Route Optimization and Location Privacy using Tunneling Agents ROTA draftwenigerrota01 Kilian Wenige

1
Route Optimization and Location Privacy using
Tunneling Agents (ROTA) draft-weniger-rota-01
Kilian Weniger, Takashi Aramaki
IETF 64, Nov 2005
2
Background

• Location privacy is the ability to prevent other
  parties from learning one's current or past
  location. In order to get such ability, the
  mobile node must conceal any relation between its
  location and the personal identifiable
  information draft-haddad-momipriv-problem-statem
  ent-02
• draft-ietf-mip6-location-privacy-ps-00
  describes IP address location privacy problem in
  MIPv6 context and identifies two main problems
• disclosure of CoA to CN
• revealing HoA to eavesdropper
• Our draft addresses problem 1
• Proposed solutions for this problem
• reverse tunneling
• HMIPv6

3
Problem definition and scenario

• Problem
• Providing location privacy and optimized routing
  simultaneously
• location privacy in terms of hiding location from
  CN
• Scenario
• Mobile-to-mobile communication (e.g., VoIP)
• Both users request location privacy
• Both users have different home networks and are
  away from home

MN1s HA

MN2s HA
MN1
MN2
Fig Example scenario
4
Reverse tunneling in given scenario

• Reverse tunneling to HA
• CoA is hidden from CN, but
• optimized routing cannot be provided

MN1s HA

MN2s HA
MN1
MN2
Fig Data path in case of reverse tunneling
5
Reverse tunneling in given scenario

• Reverse tunneling bootstrapping with local HAs
  (integrated scenario)
• CoA is hidden from CN and optimized routing is
  provided, but
• potential to compromise location privacy since
  HoA contains location information
• however, CN would have to know that MNs HA is
  local
• granularity of location information depends on
  location of local HA

MN1s HA(local)
MN2s HA(local)
MN1
MN2
Fig Data path in case of reverse tunneling
after bootstrapping with local HAs
6
HMIPv6 in given scenario

• HMIPv6
• (L)CoA is hidden from CN and optimized routing
  can be provided, but
• location privacy support is limited, since RCoA
  is disclosed
• granularity of location information depends on
  location of MAP

MN1s HA

MN2s HA
MAP
MAP
MN1
MN2
Fig Data path in HMIPv6 route optimization mode
7
Summary

• MIPv6 can provide limited support for
  simultaneous location privacy and optimized
  routing
• location privacy in terms of hiding MNs
  location from CN

8
Possible approach for improving location privacy
and optimized routing support

• (Optional) route optimization by reverse
  tunneling to Tunneling Agents (TA)
• TA is outside of home link
• TA maintains bindings for HoAs not matching TA
  prefix
• MNs home link (and HoA) does not change
• TA can e.g. be co-located with
• MN1s HA or MN2s HA
• local HA or MAP

Binding Cache HoAMN2?CoAMN2 (H) HoAMN1?CoAMN1 (TA)

MN1s HA

MN2s HA/ MN1s TA
Binding Cache HoAMN1?CoAMN1 (H)
MN1
MN2
Fig Data path in case TA is co-located
with MNs HA
9
Possible approach for improving location privacy
and optimized routing support

• (Optional) route optimization by reverse
  tunneling to Tunneling Agents (TA)
• TA is outside of home link
• TA maintains bindings for HoAs not matching TA
  prefix
• MNs home link (and HoA) does not change
• TA can e.g. be co-located with
• MN1s HA or MN2s HA
• local HA or MAP

MN1s HA

MN2s HA
MN1
MN2
Fig Data path in case TA is co-located
with local HAs/MAPs
10
Questions

• Is there interest in improving MIPv6 support for
  simultaneous location privacy and optimized
  routing?
• location privacy in terms of hiding MNs
  location from CN
• How to proceed?
• Other comments?