Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mar 22, 2010IETF NEA Meeting1 NEA Working Group (oauth is in Redondo!) IETF 77 Mar 22, 2010 Co-chairs:

Published byPeter Mathews Modified over 8 years ago

Similar presentations

Presentation on theme: "Mar 22, 2010IETF NEA Meeting1 NEA Working Group (oauth is in Redondo!) IETF 77 Mar 22, 2010 Co-chairs:"— Presentation transcript:

1 Mar 22, 2010IETF NEA Meeting1 NEA Working Group (oauth is in Redondo!) IETF 77 Mar 22, 2010 nea[-request@ietf.org http://tools.ietf.org/wg/nea Co-chairs: Steve Hanna shanna@juniper.netshanna@juniper.net Susan Thomsonsethomso@cisco.comsethomso@cisco.com

2 Mar 22, 2010IETF NEA Meeting2 Agenda Review 1300 Administrivia Jabber & Minute scribes Agenda bashing 1305 WG Status 1310 Summary of NEA WG virtual interim meeting 1315 Review PT submissions http://www.ietf.org/id/draft-sangster-nea-pt-tls-00.txt http://www.ietf.org/id/draft-hanna-nea-pt-eap-00.txt http://www.ietf.org/id/draft-cam-winget-eap-nea-tlv-00.txt http://www.ietf.org/id/draft-cam-winget-eap-tlv-00.txt 1330 Discuss MITM attack and counter-measure 1350 Discuss how proposals meet PT requirements 1400 Discuss impact on existing supplicants for EAP-based PT 1405 Discuss feedback from ADs re EAP process 1425 Discuss PT proposals 1440 Consensus Check 1450 Discuss Next Steps 1500 Adjourn

3 Mar 22, 2010IETF NEA Meeting3 WG Status Published as RFC: –PA-TNC: RFC 5792 (Mar 2010) –PB-TNC: RFC 5793 (Mar 2010) Individual PT proposals submitted (Jan 4) Virtual interim NEA WG meeting held (Jan 28)

4 Mar 22, 2010IETF NEA Meeting4 Summary of Interim NEA WG Meeting

5 Mar 22, 2010IETF NEA Meeting5 Agenda Reviewed PT submissions: TLS –http://www.ietf.org/id/draft-sangster-nea-pt-tls-00.txthttp://www.ietf.org/id/draft-sangster-nea-pt-tls-00.txt Reviewed PT submissions: EAP –http://www.ietf.org/id/draft-hanna-nea-pt-eap-00.txthttp://www.ietf.org/id/draft-hanna-nea-pt-eap-00.txt –http://www.ietf.org/id/draft-cam-winget-eap-nea-tlv-00.txthttp://www.ietf.org/id/draft-cam-winget-eap-nea-tlv-00.txt – http://www.ietf.org/id/draft-cam-winget-eap-tlv-00.txt http://www.ietf.org/id/draft-cam-winget-eap-tlv-00.txt Consensus check on adopting proposals as -00 WG drafts Discussed Next Steps

6 Mar 22, 2010IETF NEA Meeting6 Consensus Check Questions Do you support work on TLS-based PT? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result: Yes Do you support adoption of PT-TLS as a -00 WG draft? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result: No consensus

7 Mar 22, 2010IETF NEA Meeting7 Consensus Check Questions Do you support work on EAP-based PT? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result: Yes What should we adopt as EAP-based PT? –EAP-TNC –NEA TLV –Other -> Meeting Result: No consensus

8 Mar 22, 2010IETF NEA Meeting8 Main Issues PT-TLS –Client authentication framework PT-EAP –Trust model, threat and counter-measure NEA-TLV –Disagreement on whether NEA-TLV meets NEA requirements General EAP –Disagreement on dependency on EMU WG

9 Mar 22, 2010IETF NEA Meeting9 Action Items Describe MITM attack and the D-H PN countermeasure. Discuss how proposals meet PT requirements Determine impact on existing supplicants Consult with AD on process for standardizing EAP- based PT.

10 PT-TLS Overview March 22, 201010NEA-WG @ IETF 77

11 March 22, 2010NEA-WG @ IETF 7711 What is PT-TLS? L3 PT Proposal from TCG –Identical to TCG protocol IF-T Binding to TLS NEA Exchange Over TLS –Carried As Application Data –No Change to TLS Meets All Applicable PT Requirements

12 March 22, 2010NEA-WG @ IETF 7712 Use Cases for PT-TLS NEA Assessment on Non-802.1X Network –Legacy Network –Remote Access Large Amount of Data in NEA Assessment –For example, Installed Packages –Unsuitable for EAP Transport Posture Re-assessment or Monitoring After 802.1X Assessment Application Server Needs to Perform NEA Assessment

13 March 22, 2010NEA-WG @ IETF 7713 Three Phases of PT-TLS 1.TLS Handshake –Unmodified 2.Pre-Negotiation –Version Negotiation –Optional Extensible Client Authentication 3.Data Transport –NEA Assessments

14 March 22, 2010NEA-WG @ IETF 7714 PT-TLS Sequence Diagram PT-TLS Initiator PT-TLS Responder TLS Handshake Version Request Version Response Optional Client Authentication PB-TNC Exchange … TLS Closure Alerts

15 March 22, 2010NEA-WG @ IETF 7715 PT-TLS Message Format 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reserved | Message Type Vendor ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message Identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Message Value (e.g. PB-TNC Batch)... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

16 March 22, 2010NEA-WG @ IETF 7716 PT-EAP Overview

17 March 22, 2010NEA-WG @ IETF 7717 What is PT-EAP? L2 PT Proposal from TCG –Identical to TCG protocol EAP-TNC (aka IF-T Protocol Bindings for Tunneled EAP Methods) NEA Exchange Over EAP Tunnel Methods –Supports PEAP, EAP-TTLS, and EAP-FAST –No Change to the EAP Tunnel Methods Meets All PT Requirements

18 March 22, 2010NEA-WG @ IETF 7718 Use Cases for PT-EAP NEA Assessment on 802.1X Network –Consider posture in network access decision –Isolate vulnerable endpoints during remediation –Block or quarantine infected endpoints NEA Assessment during IKEv2 Handshake –Assess posture before granting network access –Isolate vulnerable endpoints during remediation –Block or quarantine infected endpoints

19 March 22, 2010NEA-WG @ IETF 7719 PT-EAP Operation Runs as an inner EAP method –Can be chained with other EAP methods for user or endpoint authentication –Supports key derivation, allowing inner method to be cryptographically tied to tunnel –Supports fragmentation and reassembly, when needed Due to EAP limitations… –Only one packet in flight (half duplex) –Large data transfer not recommended

20 March 22, 2010NEA-WG @ IETF 7720 Three Phases of PT-EAP 1.Optional Diffie-Hellman Pre-Negotiation –Establishes initial key 2.PB-TNC Exchange –NEA Assessments –Hashed into eventual key 3.Optional Key Derivation and Export

21 March 22, 2010NEA-WG @ IETF 7721 PT-EAP Sequence Diagram EAP Peer EAP Authenticator EAP Tunnel Setup Optional D-H Pre-Negotiation PB-TNC Exchange Optional Key Derivation and Export

22 March 22, 2010NEA-WG @ IETF 7722 PT-EAP Message Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Code | Identifier | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Flags | Ver | Data Length * | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data Length * | Data... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * Only when using fragmentation

23 March 22, 2010NEA-WG @ IETF 7723 Pros of PT-EAP EAP method –Works with any EAP Tunnel Method Optional key derivation and export –Allows protection against Asokan attack Equivalent to TCG’s EAP-TNC –Open standard with many implementations –Years of experience and security reviews No external dependencies –Easy to move to Proposed Standard Scalable –Supports PB-TNC messages up to 2^32 – 1 bytes via fragmentation

24 March 22, 2010NEA WG24 EAP-NEA-TLV Nancy Cam-Wingetncamwing@cisco.comncamwing@cisco.com Hao Zhouhzhou@cisco.comhzhou@cisco.com

25 March 22, 2010NEA WG25 EAP TLV Overview

26 Proposal Facilitate the use of an EAP Tunnel Based Method to carry PB-TNC messages EAP Tunnel Based Method provides: –Server authentication MUST be enforced –Mutual authentication SHOULD occur between NEA Client and NEA Server –Protected tunnel to transport PB-TNC messages March 22, 2010NEA WG26

27 March 22, 2010NEA WG27 What is EAP TLV? General container format to facilitate transport of any data (like channel and crypto binding) inside an EAP Tunnel Based Method, for NEA it can also transport PB-TNC messages NEA Use cases: 802.1X or IKEv2 –(NEA) posture assessment in network access decision –Remediation thru isolation of vulnerable endpoints –Quarantine or block infected endpoints

28 EAP NEA TLV Encapsulation 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- |M|R| TLV Type | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | | | PB-TNC Header | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | PB-PA Message.... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

29 EAP Tunnel w/ EAP TLV Protocol Layers Protected Tunnel PB-TNC EAP-TLV Encapsulation (TLVs) Cleartext Headers Tunnel establishment (e.g. TLS) Tunnel Based EAP method EAP Carrier Protocol (EAPOL, RADIUS, Diameter, etc.) Lower to Upper layers →

30 EAP + NEA Potential Sequencing AS Peer EAP ID Request EAP ID Response EAP Method Tunnel Establishment EAP-Tunnel Method Start EAP-NEA-TLV ( PB-TNC Header (PB-TNC Message (PA-TNC Message…..) )

31 March 22, 2010NEA WG31 Features of EAP NEA TLV EAP NEA TLV: – simple construct used inside EAP tunnel – flexible and extensible construction to transport NEA messages – if keying material is needed, can use RFC 5705 Relies on EAP Tunneled Method to: –Provide mutual authentication either during tunnel establishment or through an inner EAP (authentication) method (or both) –Addresses MITM considerations through crypto binding –Provide confidentiality and integrity thru the protected tunnel –Provide fragmentation and reassembly, detect duplicates, and reorder EAP features: –Half Duplex (only one packet at a time) –Simple congestion control (thru half duplex property) –Works in both 802.1X and IKEv2

32 March 22, 2010NEA-WG @ IETF 7732 Asokan Attack on NEA: Explanation and Countermeasure

33 Basic Asokan Attack March 22, 2010NEA-WG @ IETF 7733

34 Crypto Binding Countermeasure March 22, 2010NEA-WG @ IETF 7734

35 Asokan Attack on NEA March 22, 2010NEA-WG @ IETF 7735

36 Crypto Binding Countermeasure March 22, 2010NEA-WG @ IETF 7736

37 Crypto Bindings Required RFC 5209 C-3NEA protocols including security capabilities MUST be capable of protecting against active and passive attacks by intermediaries and endpoints including prevention from replay based attacks. draft-ietf-emu-eaptunnel-req-05.txt The tunnel method MUST provide a mechanism to bind the tunnel protocol and the inner EAP method. This property is referred to as cryptographic binding. Such bindings are an important tool for mitigating the tunnel MitM attacks on tunnel methods [TUNNEL-MITM]. Cryptographic bindings enable the complete prevention of tunnel MitM attacks without the need of additional security policies as long as the inner method derives keys and is not vulnerable to attacks outside a protected tunnel [KHLC07]. Even though weak or non-key deriving inner methods may be permitted, and thus security policies preventing tunnel MitM attacks are still necessary, the tunnel method MUST provide cryptographic bindings, because only this allows migrating to more secure, policy-independent implementations. March 22, 2010NEA-WG @ IETF 7737

38 Crypto Bindings Provided by D-H PN NEA Client and Server Run D-H Exchange –Both Sides Derive D-H Shared Secret (DHS) –Create Two Hashes from DHS: UV-1 = HASH(“1” | C-Nonce | S-Nonce | DHS) UV-2 = HASH(“2” | C-Nonce | S-Nonce | DHS) UV-1 Used in TPM Exchange Both Sides Compute Running Hash –UV-2 = HASH(UV-2 | HASH(PB Message)) Export UV-2 from PT-EAP Method –Tunnel Method Mixes UV-2 Into CTK and Confirms Mutual Knowledge of CTK March 22, 2010NEA-WG @ IETF 7738

39 Protocol Requirements 8.3.1 NEA Requirements on MITM : “For example, the requirement for PT to be capable of supporting mutual authentication prior to any endpoint assessment message dialogs prevents the attacker from inserting themselves as an active participant (proxy) within the communications without detection (assuming attacker lacks credentials convincing either party it is legitimate). …. The PT requirement for confidentiality protected (encrypted) communications linked to the above authentication prevents a passive MITM from eavesdropping by observing the message dialog and keeping a record of the conformant posture values for future use. “ Requirement suggests appropriate crypto binding between the tunnel establishment and the authentication exchange Requirement suggests protected tunnel is sufficient to address MITM March 22, 201039NEA WG

40 What are the PT security requirements? Inconsistent security threat models: –PT-TLS abides by 8.3.1 NEA security considerations while PT-EAP presents proposal for addressing MITM Generating keying material with unauthenticated Diffie-Hellman does not necessarily address MITM If keying material is needed, other methods exist, e.g. RFC 5705 March 22, 2010NEA WG40

41 March 22, 2010NEA-WG @ IETF 7741 Discussion

42 March 22, 2010NEA-WG @ IETF 7742 How Protocols Meet NEA Requirements

43 NEA Protocol Requirements C-1 NEA protocols MUST support multiple round trips between the NEA Client and NEA Server in a single assessment. C-2 NEA protocols SHOULD provide a way for both the NEA Client and the NEA Server to initiate a posture assessment or reassessment as needed. C-3 NEA protocols including security capabilities MUST be capable of protecting against active and passive attacks by intermediaries and endpoints including prevention from replay based attacks. C-4 The PA and PB protocols MUST be capable of operating over any PT protocol C-5 The selection process for NEA protocols MUST evaluate and prefer the reuse of existing open standards that meet the requirements before defining new ones. The goal of NEA is not to create additional alternative protocols where acceptable solutions already exist. C-6 NEA protocols MUST be highly scalable; the protocols MUST support many Posture Collectors on a large number of NEA Clients to be assessed by numerous Posture Validators residing on multiple NEA Servers. C-7 The protocols MUST support efficient transport of a large number of attribute messages between the NEA Client and the NEA Server. C-8 NEA protocols MUST operate efficiently over low bandwidth or high latency links. C-9 For any strings intended for display to a user, the protocols MUST support adapting these strings to the user's language preferences. C-10 NEA protocols MUST support encoding of strings in UTF-8 format [UTF8]. C-11 Due to the potentially different transport characteristics provided by the underlying candidate PT protocols, the NEA Client and NEA Server MUST be capable of becoming aware of and adapting to the limitations of the available PT protocol

44 January 28, 2010NEA WG44 PT Requirements PT-1 The PT protocol MUST NOT interpret the contents of PB messages being transported, i.e., the data it is carrying must be opaque to it. PT-2 The PT protocol MUST be capable of supporting mutual authentication, integrity, confidentiality, and replay protection of the PB messages between the Posture Transport Client and the Posture Transport Server PT-3 The PT protocol MUST provide reliable delivery for the PB protocol. This includes the ability to perform fragmentation and reassembly, detect duplicates, and reorder to provide in-sequence delivery, as required. PT-4 The PT protocol SHOULD be able to run over existing network access protocols such as 802.1X and IKEv2 PT-5 The PT protocol SHOULD be able to run between a NEA Client and NEA Server over TCP or UDP (similar to Lightweight Directory Access Protocol (LDAP)) PT-6 The PT protocol MUST be connection oriented; it MUST support confirmed initiation and close down. PT-7 The PT protocol MUST be able to carry binary data. PT-8 The PT protocol MUST provide mechanisms for flow control and congestion control. PT-9 PT protocol specifications MUST describe the capabilities that they provide for and limitations that they impose on the PB protocol (e.g. half/full duplex, maximum message size).

45 PT-TLS Claims Meets All Applicable NEA Requirements March 22, 2010NEA-WG @ IETF 7745

46 PT-EAP Claims Meets All Applicable NEA Requirements But… –NEA Server Can’t Initiate Reassessment Except With Disconnect-Request or EAPOL-Logoff Only a SHOULD, Not Expected of L2 Protocols 802.1X Limit –Can’t run over TCP or UDP Except With PANA Only a SHOULD, Not Expected of L2 Protocols 802.1X Limit March 22, 2010NEA-WG @ IETF 7746

47 NEA Protocol Requirements January 28, 2010NEA WG47

48 PT Requirements

49 Discussion Mar 22, 2010IETF NEA Meeting49

50 Concerns with PT-EAP Draft currently: –Relies on TPM –Defines interdependency between PT and TPM which is undefined Requirement claims: –Doesn’t Meet C-5: not an existing open standard Dependency claims similar to nea-eap-tlv: –Requires a Tunneled EAP method March 22, 2010NEA WG50

51 Concerns re EAP-NEA-TLV Doesn’t Meet C-5 –Not an Existing Open Standard Doesn’t Meet C-7 –Limited to 2^16 – 1 Bytes Doesn’t Meet PT-2 –No Protection Against Asokan Attack Doesn’t Meet PT-3 –No Support for Fragmentation Normative Reference to EAP-TLV –Just a -00 Independent Submission March 22, 2010NEA-WG @ IETF 7751

52 Mar 22, 2010IETF NEA Meeting52 Impact on Existing Supplicants

53 Impact on existing supplicants Consulted with several vendors Consensus is can be implemented either way March 22, 2010NEA-WG @ IETF 7753

54 Mar 22, 2010IETF NEA Meeting54 Feedback from ADs re EAP Process

55 Feedback from AD re EAP process Question: –Do we need to wait for a standards track EAP tunnel method? AD Response –No, you don’t need to wait. You can go forward with a standards track PT protocol. –Can publish Informational RFCs on tunnel-method specific bindings, if necessary –Can ask EMU WG to accelerate EAP-TLV, if needed March 22, 2010NEA-WG @ IETF 7755

56 Mar 22, 2010IETF NEA Meeting56 PT Protocol Discussion

57 Mar 22, 2010IETF NEA Meeting57 Consensus Check Questions

58 Mar 22, 2010IETF NEA Meeting58 Consensus Check Questions Do you support work on TLS-based PT? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result: Do you support adoption of PT-TLS as a -00 WG draft? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result:

59 Mar 22, 2010IETF NEA Meeting59 Consensus Check Questions Do you support work on EAP-based PT? –Yes –No –Defer (decision pending some further action taking place) -> Meeting Result: What should we adopt as EAP-based PT? –EAP-TNC –NEA TLV –Other -> Meeting Result:

60 Mar 22, 2010IETF NEA Meeting60 Next Steps TBD

Download ppt "Mar 22, 2010IETF NEA Meeting1 NEA Working Group (oauth is in Redondo!) IETF 77 Mar 22, 2010 Co-chairs:"

Similar presentations

Doc.: IEEE 802.11-04/1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
November 9, 2009IETF 76 NEA WG1 NEA Working Group IETF 76 Co-chairs: Steve Hanna

November 9, 2009IETF 76 NEA WG1 NEA Working Group IETF 76 Co-chairs: Steve Hanna
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.

TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,

IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.

NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.
Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.

Requirements for DSML 2.0. Summary RFC 2251 fidelity Represent existing directory protocols with new transport syntax Backwards compatibility with DSML.
Michal Rapco 05, 2005 Security issues in Wireless LANs.

Michal Rapco 05, 2005 Security issues in Wireless LANs.
Comparative studies on authentication and key exchange methods for 802.11 wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Eugene Chang EMU WG, IETF 70

Eugene Chang EMU WG, IETF 70
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
OV 12 - 1 Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Similar presentations

Ads by Google