Transcript URP Usage Scenarios for Mobility

URP Usage Scenarios for
Mobility
James Kempf
Sun Microsystems, Inc.
Problem Statement:Service
Authorization
• Protocol exchange involved in authorizing a Mobile Node for
particular network services after handover is often more extensive than
actually setting up the service itself (ex. COPS flows in draft-thomasseamoby-rsvp-analysis-00.txt).
– Could seriously delay Mobile Node obtaining authorized service.
– Possible to solve efficiently at edge with context transfer.
– Difficult to solve back in network, alternatives unappealing:
• Context transfer flooding.
• Selective context transfer based on tracking of mobile node’s routes.
• Initial URP registration provides Mobile Node with something like a
lightweight encrypted capabilities token, the possession of which is
sufficient to identify the Mobile Node as authorized for a collection of
network level services.
– Each router examines token, grants Mobile Node’s packets the requested
service if allowed.
– Router acts as both PDP and PEP since Mobile Node’s initial packets
contain authorization token.
Problem Statement:
Authentication Challenge
• The network requires some means to issue a lightweight
challenge the Mobile Node to authenticate, for example,
after handover
• The Mobile Node requires some means to challenge the
network.
– Especially true for 802.11, where anybody can set up an access
point (e.g. fake bank teller problem).
• Initial URP exchange sets up.
– URP RA provides the Mobile Node with a cryptographically
protected response token to present when challenged.
– Mobile Node provides URP RA with a cryptographically protected
response token with which to reply when challenged.
Motivation: Privacy
• Network operator or user may want to hide the fact that a
particular mobile is in a particular subnet.
– Can’t use IPv6 <subnet id,interface id> for IP address.
• Draft talks about using an identity token.
– Possible but better ways to do this (e.g. SUCV, BAKE, etc.).
– Somewhat half baked.
• BUT...URP can provide the vehicle for setting up initial
conditions (keying, etc.).
Requirements
• Provide a means whereby a Mobile Node’s
packets can securely prove authorization for a
particular network level service after handover
without requiring an extensive protocol exchange.
• Provide a secure authentication tokens whereby a
Mobile Node can challenge the network after
handover, and the network can challenge the
Mobile Node.
• Set up initial conditions for masking Mobile
Node’s location and origin.