1 / 15

Simultaneous CN-Targeted Location Privacy and Optimized Routing in MIPv6

This draft proposes a solution for achieving both CN-targeted location privacy and optimized routing in MIPv6. It addresses the problem of disclosing location to correspondent nodes and eavesdroppers.

donaldeking
Download Presentation

Simultaneous CN-Targeted Location Privacy and Optimized Routing in MIPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MIPv6 CN-Targeted Location Privacy and Optimized Routingdraft-weniger-mobopts-mip6-cnlocpriv-00Kilian Weniger<kilian.weniger@eu.panasonic.com> IETF #67, Nov 2006

  2. Background and Scope • Location privacy can be achieved by hiding the relation between identity and location of a user • In MIPv6 HoA and CoA represent identity and location • Two main problems: • Disclosing the location to correspondent nodes • CN-targeted location privacy • Disclosing the location to eavesdroppers • eavesdropper-targeted location privacy • Our draft addresses problem 1 only

  3. Scenario MN and CN communicate using delay-sensitive service MN is reachable at public HoA corresponding HA is called IP Reachability Home Agent (IRHA) MN doesn‘t want to reveal location to CNs Problem With MIPv6, MN has the choice: short delays (route optimization) or location privacy (reverse tunneling) How to achieve both CN-targeted location privacy and optimized routing simultaneously? reverse tunneling CN sees HoA route optimization CN sees HoA & CoA Scenario and Problem definition IRHA CN MN

  4. Approach Route optimization mode with pseudo HoA MN hides real HoA Drawbacks Only works for MN-initiated sessions Location privacy is compromised if CN can figure out MN‘s identity on higher layers draft-irtf-mobopts-location-privacy-solutions IRHA CN MN route optimization with pseudo HoA CN sees pseudo HoA& CoA

  5. MIPv6 bootstrapping • Possible approach • MN reverse tunnels to local HA • Drawbacks • since local HoA contains location information, location privacy is compromised to some extent if CN knows that corresponding HA is local IRHA CN sees HoA_local local HA reverse tunneling CN MN

  6. draft-weniger-mobopts-mip6-cnlocpriv-00 • Basic idea • MN reverse tunnels to HA that is preferably located: • Close to the CN (for strong location privacy) • Close to the path between MN and CN (for good routing efficiency) • This Optimized Routing Home Agent (ORHA) is used for optimized communication with CN IRHA CN sees HoA_OR (& HoA_IR) ORHA CN reverse tunneling MN

  7. Case 1: MN decides to optimize route before session starts (MN-initiated session) • Before sending packets to CN, MN discovers ORHA • MN bootstraps with ORHA and obtains HoA_OR • MN does NOT update its FQDN in DNS with HoA_OR • MN tunnels packets for CN through ORHA • i.e., HoA_OR is used as HoA for the session with CN • MN keeps registrations with other HAs MN ORHA CN ORHA discovery Decision to optimize route MIP bootstrapping (incl. obtaining HoA_OR) BU (HoA_OR, CoA) Data packets Session starts(sending from HoA_OR)

  8. Case 2: MN decides to optimize route after session starts (MN/CN-initiated session) • Session starts by sending packets to/from MN‘s public HoA (i.e., HoA_IR) • When MN decides to optimize the route, it discovers ORHA and bootstrap with it • MN performs route optimization over reverse tunnel to ORHA • MN uses HoA_OR as CoA for CN registration

  9. Signaling flow for CN-initiated sessions MN IRHA ORHA CN BU (HoA_IR, CoA) Data packets Session starts(sending to HoA_IR) ORHA discovery Decision to optimize route MIP bootstrapping (incl. obtaining HoA_OR) BU (HoA_OR, CoA) HoTi CoTi HoT CoT BU (HoA_IR, HoA_OR) Data packets

  10. Open issue: How to discover ORHA? • Possible approaches • Anycast-based or DNS-based home agent discovery based on CN’s address, prefix or FQDN • e.g., QNAME=“_mip6._ipv6.cndomain.com” • Dedicated server in MN‘s MSP network that is able to map CN‘s FQDN or address to ORHA address

  11. Conclusion • Currently MIPv6 cannot provide simultaneous optimized routing and CN-targeted location privacy • draft-weniger-mobopts-mip6-cnlocpriv proposes a solution that utilizes MIPv6 bootstrapping and requires changes to MN operation only • applicable if HA is deployed close to CN and if trust relationships needed for bootstrapping are in place • specification of discovery mechanism TBD

  12. Questions/Comments?

  13. Appendix

  14. Headers • Data packets and BU sent by MN to CN IPv6 header (source = care-of address, destination = ORHA) ESP header in tunnel mode IPv6 header (source = HoA_OR, destination = correspondent node) Destination Options header Home Address option (HoA_IR) Any protocol • CoTi sent by MN to CN IPv6 header (source = care-of address, destination = ORHA) ESP header in tunnel mode IPv6 header (source = HoA_OR, destination = correspondent node) Any protocol

  15. Definitions • IP Reachability Home Agent (IRHA): A home agent that is used for providing IP reachability for the mobile node. The corresponding home addresses is disclosed to potential correspondent nodes (e.g., by publishing the address in DNS). • IP Reachability path: The path between mobile node and correspondent node if the mobile node uses bi-directional tunneling mode with the IRHA. • Optimal path: The end-to-end path between mobile node and correspondent node, e.g., the path in MIPv6 Route Optimization mode • Optimized path: A path between mobile node and correspondent node that is shorter than the IP reachability path, but may be longer than the optimal path. • Optimized routing: Routing data packets over the optimized path • Optimized Routing Home Agent (ORHA): A home agent that is used for providing optimized routing.

More Related