1 / 7

cdma2000-WLAN Interworking

cdma2000-WLAN Interworking. Jim Tomcik (jtomcik@qualcomm.com) Raymond Hsu (rhsu@qualcomm.com) November, 2004 San Antonio, TX. Objectives. Phase-1 Objectives Scenario 1: Common billing (scenario 1) No 3GPP2 specification work needed

deiondre
Download Presentation

cdma2000-WLAN Interworking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. cdma2000-WLAN Interworking Jim Tomcik (jtomcik@qualcomm.com) Raymond Hsu (rhsu@qualcomm.com) November, 2004 San Antonio, TX Jim Tomcik

  2. Objectives • Phase-1 Objectives • Scenario 1: Common billing (scenario 1) • No 3GPP2 specification work needed • Scenario 2: 3GPP2-based access control, direct Internet access, and accounting • Common root key (A-key or MN-AAA key) for both WLAN & cdma2000 authentication • Direct Internet access from WLAN system • WLAN accounting available to home cdma2000 operator • Phase-2 Objectives • Scenario 3: Access to home cdma2000 system from WLAN system • e.g. Access to IMS, WAP, MMS in the home system • Via tunneling between WLAN and cdma2000 systems • Scenario 4: Session continuity • Maintain IP connectivity while moving between cdma2000 and WLAN systems Jim Tomcik

  3. Status • Phase-1 Status (X.S0028) • Finished R&F (“Review and Freeze”) • Currently in V&V (“Verification and Validation”) • Publication in 1Q/2005 • Phase-2 Status • No work-plan yet • High-level discussion has started in the Oct. 3GPP2 meeting Jim Tomcik

  4. Phase-1 Architecture Jim Tomcik

  5. Some Phase-1 Detail • SSID for system selection • SSID may be used to identify the serving WLAN system, or a home CDMA2000 system that has roaming agreement with the serving WLAN system • MS is configured with a list of preferred SSIDs • MS uses passive scan or active scan to obtain available SSIDs • WLAN access authentication key (WKEY) • WKEY may be generated from a CDMA2000 root key (e.g., A-key, MN-AAA key) • Why? Cryptographic separation - if WKEY is compromised, the root key is still safe • An alternative approach is to pre-configure the MS with a separate WKEY • MS uses (R)UIM procedures (IS-820) to bootstrap WKEY • If A-key is used as the root key, WKEY is derived from the SMEKEY • If MN-AAA key is used as the root key, WKEY is derived from the MN-AAA authenticator • EAP is used to exchange key materials between MS and home AAA for bootstrapping WKEY • If A-key is used as the root key, home AAA interface with HLR/AC to SMEKEY Jim Tomcik

  6. Some Phase-1 Detail • WLAN access authentication • WKEY is used as the secret for authentication • Two EAP authentication methods are allowed: • EAP-AKA • EAP-TLS with Pre-Shared Key (PSK) • IEEE 802.11i for Privacy protection in WLAN system • If MS is authenticated, MS and home AAA derive Pairwise-Master Key (PMK) • Home AAA distributes the PMK to the AP serving the MS • MS and AP use the PMK to derive session keys for privacy protection • Internet access via WLAN system directly • If MS is authenticated, WLAN system assigns an IP address • Not require to traverse through the home CDMA2000 system • WLAN accounting sent to home CDMA2000 system • Standard IETF RADIUS attributes • No 3GPP2 vendor-specific attributes Jim Tomcik

  7. EAP-AKAMessageFlows Jim Tomcik

More Related