1 / 6

Security Implications of Session Identifier: Exploring NSIS Signaling Solutions

This draft addresses session ownership challenges in signaling protocols, focusing on mobility and security implications. It categorizes proposed solutions and raises pending issues for further discussion in the working group.

warfieldt
Download Presentation

Security Implications of Session Identifier: Exploring NSIS Signaling Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authors: H. Tschofenig H. Schulzrinne R. Hancock A. McDonald X. Fu Security Implications of the Session Identifier(draft-tschofenig-nsis-sid-00.txt)

  2. Background • Discussions about the session ownership problems already started with the requirements work • We spend some time at the New York interim meeting to discuss some issues. • I promised to capture the current status of our discussions and to make them available to other working group members (to get a bigger audience).

  3. Problem • We discussed the problems several times already. • However, no real progress seen so far. • Mobility (in combination with security) is still somewhat fuzzy.

  4. Goal • Point to • the implications to the signaling protocol with regard to certain solutions • the problems with the presented problem and the corresponding solutions • the relationship to mobility • As part of the mobility related NSIS signaling the following question must be addressed: What is the expected functionality?

  5. Draft Content • Several proposals, which have been discussed in the past, are described: • These proposals are categorized into • Global (applicable to all nodes along the path) • Local (applicable to particular domains only e.g. visited network) • Details can be obtained from the draft (and will not be discussed here). • Important part: • Solutions give the reader information about the assumptions and the consequences

  6. Pending Issues • Which is the authorizing entity? • Which action might be authorized by whom? • Is the Session Identifier concept useful? (tradeoff benefit vs. additional overhead) • How should mobility signaling work in detail (e.g. always end-to-end signaling messages assumed)? • How should replay protection be handled?

More Related