Doc.: 802_Handoff_Linksec_Presentation Submission May. 2003 David Johnston, IntelSlide 1 802 Handoff LinkSec Handoff Issues? David Johnston [email protected]

May. 2003

David Johnston, IntelSlide 1

doc.: 802_Handoff_Linksec_Presentation

Submission

802 HandoffLinkSec Handoff Issues?

David Johnston

[email protected]

[email protected]

May. 2003



Submission

First Session of 802 Handoff ECSG Launched, May 2003

• Attendance– Monday – 30– Tuesday – 19– Thursday – 22

• Total Attendance – 45

• 29 Separate organizations represented

May. 2003



Submission

Officers• Chair

– David Johnston, Intel

• Reluctant Recording Secretary– Paul Lin, Intel

• Vice Chair– None, volunteers welcome

May. 2003



Submission

Charter• Consider the possibility of specifying a

common handoff framework application to 802 standards, wired and wireless

• Consider placement of work (In a new working group or 802.1)

• Authorized to draft a PAR

May. 2003



Submission

Objectives

• Define scope and requirements– May work with all MACs and PHYs

• Without unnecessary overhead• 802.x 802.y (where x could equal y)• 802.x non 802

– Consider how to address Authentication and Security• Within the PAR? Coordinated with Link Security group

• Specify a framework that 802 MACs can adopt– MAC SAP Messages– MIB Entries– Other?

May. 2003



Submission

What it is not

• It is not proposed to implement a protocol for handoff– We are at the link layer. What are we handing

off?– Entire problem cannot be solved at layer 2

• So this is not a handoff standard!

May. 2003



Submission

Scenario• Multi interfaced device

– Docked Laptop with 802.3, 802.11 and 802.16e– Mobile IP session being used for VoIP and web traffic

• Laptop undocks– Needs to make a timely decision to switch to 802.11

and attach to a suitable AP.– Existing traffic should suffer minimum interruption

• Laptop moves out of building– Needs to make a timely decision to switch to 802.16e

and choice a suitable BS– Existing traffic should suffer minimum interruption

May. 2003



Submission

What it is• Focus is on

– Enabling good handoff decisions• Handoff decision data with interface

– Signaling appropriately to L3 handoff capable entities• L2 triggers

• Wired and Wireless– 802.3 to 802.[11/15/16] are important cases

May. 2003



Submission

(very) Simplified Anatomy of a Handoff

• Something somewhere up the stack agrees, in its own way to handoff from one place to another– E.G. Mobile IP

• Consequently, down at the link layer, an attachment switches from one place to another– Association-authentication-authorization in one of

several possible orders and flavors

– Either by picking a new attachment point for an interface, or picking a new interface

May. 2003



Submission

The blocking behavior of 802.1x

• 802.1x allows access to the MAC• Blocks access to all LSAPs above the LLC except for

EAPoL until authentication has completed– So only MAC signalling and EAP available prior to authentication– This takes advantage of the common MSDU transport capability

of different 802 networks.– A mechanism applicable to diverse 802 network types could not

be codified in existing MAC signaling or EAP

• So current 802 authentication practice impacts on the transfer of handoff related information prior to authentication

May. 2003



Submission

Pre – auth Requirements• Prior to attempting to authenticate, the mobile

node may want to know whether it is worth the effort– Does the AP support my L3 network needs?– Do I have a payment method, auth protocol,

subscription that will work on the candidate AP?– Can my QoS needs be met?

• It would be nice for the conduit for this information:– To not be blocked prior to authentication– To be applicable to diverse 802 network types

May. 2003



Submission

Extending the auth model be extended to support Handoff

• Extend set of pre authentication unblocked things from:– MAC signalling– EAPoL

• To:– MAC signalling– EAPol– Non sensitive handoff related data

May. 2003



Submission

For Example• Extend the unblocked fork of 802.1x

802.2 802.2

EAPoLL3 L3 L3

Non SensitiveHandoff Information/Protocol/negotiationL3

May. 2003



Submission

So: One requirement

• Don’t make it impossible for the definition of the distribution of media independent handoff decision data prior to authentication– Allows mobile nodes to handoff based on good

information– Enables mobile nodes to choose who they

should bother authenticating to.

Documents

Doc.: 802_Handoff_Linksec_Presentation Submission May. 2003 David Johnston, IntelSlide 1 802 Handoff LinkSec Handoff Issues? David Johnston [email protected]