slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi PowerPoint Presentation
Download Presentation
Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi

Loading in 2 Seconds...

play fullscreen
1 / 14

Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi - PowerPoint PPT Presentation


  • 130 Views
  • Uploaded on

Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt). Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi Toshiba America Research Inc. Henning Schulzrinne, Columbia University.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi' - iokina


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Media-Independent Pre-Authentication(draft-ohba-mobopts-mpa-framework-01.txt)(draft-ohba-mobopts-mpa-implementation-01.txt)

Ashutosh Dutta, Telcordia Technologies

Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi

Toshiba America Research Inc.

Henning Schulzrinne, Columbia University

Prepared for IRTF MOBOPTS WG

August 4th , 63rd IETF, Paris

problem statement
Problem Statement
  • Existing mobility optimization mechanisms rely on signaling between access routers of different administrative domains
    • It is hard to assume an SA between access routers of different domains
    • There has been no solution for inter-domain handovers
    • Inter-domain handover can occur even for a mobile node with a single interface
  • Existing mobility optimization mechanisms do not deal with heterogeneous handovers in which authorization characteristics are different before and after handovers and thus a fresh authentication and authorization needs to be performed
    • Heterogeneous handover can occur even for a mobile node with a single interface
  • Existing mobility optimization mechanisms are tightly coupled with particular mobility management protocols
  • All those problems above need to be solved without sacrificing handover performance
overview of media independent pre authentication mpa
Overview of Media-independent Pre-Authentication (MPA)
  • MPA is:
    • a mobile-assisted higher-layer authentication, authorization and handover scheme that is performed prior to establishing L2 connectivity to a network where mobile may move in near future
  • MPA provides a secure and seamless mobility optimization that works for
    • Inter-domain handover
    • Heterogeneous handover (single/multiple interface)
  • MPA works with any mobility management protocol
    • MIP(v4,v6), SIPMM, HIP, etc.
mpa overview

Home

Network

HA

MN-AR key

MN-CA key

Data in new

domain

BU

Pre

configuration

Tunneled Data

Proactive handover

tunneling end procedure

pre-authentication

L2 handoff procedure

MN

A(Y)

MPA Overview

1. DATA[CN<->A(X)]

2. DATA [CN<->A(Y)]

over proactive handover

tunnel [AR<->A(X)]

CN

3. DATA[CN<->A(Y)]

AA

CA

AR

Domain X

Domain Y

Data in old

domain

MN

CN: Correspondent Node

MN: Mobile Node

AA: Authentication Agent

CA: Configuration Agent

AR: Access Router

A(X)

mpa assisted seamless handoff a deployment scenario

Network 4

AR

Information

Server

CN

INTERNET

Network 3

MN-CA key

MN-CA key

Network 2

AR

Current

Network 1

TN

AR

AA

AA

CA

CA

CTN

Mobile

AP1

AP2

AP3

AR

AP1 Coverage Area

AP 2 & 3 Coverage Area

CTN – Candidate Target Networks

TN – Target Network

MPA-assisted Seamless Handoff (a deploymentscenario)
changes from draft 00 to 01
Changes from draft 00 to 01
  • Split the original MPA document into two
    • Framework, Implementation
    • (draft-ohba-mobopts-mpa-framework-01.txt)
    • (draft-ohba-mobopts-mpa-implementation-01.txt)
  • (draft-ohba-mobopts-mpa-framework-01.txt)
    • Ping-Pong Effect
    • Buffering
    • Bi-casting
    • Pre-authentication with multiple CTNs
  • (draft-ohba-mobopts-mpa-implementation-01.txt)
    • New Experimental results
    • MIPv6 (Previously with SIP mobility management only)
      • With and w/o Route Optimization
    • Buffering at NAR
    • Layer 2 handover enhancement
slide8

MPA Experiment with MIPv6

Network 5

Information

Server

Home

Network

HA

Network 4

Network 2

Network 1

AA

PANA

Agent

Buffer

Agent

R1

Relay/

Client

Proxy

R2

NAR

CA

PAR

oPoA

IP2

Network 3

nPoA

AP1(Channel 6)

Audio

Application

AP2(Channel 9)

ITSUMO network

CN

MN

MN

Move

AP1, AP2: Access Point

R1: Previous Access Router

R2: New Access Router

MN: Mobile Node

CN: Correspondent Node

HA: Home Agent

conclusions
Conclusions
  • MPA attempts to address the issues of inter-domain handover and

heterogeneous handover

  • MPA framework provides an optimized handover solution independent of mobility management protocol
  • Implementation results of both MIPv6 and SIP-based mobility management
    • Zero packet loss (with buffering)
    • L2 delay ~ 4ms
    • Jitter during handover (~ 20 – 50 ms) (with buffering)
  • Pre-authentication for PANA is being accepted as work item of PANA WG
future work
Future Work
  • Network-initiated MPA
  • Performance comparison with other Fast Mobility management protocol
  • Integration of L2 security bootstrapping in the target network
  • Choose or define appropriate protocol set for each building block
future work contd
Future Work (Contd.)
  • Do we need to solve the pre-authentication problem for inter-domain and heterogeneous handover?
  • Include MPA framework as part of MOBOPTS work item ?