Docstoc

11-06-0353-00-0wng-ist-oban-project

Document Sample
11-06-0353-00-0wng-ist-oban-project Powered By Docstoc
					March 2006                                                                                                                 doc.: IEEE 802.11-06/0353r0

   [A presentation of the OBAN concept
 An IST Project under EC’s 6th framework]
Authors:                                                                 Date: 2006-03-07
Name                                  Company                             Address         Phone                                                           email
Thomas                                Telenor R&D                          Snarøyveien 30,                               +4797082034                      Thomas.Haslestad@teleno
                                                                                                                                                          r.com
Haslestad                                                                  1331 Fornebu,
                                                                           Norway
Einar Edvardsen                       Telenor R&D                          Snarøyveien 30,                               +4791529029                      Einar.edvardsen@telenor.
                                                                                                                                                          com
                                                                           1331 Fornebu,
                                                                           Norway
Tor-Hjalmar                           Telenor R&D                          Snarøyveien 30,                               +4797542737                      Tor-
                                                                                                                                                          Hjalmar.johannessen@tel
Johannessen                                                                1331 Fornebu,                                                                  enor.com
                                                                           Norway
Notice: This document has been prepared to assist IEEE 802.11. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in
this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.

Release: The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE
Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit
others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.11.

Patent Policy and Procedures: The contributor is familiar with the IEEE 802 Patent Policy and Procedures <http:// ieee802.org/guides/bylaws/sb-bylaws.pdf>, including the statement
"IEEE standards may include the known use of patent(s), including patent applications, provided the IEEE receives assurance from the patent holder or applicant with respect to patents
essential for compliance with both mandatory and optional portions of the standard." Early disclosure to the Working Group of patent information that might be relevant to the standard is
essential to reduce the possibility for delays in the development process and increase the likelihood that the draft publication will be approved for publication. Please notify the Chair
<stuart.kerry@philips.com> as early as possible, in written or electronic form, if patented technology (or technology under patent application) might be incorporated into a draft standard being
developed within the IEEE 802.11 Working Group. If you have questions, contact the IEEE Patent Committee Administrator at <patcom@ieee.org>.


Submission                                                                                  Slide 1                                      Thomas Haslestad et al, Telenor R&D
March 2006                            doc.: IEEE 802.11-06/0353r0


                       Abstract

 • This presentation introduces the concept of OBAN
   (Open Broadband Access Network), an European
   funded project under the IST 6th framework program.

 • The presentation focus on the mobility architecture and
   the challenges and potential solutions for fast
   handovers.




Submission                  Slide 2        Thomas Haslestad et al, Telenor R&D
March 2006                            doc.: IEEE 802.11-06/0353r0




             Open Broadband Access Networks
               IST 6FP Contract No 001889


                   Project Presentation




Submission                Slide 3           Thomas Haslestad et al, Telenor R&D
March 2006                                              doc.: IEEE 802.11-06/0353r0


                             OBAN in brief
 Duration: 3 years               2004/1 – 2006/12
 Budget/EC cont:                 11/5 M€

 14 partners coordinated by Telenor
 • 4 telecom operators
      (Telenor, Telefonica, Swisscom, France Telecom)

 • 6 industrial partners
      (Lucent(NL), Birdstep(N), ObexCode(N),
      Motorola(I), EuroConcepts(I), Lucent(UK)
 • 3 universities/institutes
      Sintef(N), Techn. Univ. Berlin(D), ISMB(I)
 • 1 national telecom regulator
      NPT(N)


Submission                                 Slide 4           Thomas Haslestad et al, Telenor R&D
March 2006                                     doc.: IEEE 802.11-06/0353r0


                               Main objective
             By-passing user




   To explore how a high performance broadband mobile network
   based upon wireless LAN technology and unused
   capacity in the fixed access networks can be established


Submission                           Slide 5        Thomas Haslestad et al, Telenor R&D
March 2006                            doc.: IEEE 802.11-06/0353r0


                   Rational behind
 • Most users will in few years have broadband access
   over the fixed network
 • The capacity of these access line is poorly exploited
 • Wireless LAN technology is getting popular as the
   dominant home networking technology.
 • Wireless LANs have large capacity and are often
   poorly exploited
 • OBAN intends to investigate how the public can obtain
   access to these resources and what kind of services can
   be provided over this network.


Submission                  Slide 6        Thomas Haslestad et al, Telenor R&D
  March 2006                                           doc.: IEEE 802.11-06/0353r0


                        Rational behind (cont’d)
                                                            No of
                                                            base
                                                            station
                                                            s

                                                           >100 000
                                                           (Norway)
 Coverage per base station in mobile networks:
 • GSM (14 kb/s) - 50 km2 (r < 4 km)
 • UMTS1 (384 kb/s) - 3 km2 (r < 1 km)
 • UMTS2 (2 Mb/s) - 1 km2 (r < 600 m)
 • 4G (< 20 Mb/s) - 0,03 km2 (r < 100 m)



                                                          GSM    1       2   4G
                                                                      UMTS

The high number of base stations in broadband mobile networks requires a
new broadband infrastructure to feed all base stations. The required invest-
ments will therefore be extremely high. The OBAN project introduces an
alternative way to achieve the same, but at much lower cost.
 Submission                                  Slide 7        Thomas Haslestad et al, Telenor R&D
March 2006                           doc.: IEEE 802.11-06/0353r0

                 Areas of foci to
             reach the main objective
 Security:   because we are opening up today’s privately
             disposed access lines and wireless LANs
             for public use
 Mobility:   because we need to know what degree of
             mobility can be provided in areas of randomly
             located WLAN access points connected over
             the fixed networks access lines
 QoS:        because we want to know how to provide QoS
             to users in a heterogeneous network composed
             by technologies with limited QoS abilities


Submission                 Slide 8        Thomas Haslestad et al, Telenor R&D
March 2006                              doc.: IEEE 802.11-06/0353r0

                 Areas of foci to
             reach the main objective

 3G/B3G        to explore and evaluate how the OBAN concept
               can be integrated with the 3G/B3G visions.
 Coverage:     to estimate potential coverage and capacity of an
               OBAN network. Smart antennas are investigated
               in order to improve network performance
 Commercial: to investigate how the OBAN concept may be
             utilised commercially and how legal and
             regulatory issues may affect deployment in large
             scale


Submission                   Slide 9         Thomas Haslestad et al, Telenor R&D
March 2006                           doc.: IEEE 802.11-06/0353r0

                 Areas of foci to
             reach the main objective

 The RG      is the key component in the system and need
             extensive investigation through implementation
             to verify the concept




Submission                Slide 10        Thomas Haslestad et al, Telenor R&D
March 2006                                                doc.: IEEE 802.11-06/0353r0

                          ..the wireless RG..
                     ..a key component in the concept


                                         Local traffic (inhouse and external)
  GSM, UMTS, ….




                                                    Broadband access line (xDSL)
                               wRG

                  Guest


                                                 Open Access capacity




                                                Concept associated patent: 03754318.8-2416-NO0300339
Submission                           Slide 11                     Thomas Haslestad et al, Telenor R&D
March 2006              doc.: IEEE 802.11-06/0353r0




Submission   Slide 12        Thomas Haslestad et al, Telenor R&D
March 2006                                doc.: IEEE 802.11-06/0353r0

             The concept contains numerous challenges

 • How to match QoS in the legacy network with what can
   be achieved in a wireless LAN and while traversing
   from RG to RG ?
 • Mobility aspects – nomadic or continuous mobility
 • Security and authentication
 • Roaming agreements between
   – different network operators – owners of RGs
 • How to deal with the large variety of terminals ?
 • Interference between RGs and with other equipment –
   frequency planning
 • Business models and commercial aspects


Submission                     Slide 13        Thomas Haslestad et al, Telenor R&D
March 2006                             doc.: IEEE 802.11-06/0353r0


             The Security & Mobility Challenge




Submission                  Slide 14        Thomas Haslestad et al, Telenor R&D
March 2006                                             doc.: IEEE 802.11-06/0353r0


                     Security and mobility (2)
 • The security level expected for OBAN architecture has
   to coexist with strong time and QoS constraints
 • goal of 120 ms maximum handover latency implies that
   a full authentication that involves several actors and
   ditto round-trip times is not acceptable.
 • Fast handover requires an authentication mechanism
   that only involves the terminal and the RGW.
 • Security in relation to fast re-authentication during
   handoff:
       – Two potential solutions:
             • delayed authentication,
             • fast hand-over using Kerberos Tickets


Submission                               Slide 15           Thomas Haslestad et al, Telenor R&D
March 2006                                        doc.: IEEE 802.11-06/0353r0


       WiFi Challenges in the OBAN concept
 • No preprocessing of keys and session parameters by
   network to prepare handover in advance.
       – 2G and 3G does this by default
 • An STA can only be associated with one AP at a time.
 • The mobile station must after sensing beacon,
   negotiate with next AP that again must performs a full
   RADIUS roundtrip with ISP to handle AAA and
   security session
       – In practice: a reauthentication (roaming) based on eg. EAP will
         include a full time consuming RADIUS roundtrip involving STA,
         AP, and ISP(s). In addition; rerouting of traffic as well as 802.1X
         functions for port control and crypto session establishment on
         radio link.
Submission                           Slide 16           Thomas Haslestad et al, Telenor R&D
      March 2006                                                  doc.: IEEE 802.11-06/0353r0
                 Handover Task -Time Considerations
            T1        T2        T3                           T4                             T5


                                                                                                   Session
  Handover                                                                                        continues
  Starts here                                                                                       here

                                          Interruption delay

           Session Oriented                             Security Oriented
                   < 100 ms
                                         >> 150 ms (!)
T1: Beacon + Physical connection setup between the STA and the next AP/RGW
T2: Messaging session parameters, including STA’s ID / auth. info between the VU and the next AP/RGW.
T3: Processing of rerouting the traffic to and from STA via the new AP.
T4: AAA roundtrip for re-authentication of the STA between AP/RGW and H-ISP of the STA
T5: 802.1X port handling and IKE-based encryption of radio link between VU and AP


      Submission                                  Slide 17                Thomas Haslestad et al, Telenor R&D
March 2006                        doc.: IEEE 802.11-06/0353r0


             High level Architecture




                                                              OBAN deliverable D27
Submission             Slide 18        Thomas Haslestad et al, Telenor R&D
   March 2006                            doc.: IEEE 802.11-06/0353r0

                     Mobility Broker
• A node serving a
  geographical area,
  composed of several
  RGWs
• Makes the access network
  look like a conventional
  WLAN/IP network, such
  that standard mechanisms
  can be reused
• Simplify the hand-off
  complexity, and reduce
  signalling round trips by
  managing mobility,
  security and QoS events
  locally during hand-off

   Submission                 Slide 19        Thomas Haslestad et al, Telenor R&D
March 2006                                                doc.: IEEE 802.11-06/0353r0


        Fast Handover using Kerberos tickets

 • Using Kerberos tickets for fast and secure layer 2
   authentication
       – The ticket consist primarily of an access key and an encrypted
         timestamp with a key known to the issuer and the final recipient
             • Issuer = Mobility Broker
             • Final recipient = RGW
       – The ticket is issued to the client (user terminal) and encrypted with
         a key that is in the possesssion of the client. (shared secret)
       – The client uses the ticket for authentication towards the RGW
             • Proves that is possesses the session key within the ticket
                – By encrypting a challenge from the RGW with the session key
             • RGW also checks that the timestamp is not expired



Submission                                 Slide 20             Thomas Haslestad et al, Telenor R&D
    March 2006                                    doc.: IEEE 802.11-06/0353r0


            Fast Handover using Kerberos tickets

• First time authentication
     – No tickets => full authentication towards HAAA. ie. Anything that
       generates a session key (eg. EAP – SIM)
     – The final EAP SUCCESS is not proxied to the terminal but
       exchanged in the Mobility broker with a Ticket-granting Ticket
     – The terminal requests MB for a suitable set of tickets.
     – EAP SUCCESS is then finally delivered
     – The MB is geographically aware.
•    successive re-auth
     – Only between terminal and RGW



    Submission                        Slide 21          Thomas Haslestad et al, Telenor R&D
March 2006                                      doc.: IEEE 802.11-06/0353r0


        Fast Handover using Kerberos tickets

 • Delay estimation
       –     Network Authentication + MIP registration = total delay
       –     Full auth: <120-290ms> + <35-100ms> = <155-390ms>
       –     Re-auth in same domain: <10-40ms> + <25-45ms> = <35-85ms>
       –     Re-auth in diff domain: <10-40ms> + <35-100ms> = <45-140ms>


 • Standard compliance
       – ”the full authentication” does not comply with the EAP
         requirement regarding sequence of methods.




Submission                           Slide 22         Thomas Haslestad et al, Telenor R&D
 March 2006                                       doc.: IEEE 802.11-06/0353r0


              Delayed Authentication                    (Patent Pending)




• Open 802.1x for user traffic as fast as possible, and before
  security functions/authentication are completed.
• Full AAA roundtrip to be executed while ongoing user
  traffic from STA.
• New / Increased Security risks:
    – Unaccounted user traffic for a few seconds
    – No encryption on the radio link
    – Potential DoS attacks (in addition to those already existing )




Submission                           Slide 23           Thomas Haslestad et al, Telenor R&D
       March 2006                                                           doc.: IEEE 802.11-06/0353r0


                                       Delayed Authentication

              T1          T2           T3                        T4                       T5



                                             Session
Handover                                    continues
starts here                                   here



                                                                                                             Secured and
                   discontinued session
                                                        Continued, but unsecure session                       accounted
                      (< 100 msec !)
                                                                     ( some seconds)                            traffic

                                                                                                  Full
                      < 100 ms                                                                  Security
                                                                                               established




       Submission                                            Slide 24              Thomas Haslestad et al, Telenor R&D
March 2006                            doc.: IEEE 802.11-06/0353r0

             Delayed Authentication: Security
                    countermeasures

 • Introduce a timer to limit the maximum pending time
   for a RADIUS response (success or reject)
 • Possible for AP to cache and block MAC addresses
   with repeated failing attempts
 • Policy selector:
   Monitor accounted vs unaccounted traffic and allow
   to toggle back to standard 802.11 state machine (ie.
   standard policy) if unaccounted level is bad. (toggle
   back after a configurable time)


Submission                 Slide 25        Thomas Haslestad et al, Telenor R&D
March 2006                                                 doc.: IEEE 802.11-06/0353r0

        Consequence 1: Change of the IEEE State model
                 Introducing a new state: Pending_Authenticated
                                                  Authenticated
                                                  & Associated              Class 1, 2 & 3
                    Successful
                                                                            frames allowed
                   Authentication




Class 1, 2 & 3
frames allowed
                                                  Authenticated
             Pending_Authenticated                UnAssociated               Class 1& 2
                  Associated                                                 frames allowed




                        DeAuthentication        UnAuthenticated
                          Notification           UnAssociated              Class 1
                                                                           frames allowed
Submission                                 Slide 26               Thomas Haslestad et al, Telenor R&D
March 2006                                  doc.: IEEE 802.11-06/0353r0

                         Consequence 2
             Changes needed in the 802.1X implementation

 • Must allow for class 3 traffic (both STA and AP)
 • Extra robustness functions to minimize the new risks
   (timer, MAC cache etc)
 • Compensation functions also to account for conveyed
   STA traffic before successful RADIUS response.
   (STA traffic conveyed before a RADIUS reject (or
   timer elapse etc) cannot be accounted for).




Submission                       Slide 27        Thomas Haslestad et al, Telenor R&D
March 2006                                 doc.: IEEE 802.11-06/0353r0


                         Possible gain
• Applications with strict real-time requirements can be
  handled more comfortably also in the mobile case
   increased popularity & New Business opportunities
• Seamless functionality also delivered with high-speed
  broadband
      – 2G/EDGE: max ~200 Kbit/s,
      – 3G/UMTS ~400 Kbit/s,
      – 802.11(): 1Mbit/s ++
• Enabling true roaming for 802.11-based access
  networks


Submission                      Slide 28        Thomas Haslestad et al, Telenor R&D
March 2006                         doc.: IEEE 802.11-06/0353r0


             Thanks for your attention

 • Questions?




Submission              Slide 29        Thomas Haslestad et al, Telenor R&D
March 2006                                      doc.: IEEE 802.11-06/0353r0


                    Contact information

 Coordinator:          Telenor R&D
                       Snarøyveien 30, N-1331 Fornebu, Norway
                       +47 6789 0000
 Project manager:      Einar Edvardsen
                       +47 915 29029
                       einar-paul.edvardsen@ telenor.com
 URL:                  www.ist-oban.org




Submission                       Slide 30              Thomas Haslestad et al, Telenor R&D
March 2006                                                   doc.: IEEE 802.11-06/0353r0


                                    References
 •    OBAN Consortium [online] http://www.ist-oban.org
 •    M. G. Jaatun, I. A. Tøndel, M. B. Dahl, and T. J. Wilke, ”A Security Architecture for an
      Open Broadband Access Network," in Proceedings of the 10th Nordic Workshop on
      Secure IT Systems (Nordsec), 2005
 •    E. Edvardsen, T. G. Eskedal, and A. Arnes, \Open Access Networks," in
      INTERWORKING, ser. IFIP Conference Proceedings, C. McDonald, Ed., vol.
      247.Kluwer, 2002, pp. 91-107.
 •    M. G. Jaatun, I. A. Tøndel, F.Paint, T.H. Johannessen, J.C. Francis, C. Duranton”Secure
      Fast Handover in an Open Broadband Access Network using Kerberos-style Tickets” in
      IFIPSEC 2006 21st IFIP TC-11 International Information Security Conference
 •    Hoekstra G. J., Østerbø O., Schwendener R., Schneider J.,Panken F. J. M., Bemmel, J.
      van. Quality of Service Solution for Open Wireless Access. Submitted to 14th IST
      Summit, Dresden 19-23 June 2005.
 •    E. Edvardsen. (2004) Fixed and Mobile Convergence. BroadBand Europe 2004.
      [Online]. Available: https://medicongress.be/UploadBroad/Session%2009/Paper%2009-
      01.pdf
 •    T.-G. Eskedal, R. Venturin, I. Grgic, R. Andreassen, J. C. Francis, and C. Fischer, \Open
      Access Network Concept, a B3G Case Study," in Proceedings of 13th IST Mobile &
      Wireless Communication Summit, 2003.



Submission                                   Slide 31               Thomas Haslestad et al, Telenor R&D

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:8
posted:12/30/2010
language:English
pages:31