Changing keys by symbol

17 Jan 2008 Richard Paine, BoeingSlide 17 doc.: IEEE 802.11-08/0120r1 Submission SMA Big Picture VPN WiMAXCellular Intranet Plane SCADAnet Plane Overlay Network Cell Subnet WiMAX Subnet HTTP PROXY Internet Plane VPN Subnet A Subnet B HIP MB AP Middlebox

18 Jan 2008 Richard Paine, BoeingSlide 18 doc.: IEEE 802.11-08/0120r1 Submission Boeing 2007 SMA/HIP Implementation smamobiles Boeing Intranet AAA Server DNS Namespace: mobile.tl.boeing.com Router AP … smaX Msg Brkr Directory DNS WiFi Switch TempCert RA Location Server LPDD HIP SA AP … SMAx VOIP Msg Brkr Directory DNS WiFi Switch TempCert RA Location Server LPDD Smamobiles VOIP HIP SA Boeing PKI Cellular Smamobile HIP SA Internet Robot Controller Robots HIP SA

19 Jan 2008 Richard Paine, BoeingSlide 19 doc.: IEEE 802.11-08/0120r1 Submission AP Middlebox –HIP Names/Identifiers Security Associations HIP-enabled communications Rendezvous Server –Tunnels +

20 Jan 2008 Richard Paine, BoeingSlide 20 doc.: IEEE 802.11-08/0120r1 Submission 802.11 Possibilities Do Nothing Concede an 802.1 P2P enhancement 802.11 SG on P2P 802.11 enhancements 802.11 SG on NG security 11u address P2P in amendment 11u address VoWLAN in E911 Combination of 802.1 and 802.11

21 Nov 2007 Richard Paine, BoeingSlide 21 doc.: IEEE 802.11-07/2787r1 Submission Q&A

Download ppt "Jan 2008 Richard Paine, BoeingSlide 1 doc.: IEEE 802.11-08/0120r1 Submission Next Generation Security for 802.11 What is 21 st Century Security? 802.11."

Similar presentations

Saif Bin Ghelaita Director of Technologies & Standards TRA UAE

Saif Bin Ghelaita Director of Technologies & Standards TRA UAE
Doc.: IEEE 802.11-03/688r0 Submission September 2003 Stephen McCann, Siemens Roke ManorSlide 1 Interworking Update II Stephen McCann, Siemens Roke Manor.

Doc.: IEEE /688r0 Submission September 2003 Stephen McCann, Siemens Roke ManorSlide 1 Interworking Update II Stephen McCann, Siemens Roke Manor.
Doc.: IEEE 802.11-11/0357r0 Submission March 2011 Marc Emmelmann, Fraunhofer FOKUSSlide 1 A focused path torwards TGai D1.0 Date: 2011-03-14 Authors:

Doc.: IEEE /0357r0 Submission March 2011 Marc Emmelmann, Fraunhofer FOKUSSlide 1 A focused path torwards TGai D1.0 Date: Authors:
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.

IPv6 Multihoming Support in the Mobile Internet Presented by Paul Swenson CMSC 681, Fall 2007 Article by M. Bagnulo et. al. and published in the October.
Omniran-13-0040-00-0000 1 3GPP Trusted WLAN Access to EPC Use Case Analysis Date: 2013-05-15 Authors: NameAffiliationPhoneEmail Max RiegelNSN+49 173 293.

Omniran GPP Trusted WLAN Access to EPC Use Case Analysis Date: Authors: NameAffiliationPhone Max RiegelNSN
WIRELESS NETWORKS - A.HARIKA Y5CSO28. INTRODUCTION It refer to a telecommunication networks whose interconnections between nodes is implemented without.

WIRELESS NETWORKS - A.HARIKA Y5CSO28. INTRODUCTION It refer to a telecommunication networks whose interconnections between nodes is implemented without.
Doc.: IEEE 802.11-03/533r0 Submission July 2003 Clint Chaplin, Symbol TechnologiesSlide 1 Proposal for Fast Roam Fast Handoff Study Group Clint Chaplin,

Doc.: IEEE /533r0 Submission July 2003 Clint Chaplin, Symbol TechnologiesSlide 1 Proposal for Fast Roam Fast Handoff Study Group Clint Chaplin,
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Wireless Design for Voice Last Update 2011.06.11 1.0.0 1Copyright 2011 Kenneth M. Chipps Ph.D. www.chipps.com.

Wireless Design for Voice Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
Richard Paine, BoeingSlide 1 doc.: IEEE 802.11-07/757r0 Submission May 2007 Secure Mobile Architecture SMA – Secure Multi-Net Handoff May 2007 SMA Demo.

Richard Paine, BoeingSlide 1 doc.: IEEE /757r0 Submission May 2007 Secure Mobile Architecture SMA – Secure Multi-Net Handoff May 2007 SMA Demo.
Doc.: IEEE 802.11-04/0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.

Doc.: IEEE /0407r0 Submission Andrew Myers, BT Slide 1 March 2004 WLAN Backend System Security and WLAN Interworking Security Andrew Myers British.
IEEE 802.11 Overview and Meshed Networking ELEC6076 Computer Networks Alan Ford

IEEE Overview and Meshed Networking ELEC6076 Computer Networks Alan Ford
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
VoIP over Wireless Networks Router Access Point (AP) AP INTERNET.

VoIP over Wireless Networks Router Access Point (AP) AP INTERNET.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
IEEE Wireless LAN Standard

IEEE Wireless LAN Standard

Similar presentations

Ads by Google