Upload
kelley-watkins
View
233
Download
2
Embed Size (px)
Citation preview
Outline
• 計畫背景介紹– 無線區域網路 (WLAN) vs 行動電信網路整合趨勢– 國內外相關技術發展現況– WLAN vs 行動電信網路整合參考模型– “異質多接取網路下行動服務環境之建構”計畫
• 行動電信網路以 SIM 為基礎之認證加密方式• WLAN 以 SIM 為基礎之認證授權帳管機制
WLAN 及行動電信網路整合需求
• 行動電信網路( 2G 、 3G )整合需求– 行動數據服務未來的需求– 3G 執照與建置費用過高
• 無線區域網路( WLAN )整合需求– 客戶基礎– 涵蓋範圍– 身分辨識及計費機制
WLAN 及行動電信網路整合情境
• 3GPP TR 22.934 V6.0.0 (2002.9)– Feasibility study on 3GPP system to WLAN inter-working
• Scenarios– Common billing and customer care
– 3GPP system based Access Control & Charging
– Access to 3GPP system PS based services
– Service continuity
– Seamless services
– Access to 3GPP system CS based services
我國電信國家型計畫規劃方向
各個已在單一傳播環境最佳化的現有接取網路,
透過一---
接取整合機制---
作互連並提供在任何時間、
地點的無縫
(seamless)
接取服務
Source : 電信國家型計劃 B3G 規劃書
國外相關技術發展現況組織名稱 相關發展現況
3GPP - 3G 系統與 Mobile IP 之整合參考模型 :
Architectural Requirements for Release 1999 (TS23.121)
- 如何將 Mobile IP 與核心網路中的 GGSN 整合 :
Inter-working between the Public Land Mobile Network supporting Packet
Based Service and Packet Data Networks (TS 29.061 )
- 整合 Multi-Tier 系統的相關研究 :
Combined GSM and Mobile IP in UMTS
Feasibility Study on 3GPP System to Wireless Local Network Inter-working
3GPP2 與 Mobile IP 整合之網路架構與傳送資料所需之協定架構 :
Wireless IP Network Standard
ETSI 整合 Multi-Tier 系統的相關研究 :
Analysis of existing roaming techniques applicable to TIPHON mobility services
IST No Coupling 、 Loose Coupling 、 Tight Coupling 之網路整合模型
Other HP 、 Nomadix 、 iPass
WLAN 與行動電信網路整合參考模型• Open Coupling : Mobility Management
Source : IST EVOLUTE(2002)(seamlEss multimedia serVices Over alL IP-based infrastrUcTurEs)
Home Agent/ Foreign Agent/ SIP Registrar
WLAN 與行動電信網路整合參考模型 (Cont’)
• Loose Coupling : Mobility Management + AAA Integration
Source : IST EVOLUTE(2002)
AAA: Authentication Authorization Accounting
WLAN 與行動電信網路整合參考模型 (Cont’)
• Tight Coupling : WLAN is other radio access technologies
Source : IST EVOLUTE(2002)
WLAN 與行動電信網路整合參考模型比較Definition Advantages Disadvantages
No (Open) Coupling
- Completely independent access
networks
- Users have separate contracts for
each network
- Mobility management
- Rapid introduction
- No impact on GSN nodes
- Suitable for all WLAN
technologies
- Poor handover
performance
- No common
subscriber database
Loose Coupling
- Same AAA subscriber database
- Mobility management
- Common database simplifies
handling security, billing and
customer management
- No impact on GSN nodes
- Suitable for all WLAN
technologies
- Poor handover
performance
Tight Coupling
- WLAN connected to core
network in the same manner as
other radio access technologies
- SGSN and GGSN need to be
updated
- Improved handover
performance
- Only feasible if a
single operator
running both
networks
異質多接取網路下行動服務環境之建構
SGSN
HLR
RAN
GGSN
AAA Server(Radius/Diameter)
AccessController
Access
Point
WLANHome Agent
SIP Servers(Proxy Redirector Registrar)
RNC
電信網路 (GPRS 、 UMTS)
無線區域網路 (WLAN)
提供行動終端異質網路環境下之行動管理機制
提供快速及一致之認證、授權及帳務管理機制
WISP Domain
AAA-HLR Link
BSS
資策會 92 創新前瞻計畫 ( 經濟部補助委託 )
認證授權帳管 (AAA) 整合技術分項
• Objective : Providing SIM-based AAA in WLAN– Security & Trusty mechanism
– Convenient for account management
– Lower cost for WLAN roaming infrastructure construction
AAA: Authentication Authorization Accounting
Cellular Network
RNC SGSN
HLR
RAN
GGSN
Radius AAA ServerAccess
Controller
Access
Point
WLANIP Networks
AAA-HLRGateway
WLAN
Mobile Host with SIM card
BSS
Outline
• 計畫背景介紹• 行動電信網路以 SIM 為基礎之認證加密方式
– Authentication Method
– Authentication Architecture
– MAP (Mobile Application Part)
• WLAN 以 SIM 為基礎之認證授權帳管模型
SIM-based AAA in Cellular Network
• SIM is good to manage public users• SIM card is very confidential and portable easily• SIM card is authenticated by Operator (Single way)
A8 A3
Ki
RAND
SRESKc
A3 A8
Ki
MS(SIM_card)
KcSRESequal?
Operator Home System
Accept
Reject
Yes
No
A5Data A5 Data
Encrypted data
Authentication
SIM-based AAA in Cellular Network (Cont’)
AuCHLR
1. IMSI 2. IMSI
3. RAND, Kc, SRES4. RAND, Kc, SRES5. RAND
6. SRES’
Verify if SRES’ = SRES,accept or reject.
0. IMSI
SRES=A3(Ki, RAND)Kc=A8(Ki, RAND)
IMSI, Ki, RAND, A3, A8IMSI ,Ki ,A3, A5, A8
SRES=A3(Ki, RAND)Kc=A8(Ki, RAND)
MSCVLR
Client Side Operator Side
IMSI = MCC + MNC + MSIN
AAA-HLR Gateway
HLRVLROriginal Path
New Path
MAP(Mobile Application Part):3GPP TS 29.002
• MAP_RESTORE_DATA– Used for VLR to request HLR to send data in subscriber IMSI record
• MAP_INSERT_SUBSCRIBER_DATA– HLR provides VLR with subscriber parameters
• MAP_SEND_AUTHENTICATION_INFO– Used for VLR to retrieve (RAND/SRES/Kc) information from HLR
Parameter name Request ResponseInvoke id M M(=)IMSI CNumber of requested vectors CRequesting node type CRe-synchronization Info CSegmentation prohibited indicator CImmediate response preferred indicator UAuthenticationSetList CUser error C
MAP_SEND_AUTHENTICATION_INFO Parameters( M: Mandatory C: Conditional U: service-User )
Outline
• 計畫背景介紹• 行動電信網路以 SIM 為基礎之認證加密方式
• WLAN 以 SIM 為基礎之認證授權帳管模型– EAP-SIM– 802.1X– Radius/Diameter– AAA-HLR Gateway– Scenarios / Sequence Diagram
EAP-SIM
• Mutual authentication & Stronger keying information
• Re-Authentication (version 10), Privacy supportSupplicant
SIM
Kc SRES
Nonce
SHA1
HMAC_SHA1
K_int
Mac
Sres
Authentication Server
SHA1
HMAC_SHA1
Mac
Sres
Operator
RAND
Kc
SRES
HMAC_SHA1 HMAC_SHA1
equal?
equal?
A8 A3MK
PRF
K_sresK_encr
MK
PRF
K_int K_sresK_encr
Reference : draft-harerinen-pppext-eap-sim-5.txt (Nokia)
Challenge & Need
• To read data & run authentication algorithm from SIM card
– SIM card logical model & functions
– GemCore
• Build authentication infrastructure in WLAN for EAP-SIM
– 802.1x
– Radius
• To retrieve authentication information from HLR/AuC
– AAA-HLR Gateway (Radius to MAP translation)
SIM Card Logical Model & Functions
• File system in SIM card
– 3GPP TS 11.11 Specs of SIM-ME Interface
• Functions : ATR, PPS, APDU,..
802.1x
• IEEE 802.1x : Ported based Network Access Control• Three roles: Supplicant, Authenticator and AAA Server• Can work not only on 802.3 • EAP and Authentication server are employed.
– EAP is designed to allow additional authentication methods– Centralized user administration– Open, extensible and standards based
“Supplicant”Host
“Authenticator”Access Controller,Ethernet Switch etc “AAA Server”
RADIUSEAP message Over EAPOL(over 802.3, 802.5,802.11)
EAP message over RADIUS(over UDP of
802.3)
Uncontrolled port
Controlled port
Stacks of 802.1x-based Method
AAA ServerAuthenticatorSupplicant
802.11
RADIUS
UDP
802.3
EAPOL
802.11
EAPOL
EAP
Relay
IP
RADIUS
UDP
802.3
IP
EAP Methods
EAP
EAP Methods
Mobile Host Access Controller Radius AAA ServerAP
Radius AAA Server
• Remote Authentication Dial In User Service– Radius (RFC 2865)– Radius Accounting (RFC 2866)
• Key Features– Client / Server model– Network security– Flexible authentication mechanism (support PPP, CHAP, …)– Extensible protocol (attribute-length-value)
• Codes & Packets– 1 : Access Request– 2 : Access Accept– 3 : Access Reject– 11 : Access Challenge
Dial In User
NAS (Network Access Server)Client of RADIUS
RADIUS Server
AAA-HLR Gateway
• Functional Requirement
– Support Radius to MAP Translation
– Support EAP Methods
– Support Diameter Message (Optional)
• System Architecture
Driver
MTP Level 2
MTP Level 3
SCCP
MAP
Driver
Ethernet
IP
RADIUS
EAP
GMM AKA SIM
Protocol Signaling Translation
NIC T1/E1 Card
Radius to MAP Translation
• Procedure Mapping
• Message Translation
Radius - Gateway Gateway - HLR
Radius Access Request Send Authentication Info RequestRadius Access Challenge Send Authentication Info Response
Input from the RADIUS AAA server Output to the HLR
Packet type:Access-Request
Service-primitive type:MAP_SEND_AUTHENTICATION_INFO
Parameter Action Parameter Value
……
EAP-Message attribute M Mapping & Stored IMSI CGet from EAP-Message attribute
……
Input from the HLR Output to the RADIUS AAA server
Service-primitive:MAP_SEND_AUTHENTICATION_INFO_ack
Packet type:Access-Challenge
……
AuthenticationSetList C Mapping & Stored EAP-Message attribute M Mapping & Stored
……
Scenario 1 : MH with SIM Card
TCC Cellular Network
RNC SGSN
HLR
RAN
GGSN
Radius AAA ServerAccess
Controller
Access
Point
WLANIP Networks
AAA-HLRGateway
YAM WLAN
Mobile Host with SIM card
BSS
TCC Subscriber in P.WLAN deploy by YAM :MH with SIM card
IMSI
( RAND/SRES/Kc )
Scenario 2 : MH without SIM Card
One Time Password
Cell Phone
TCC Cellular Network
RNC SGSN
HLR
RAN
GGSN
Radius AAA Server
AccessController
AccessPoint
WLANIP Networks
AAA-HLRGateway
YAM WLAN
Mobile Host without SIM card
BSS
MSISDN
TCC Subscriber in P.WLAN deploy by YAM :MH without SIM card
Signaling Plan
SIM
EAP
EAP-OW
802.11
EAP-OW
802.11
Radius/Diameter
UDP
IP
Ethernet
L1
MAP
TCAP
SCCP
MTP3
MTP2
L1
Mobile Host Access ControllerAAA Server/
AAA-HLR GatewayHLR
SIM
EAP MAP
Radius/Diameter
TCAP
UDP SCCP
IP MTP3
Ethernet MTP2
L1 L1
Sequence Diagram
EAPoL_start(null)EAP_request(Identity)EAP_response(IMSI)
EAP_response(IMSI)
EAP_request(SIM-start)EAP_request(SIM-start)EAP_response(Nonce)
EAP_challenge (RAND, Mac)EAP_challenge(Sres)
EAP_response(Nonce)
Send Auth_Info_Ack(RAND, SRES, Kc)
EAP_challenge(Sres)
EAP_Success, key
EAP_Success
AC
VerifyMac
VerifySres
Mobile HostAP AS/Gateway HLR
HLR
Restore_Data Insert_Subs_Data
Insert_subs_Data_Ack
Send Auth_Info(IMSI)Restore_Data_Ack
EAP_challenge(RAND, Mac)
Send KeySend Key_Ack
Summary
• Algorithm for WLAN SIM-based authentication is implemented
– EAP-SIM
• Software to exchange data between SIM card and MH is implemented
• Authentication infrastructure in WLAN for EAP-SIM is build
– 802.1x
– Radius (freeRadius)
• “Radius to MAP translation” functionality on AAA-HLR Gateway is implemented