1 / 13

ESN Conformance

ESN Conformance. Bob Beach Symbol Technologies. Background. Several comments dealt with the issue of ESN conformance The specification does not explicitly deal with conformance issues Only exception is authentication algorithm (“mandatory to implement”)

ovidio
Download Presentation

ESN Conformance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ESN Conformance Bob Beach Symbol Technologies Bob Beach, Symbol Technologies

  2. Background • Several comments dealt with the issue of ESN conformance • The specification does not explicitly deal with conformance issues • Only exception is authentication algorithm (“mandatory to implement”) • In the past the spirit of the committee has been that an ESN is an all or nothing thing. • Comments on written draft and discussions among committee members suggest the situation is more complex Bob Beach, Symbol Technologies

  3. Reasons for Levels of ESN Conformance • Systems may wish to use only some elements of ESN • E.g. Identifying 40/128 bit WEP key operation • Use of 802.1x • WEP+ • Authentication suite for key distribution • Multiple Options within ESN model itself • AES/WEP+ • IEEE 802.1x level authentication suite selection • Multiple authentication algorithms Bob Beach, Symbol Technologies

  4. ESN Options • The current proposal contains a collection of services that are quite independent of one another • Security feature advertisement/discovery • Security feature negotiation/selection • Upper layer authentication (I.e. not at MAC layer) • 802.1x/EAP • WEP+ (whatever it turns out to be) • AES • Kerberos authentication/key distribution • Other authentication suites • IBSS Operation Bob Beach, Symbol Technologies

  5. Two Models of ESN Conformance • There are two obvious models for defining ESN conformance • Service based • Environment or use based • Service based approach assigns a service or group of services an identifier (or level). Conformance level indicates which services are present • Environment or use base defines what services are present based on the end user environment or usage model. Bob Beach, Symbol Technologies

  6. Service Model • Build up from basic services to more complex services. • Higher conformance levels include all services in lower conformance levels • Possible breakdown: • Level 0: security discovery/negotiation mechanism • Level 1: add 802.1x • Level 2a: add WEP+ • Level 2b: add AES • Level 3: add Kerberos authentication suite • Level 4: add other authentication suites • Might want to assign names rather than numbers Bob Beach, Symbol Technologies

  7. Environment/Use Model • Define collections of services based upon end user environment. • More like operating profiles than conformance levels • For each profile, a set of required (and perhaps optional) services would be defined. • Different profiles could have different required services • Vendors would define supported profiles • Particular products (AP, NIC, integrated devices) could support multiple profiles Bob Beach, Symbol Technologies

  8. Proposed Environments • Public Space • Enterprise • IBSS • Highly Mobile Devices • Consumer/Home Bob Beach, Symbol Technologies

  9. Discussion of Service Model • Service based model • Is more obvious and generally follows the way the specification is written and the way the technology is implemented • At same time it is highly technical and would be meaningful only to knowledgeable users • Does not help users decide what is necessary for their environment • As higher conformance levels it suggests a “one size fits all” model that may be inappropriate for many sites • A matrix of all possible combinations gets messy • E.g. Level 0 and Level 2b but not Level 1 Bob Beach, Symbol Technologies

  10. Discussion of Environment Model • More end user oriented with less emphasis on technical details • Fewer possible combinations makes implementation and testing easier • Allows different sets of mandatory services that can reflect different usage models or environments • Requires committee to define more things Bob Beach, Symbol Technologies

  11. Recommendations • Define ESN conformance framework using the environment/usage model • Rename ESN to Enhanced Security Facilities (ESF) • Suggests framework rather than monolithic network • Add ESN conformance elements to beacon packets Bob Beach, Symbol Technologies

  12. Proposed Motions • Proposed: The environment model of ESN comformance contained in this document be added to the Tgi baseline. • Proposed: Tgi instruct the author of this document to prepare text that defines the selected model for incorporation into the next revision of the Draft specification. Bob Beach, Symbol Technologies

  13. Issues Bob Beach, Symbol Technologies

More Related