Some thoughts on MN - PowerPoint PPT Presentation

About This Presentation
Title:

Some thoughts on MN

Description:

A way to derive keys which can be used later for Mobile IPv6 BU. SEND-based. Public hotspots? ... Issue: Certificate provisioning between MN and an arbitrary ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 4
Provided by: koo9
Learn more at: https://www.ietf.org
Category:
Tags: keys | thoughts

less

Transcript and Presenter's Notes

Title: Some thoughts on MN


1
Some thoughts on MN AR SA establishment
  • Many mobility protocols need security association
    (not necessarily Ipsec) between a Mobile Node and
    a network node, typically an access router
  • Examples Context Transfer, Fast Handover, CARD
  • The mobility protocols themselves cannot
    establish a security association
  • What are the options?

2
Options for SA establishment
  • AAA based access authentication?
  • Used in 3GPP2
  • A way to derive keys which can be used later for
    Mobile IPv6 BU
  • SEND-based
  • Public hotspots?
  • IKE?
  • Issue Certificate provisioning between MN and an
    arbitrary visited network router
  • EAP-based keying?
  • EAP-over-any-access-network?
  • Keep Type-specific authentication mechanism open
  • Note specifying a single mechanism appears not
    worthwhile. Instead, a framework may be the best
    option available

3
Framework
  • Assuming that a framework is the way to go
    forward, what are the specific requirements?
  • An option such as BAD is almost necessary
  • BAD would work readily with Mobility Header
    messages
  • Perhaps it is a good idea to have all MN AR
    messaging to use MH messages?
  • We need a reference (ID, RFC) which can be used
    to address the security considerations of
    mobility protocols
Write a Comment
User Comments (0)
About PowerShow.com