Discussion points for 802 21 security input to 802 1af
This presentation is the property of its rightful owner.
Sponsored Links
1 / 4

Discussion Points for 802.21 Security [Input to 802.1AF] PowerPoint PPT Presentation


  • 84 Views
  • Uploaded on
  • Presentation posted in: General

Discussion Points for 802.21 Security [Input to 802.1AF]. Security in the MAC is more about wireless than wired today Some (proposed) link events today have different qualities for wired vs. wireless worlds: Link up (wired link vs. wireless association completed (or open port?))

Download Presentation

Discussion Points for 802.21 Security [Input to 802.1AF]

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Discussion points for 802 21 security input to 802 1af

Discussion Points for 802.21 Security [Input to 802.1AF]

  • Security in the MAC is more about wireless than wired today

  • Some (proposed) link events today have different qualities for wired vs. wireless worlds:

    • Link up (wired link vs. wireless association completed (or open port?))

    • Link down (wired no data vs. wireless beacons etc)

    • Link_Going_Up (wired not possible? vs. Port in the making / tentative association)

    • Link changed bandwidth (wired went from 100 to 10 vs. wireless slow man on channel?))

    • Link changed mode (wired duplex transition vs. wireless ack to block ack?)

  • Some events are wireless only:

    • Link changed QoS (wireless HCCA to EDCA transition, wired ?)

    • Link_Quality_Crosses_Threshold (wireless signal quality, wired ?)

    • Better_Signal_Quality_AP_Available

  • Some events are the same for both wired and wireless:

    • Link_Going_Down

    • Trigger_Rollback


Discussion points for 802 21 security input to 802 1af1

Discussion Points for 802.21 Security[Input to 802.1AF]

  • Some proposed link events could be asymmetric…

    • Link up (OPER up on one end only)

    • Link down (OPER down on one end only)

    • Link_Going_Up (OPER…)

    • Link_Quality_Crosses_Threshold (better antennae?)

    • Link_Going_Down (OPER…)

    • Better_Signal_Quality_AP_Available (sent one way only)

  • Might want to transmit any of these as status report from other end ? (Should there be remote registered client for push or pull model?)

  • … vs. the same on both ends of link

    • Link up (both ends fully plugged in,

    • Link down (failure of cable, one end fails)

    • Link changed bandwidth (negotiated)

    • Link changed mode (negotiated)

    • Link changed QoS (negotiated)

    • Trigger_Rollback (transmitted)


Discussion points for 802 21 security input to 802 1af2

Discussion Points for 802.21 Security[input to 802.1AF]

  • Might want to report any of these locally up from L2 to registered client

  • Current local registration for link events identifies client, logical interface and particular event

  • Current local delivery of link events provides report of event occuring, sometimes a data value (never the source MAC)

  • Current local delivery of link events can be gated by OPER state

  • Source of link events is not authenticated or authorized by local delivery mechanism

  • No need for security?


Discussion points for 802 21 security input to 802 1af3

Discussion Points for 802.21 Security[input to 802.1AF]

Apply to transmitted signals or triggers (i.e. end to end). Generic threat analysis here due to lack of approved use cases.

  • DoS attacks

    • In wireless there is always PHY based DoS

    • So why spend energy preventing MAC based DoS

  • Protocol attacks

    • No new security protocols introduced, no increase in attacks

  • Association

    • Authentication

      • Heavyweight, only for association

    • Authorization

      • Heavyweight, only for association

  • Integrity

    • Relevant to wired side (yet less needed), not so on wireless?

  • Privacy / confidentiality

    • Must use existing encryption methods if used at all, due to scope; Hard to set up w/out latency inducing authentication


  • Login