80 likes | 89 Views
Explore network-side issues in WLAN interworking focusing on policy enforcement, access control, QoS mapping, and more from the WIEN conference in July 2004.
E N D
Network side issues in WLAN Interworking Cheng Hong, Tan Pek Yew (Panasonic) WIEN 12th July 2004 Cheng Hong, Tan Pek Yew
Interworking scope at network side • Policy enforcement • Access control • Simultaneous access • External QoS mapping • User access revocation • Admission control Cheng Hong, Tan Pek Yew
Access Control & User access revocation • Diversity in the access control schemes for interworking: • 3GPP requires (U)SIM based access control • Other public network uses different access control, e.g. HTTP, etc • The network sharing, etc, makes the situation even more complicated • Security schemes of 11 • 11i provided the security solution for WLAN • 3GPP required EAP methods (EAP-SIM/AKA) can be supported • But, how is the co-existence issue? • The EAP methods needs to be supported together with other methods, e.g. HTTP based, in the same AP • In case of network sharing, as required in the 3GPP TS, several AAA paths needs to be supported. • Can the MAC address of the UE be used as a secure identifier for the user/session? Does the authentication support including the MAC address? (11i) • User revocation could be done through the AAA framework • Network initiated revocation needs to be supported (as in 3GPP TS 23.234 Annex A.1.2) • This relates to the online charging information (based on the 3GPP requirements) • The revocation can also be the result of policy decisions. Cheng Hong, Tan Pek Yew
Policy Enforcement • Types of Policies: • Network policies: more of static • User policies: Dynamic and concerns the individual user • Mapping of the policy information: • external network does not have specific info about the 11 technologies, e.g. 3G network uses different control mechanisms • mapping of the policy should be necessary. • mapping to be done in 11, and it provides a generic interface to work with all external network • Charging is part of the policy related issues (especially online charging) • Relationship to the Authentication • Default policy can be carried in the authentication result (success) • The policy update can happen more frequent than the authentication, e.g. MT may request for several services within a authenticated session, and each service may pose a new policy on the MT, • The policy scheme may not be suitable to combine with the authentication. Cheng Hong, Tan Pek Yew
External QoS mapping • Necessary for the QoS in interworking: • With interworking, WLAN is serving paying customers. QoS has to be guaranteed • New services provided by the interworking requires QoS guarantee, e.g. VoIP, IMS, etc • WLAN QoS, e.g. 11e needs to be integrated with the end-to-end QoS of the service. • QoS info is more dynamic, and could change during the life time of a session. • External QoS mapping to the 11 QoS • Translation of the upper layer QoS to the 11e parameters, e.g. TSID, TSPEC (part of MLME functions). • At terminal side, it could be from application to 11e, e.g. SDP to TSPEC, • For dual mode terminal, could be directly from UMTS to 11e • Since there are different mapping methods, it needs to have a consistent way of mapping to guarantee user experience. • The related issues: • 11 QoS is only part of the end-to-end QoS. How to decide its exact value is not obvious. Bandwidth is easy, but delay should be carefully mapped. That is the reason for a standard way of doing the mapping • At network side, the admission control would be involved. In 11e, the request will be initiated by the Terminal, and network side does the admission control. Cheng Hong, Tan Pek Yew
Admission Control • Admission Control is necessary for processing the QoS requests from the terminal • Resources allocation/management is involved in the process. • The control decision will requires local network information and based on local network status, which depends on the monitoring of the network. 11k related? • Network side decision would also depends on the policy rules from external network and local management entities. Cheng Hong, Tan Pek Yew
Simultaneous Access • Simultaneous access to different networks is required by 3GPP. • Simultaneous connections to UMTS and WLAN • This is a requirement from operators • Certain services will be kept on the UMTS link even WLAN is on • Aiming for the dual mode terminal • Simultaneous connections to different operator’s network • Not yet included in the Rel6 (depends on SA1’s decision) • multiple authentication session/traffic aggregation and distribution • According to some proposal in 3GPP, MAC address of the MT needs to be provided to the AAA server. Cheng Hong, Tan Pek Yew
Conclusions • The network side of the interworking should be targets of the group: • Access control & user revocation • Policy enforcement and mapping • QoS control and mapping • Admission control • Support of simultaneous connection Cheng Hong, Tan Pek Yew