802 Handoff LinkSec Handoff Issues? - PowerPoint PPT Presentation

About This Presentation
Title:

802 Handoff LinkSec Handoff Issues?

Description:

... application to 802 standards, wired and wireless ... Laptop undocks. Needs to make a timely decision to switch to 802.11 and attach to a suitable AP. ... – PowerPoint PPT presentation

Number of Views:30
Avg rating:3.0/5.0
Slides: 16
Provided by: david2428
Learn more at: https://grouper.ieee.org
Category:
Tags: linksec | do | handoff | how | issues | laptop | make | my | wireless

less

Transcript and Presenter's Notes

Title: 802 Handoff LinkSec Handoff Issues?


1
802 HandoffLinkSec Handoff Issues?
  • David Johnston
  • david.johnston_at_ieee.org
  • dj.johnston_at_intel.com

2
First Session of 802 Handoff ECSG Launched, May
2003
  • Attendance
  • Monday 30
  • Tuesday 19
  • Thursday 22
  • Total Attendance 45
  • 29 Separate organizations represented

3
Officers
  • Chair
  • David Johnston, Intel
  • Reluctant Recording Secretary
  • Paul Lin, Intel
  • Vice Chair
  • None, volunteers welcome

4
Charter
  • Consider the possibility of specifying a common
    handoff framework application to 802 standards,
    wired and wireless
  • Consider placement of work (In a new working
    group or 802.1)
  • Authorized to draft a PAR

5
Objectives
  • Define scope and requirements
  • May work with all MACs and PHYs
  • Without unnecessary overhead
  • 802.x ? 802.y (where x could equal y)
  • 802.x ? non 802
  • Consider how to address Authentication and
    Security
  • Within the PAR? Coordinated with Link Security
    group
  • Specify a framework that 802 MACs can adopt
  • MAC SAP Messages
  • MIB Entries
  • Other?

6
What it is not
  • It is not proposed to implement a protocol for
    handoff
  • We are at the link layer. What are we handing
    off?
  • Entire problem cannot be solved at layer 2
  • So this is not a handoff standard!

7
Scenario
  • Multi interfaced device
  • Docked Laptop with 802.3, 802.11 and 802.16e
  • Mobile IP session being used for VoIP and web
    traffic
  • Laptop undocks
  • Needs to make a timely decision to switch to
    802.11 and attach to a suitable AP.
  • Existing traffic should suffer minimum
    interruption
  • Laptop moves out of building
  • Needs to make a timely decision to switch to
    802.16e and choice a suitable BS
  • Existing traffic should suffer minimum
    interruption

8
What it is
  • Focus is on
  • Enabling good handoff decisions
  • Handoff decision data with interface
  • Signaling appropriately to L3 handoff capable
    entities
  • L2 triggers
  • Wired and Wireless
  • 802.3 to 802.11/15/16 are important cases

9
(very) Simplified Anatomy of a Handoff
  • Something somewhere up the stack agrees, in its
    own way to handoff from one place to another
  • E.G. Mobile IP
  • Consequently, down at the link layer, an
    attachment switches from one place to another
  • Association-authentication-authorization in one
    of several possible orders and flavors
  • Either by picking a new attachment point for an
    interface, or picking a new interface

10
The blocking behavior of 802.1x
  • 802.1x allows access to the MAC
  • Blocks access to all LSAPs above the LLC except
    for EAPoL until authentication has completed
  • So only MAC signalling and EAP available prior to
    authentication
  • This takes advantage of the common MSDU transport
    capability of different 802 networks.
  • A mechanism applicable to diverse 802 network
    types could not be codified in existing MAC
    signaling or EAP
  • So current 802 authentication practice impacts on
    the transfer of handoff related information prior
    to authentication

11
Pre auth Requirements
  • Prior to attempting to authenticate, the mobile
    node may want to know whether it is worth the
    effort
  • Does the AP support my L3 network needs?
  • Do I have a payment method, auth protocol,
    subscription that will work on the candidate AP?
  • Can my QoS needs be met?
  • It would be nice for the conduit for this
    information
  • To not be blocked prior to authentication
  • To be applicable to diverse 802 network types
    (MSDU transport)

12
Extending the auth model be extended to support
Handoff
  • Extend set of pre authentication unblocked things
    from
  • MAC signalling
  • EAPoL
  • To
  • MAC signalling
  • EAPol
  • Non sensitive handoff related data

13
For Example
  • Extend the unblocked fork of 802.1x

EAPoL
Non Sensitive Handoff Information/ Protocol/negoti
ation
L3
L3
L3
L3
802.2
802.2
14
So One requirement
  • Dont make it impossible for the definition of
    the distribution of media independent handoff
    decision data prior to authentication
  • Allows mobile nodes to handoff based on good
    information
  • Enables mobile nodes to choose who they should
    bother authenticating to.

15
Port AID?!
  • In 802.11 the port is defined to be attached to
    an association
  • Prevents authentication before association
  • Is a problem for 802.11 if you have handoff
    decision data on the uncontrolled port
  • Increases time to access handoff data
  • Leaves only the beacon for public data before
    auth
  • Limited in size,
  • Unsafe to extend
  • Not common across 802
  • Can the port not be per mobile part MAC address
    or some such thing?
Write a Comment
User Comments (0)
About PowerShow.com