1 / 10

Mesh Peering Instance Controller

Mesh Peering Instance Controller. Date: 2009-03-06. Abstract. This document describes a new Mesh Peering Instance Controller function for managing peering instances by Peering Management and Abbreviated Handshake

neville-rocha
Download Presentation

Mesh Peering Instance Controller

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mesh Peering Instance Controller Date: 2009-03-06 Meiyuan Zhao, Intel

  2. Abstract • This document describes a new Mesh Peering Instance Controller function for managing peering instances by Peering Management and Abbreviated Handshake • The corresponding specification of the mesh peering instance controll is provided in 11-09/0287r0 Meiyuan Zhao, Intel

  3. Peering Finite State Management Issues • Two protocols to establish and manage peering instances for mesh STA • Peering management to establish non-secure peering • Sequential key management may be used to establish the security association • Need correct binding of peering and its security association • Abbreviated Handshake to establish peering and its security association • Need clarification on protocol state machine management • When and how to create a state machine for specific protocol? • When and how to delete a state machine? • How to manage multiple state machines? • Deal with simultaneous initiation of two protocols without ambiguity? • How to pass the right Peering management frames to the corresponding finite state machine? Meiyuan Zhao, Intel

  4. Mesh Peering Instance Controller Peering FSM Peering management frames Peering FSM Mesh Peering Instance Controller Peering FSM Internal commands (e.g., start, cancel) Peering FSM SME Peering FSM Each mesh STA has one Mesh Peering Instance Controller in SME Meiyuan Zhao, Intel

  5. Mesh Peering Instance Controller Functions • Manage life cycles of FSMs for Peering Management and Abbreviated Handshake protocol • Create/delete peering FSMs • Manage identifier and security association states for each peering FSM • Pre-process peering management frames, take necessary actions • Create a new FSM to handle the frame, or • Pass it to an existing FSM, or • Discard • Pass internal commands to peering FSMs • Maintain security association states for each (candidate) peer mesh STA • PMKName • Mesh TKName • Provide a control point to potentially handle protocol interactions between • SAE, Peering Management, Abbreviate Handshake, and proprietary key management protocol Meiyuan Zhao, Intel

  6. Create Peering FSM • Function constraints • If PMK established, only Abbreviated Handshake FSM should be created • Can create multiple peering instances. Once one is established successfully, close other instances properly • Can create a new instance, when a valid peering exists, but close the old one once a new peering established successfully • Actions after creating a new FSM • Pass ACTOPN event, or • Pass the received peering open, or • Pass REQ_RJCT event to reject Peering Open directly • Mesh TKSA established separately • May be done by proprietary key management protocol subsequentially Meiyuan Zhao, Intel

  7. Delete a Peering FSM • Function constraints • Can’t tear down a non-secure peering if its mesh TKSA exists • Have to wait until mesh TKSA is destroyed • Pass Peering Close frame or CNCL event to the peer instance Meiyuan Zhao, Intel

  8. Pre-process Peering Management Frames • Match protocol version to type of existing FSMs • Match instance identifier to a peering FSM • MAC addresses • Link IDs • Nonces • PMKName • Matched frames to passed to proper FSMs • Unmatched Peering Confirm and Peering Close frames are discarded • Unmatch Peering Open may trigger generation of a new FSM Meiyuan Zhao, Intel

  9. Impacts on Peering Management State Machine • For Peering Mangement FSM • Merge “IDLE” and “LISTEN” states to “IDLE” state • Update events and actions accordingly • Remove BNDSA event • For Abbreviated Handshake FSM • Merge “IDLE” and “LISTEN” states to “IDLE” state • Update events and actions accordingly Meiyuan Zhao, Intel

  10. Updated Peering Management FSM Meiyuan Zhao, Intel

More Related