1 / 14

Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi

Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt). Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi Toshiba America Research Inc. Henning Schulzrinne, Columbia University.

jaimin
Download Presentation

Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Media-Independent Pre-Authentication(draft-ohba-mobopts-mpa-framework-01.txt)(draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi Toshiba America Research Inc. Henning Schulzrinne, Columbia University Prepared for IRTF MOBOPTS WG August 4th , 63rd IETF, Paris

  2. Problem Statement • Existing mobility optimization mechanisms rely on signaling between access routers of different administrative domains • It is hard to assume an SA between access routers of different domains • There has been no solution for inter-domain handovers • Inter-domain handover can occur even for a mobile node with a single interface • Existing mobility optimization mechanisms do not deal with heterogeneous handovers in which authorization characteristics are different before and after handovers and thus a fresh authentication and authorization needs to be performed • Heterogeneous handover can occur even for a mobile node with a single interface • Existing mobility optimization mechanisms are tightly coupled with particular mobility management protocols • All those problems above need to be solved without sacrificing handover performance

  3. Overview of Media-independent Pre-Authentication (MPA) • MPA is: • a mobile-assisted higher-layer authentication, authorization and handover scheme that is performed prior to establishing L2 connectivity to a network where mobile may move in near future • MPA provides a secure and seamless mobility optimization that works for • Inter-domain handover • Heterogeneous handover (single/multiple interface) • MPA works with any mobility management protocol • MIP(v4,v6), SIPMM, HIP, etc.

  4. Home Network HA MN-AR key MN-CA key Data in new domain BU Pre configuration Tunneled Data Proactive handover tunneling end procedure pre-authentication L2 handoff procedure MN A(Y) MPA Overview 1. DATA[CN<->A(X)] 2. DATA [CN<->A(Y)] over proactive handover tunnel [AR<->A(X)] CN 3. DATA[CN<->A(Y)] AA CA AR Domain X Domain Y Data in old domain MN CN: Correspondent Node MN: Mobile Node AA: Authentication Agent CA: Configuration Agent AR: Access Router A(X)

  5. Network 4 AR Information Server CN INTERNET Network 3 MN-CA key MN-CA key Network 2 AR Current Network 1 TN AR AA AA CA CA CTN Mobile AP1 AP2 AP3 AR AP1 Coverage Area AP 2 & 3 Coverage Area CTN – Candidate Target Networks TN – Target Network MPA-assisted Seamless Handoff (a deploymentscenario)

  6. Changes from draft 00 to 01 • Split the original MPA document into two • Framework, Implementation • (draft-ohba-mobopts-mpa-framework-01.txt) • (draft-ohba-mobopts-mpa-implementation-01.txt) • (draft-ohba-mobopts-mpa-framework-01.txt) • Ping-Pong Effect • Buffering • Bi-casting • Pre-authentication with multiple CTNs • (draft-ohba-mobopts-mpa-implementation-01.txt) • New Experimental results • MIPv6 (Previously with SIP mobility management only) • With and w/o Route Optimization • Buffering at NAR • Layer 2 handover enhancement

  7. Protocol Set for current MPA prototype

  8. MPA Experiment with MIPv6 Network 5 Information Server Home Network HA Network 4 Network 2 Network 1 AA PANA Agent Buffer Agent R1 Relay/ Client Proxy R2 NAR CA PAR oPoA IP2 Network 3 nPoA AP1(Channel 6) Audio Application AP2(Channel 9) ITSUMO network CN MN MN Move AP1, AP2: Access Point R1: Previous Access Router R2: New Access Router MN: Mobile Node CN: Correspondent Node HA: Home Agent

  9. MPA Experimental Results

  10. Conclusions • MPA attempts to address the issues of inter-domain handover and heterogeneous handover • MPA framework provides an optimized handover solution independent of mobility management protocol • Implementation results of both MIPv6 and SIP-based mobility management • Zero packet loss (with buffering) • L2 delay ~ 4ms • Jitter during handover (~ 20 – 50 ms) (with buffering) • Pre-authentication for PANA is being accepted as work item of PANA WG

  11. Future Work • Network-initiated MPA • Performance comparison with other Fast Mobility management protocol • Integration of L2 security bootstrapping in the target network • Choose or define appropriate protocol set for each building block

  12. Future Work (Contd.) • Do we need to solve the pre-authentication problem for inter-domain and heterogeneous handover? • Include MPA framework as part of MOBOPTS work item ?

  13. Thank you!

  14. Backup Slides

More Related