submission 15-10-0684-00-0psc slide 1 project: ieee p802.15 working group for wireless personal area...
TRANSCRIPT
Submission
15-10-0684-00-0psc<Sept 2010>
Slide 1
Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)Project: IEEE P802.15 Working Group for Wireless Personal Area Networks (WPANs)
Submission Title: [Integration WPAN with Operator’s Network]Date Submitted: [11 March, 2010]Source: [Cao Zhen, Liu Dapeng] Company [China Mobile Communications Corporation]Address [28 Xuanwumenxi Ave. Beijing, China]Voice:[+86-66006688], FAX: [+86-10-63601087], E-Mail:[{caozhen,liudapeng}@chinamobile.com]
Abstract: [Mobile Terminals enable many new services and opportunities for the WPAN. It is desirable to integrate the WPAN with operator’s network in order to provide more precise and secure services.]
Purpose: [For information and discussion, considering including the requirements into the PSC PAR]
Notice: This document has been prepared to assist the IEEE P802.15. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.Release: The contributor acknowledges and accepts that this contribution becomes the property of IEEE and may be made publicly available by P802.15.
Submission
15-10-0684-00-0psc
Slide 2
Integrating WPANs with Operator’s Network
Zhen Cao, Dapeng Liu
September 10, 2010
<Sept 2010>
Submission
15-10-0684-00-0psc
Background: Mobile Terminals enable many opportunities for new WPAN services
Slide 3
Operator Networks
101000010000101
Operator Services or Internet Services
101000010000101
…….
WPAN
WPAN devices
<Sept 2010>
Submission
15-10-0684-00-0psc
Scenario: Integration WPAN Nodes to Operator’s Network
Slide 4
FFD
RFD
UMTS
Operator Core Network
Operator Services or Internet Services
Home 802.15 Network
• Home sensor sends the information via 3G fixed terminal and service platform to mobile users, or vise versa
• Without authentication and authorization, malicious nodes can
– Inject false data into the network, misleading decision makers;
<Sept 2010>
Submission
15-10-0684-00-0psc
Requirements
• Authentication– Operator can authenticate both the cellular device
and the peer devices within the PAN (directedly or indirectedly)
– Accounting the peer devices behavior
• Key management– Pairwise key between the peer and coordinator– Pairwise key between the peers – Group key among a group of peers and the
coordinator.
Slide 5
<Sept 2010>
Submission
15-10-0684-00-0psc
Current Practice
• Authenticating the PAN Coordinator to the operator’s network– Most of them are cellular enabled devices, and
already have this capability
• Authenticating all the devices within the PAN to the operator’s network– Most of them are not cellular friendly device, and
how to authenticating them is a challenge
Slide 6
<Sept 2010>
Submission
15-10-0684-00-0psc
Gap Analysis
What’s been done• Authentication
– Can authenticate the cellular devices
• Confidentiality – Keys available to encrypt the
data between cellular devices and
– Envelope available to encapsulate encrypted data
What’s not been done
• Authentication and accounting– Authenticate the peer
devices – Account the peer devices
• Confidentiality – No key management – No secure association
protocols – No group key association
Slide 7
<Sept 2010>
Submission
15-10-0684-00-0psc
Possible Directions of WPAN Authentication
• Open system – Admits any devices through the coordinator to access the
operator network
• Shared key authentication – Admits devices to demonstrate their knowledge of a shared
secret
• Extensible authentication– Asymmetric authentication using Public key cryptography– More extensible ways based on 802.1X and EAP
Slide 8
<Sept 2010>
Submission
15-10-0684-00-0psc
Authentication & Secure Association
Slide 9
SGSN HLRCoordinatorPeer
• Authentication to the operator’s core network• Secure association protocol
<Sept 2010>
Authentication Authentication
Secure Association Protocol
Submission
15-10-0684-00-0psc
Slide 10
Why a 15.4 amendment and what’s included
• Define the authentication framework for the 15.4 network
• Define the authentication MPDU frame for the 15.4 network
• Define the secure association protocol between peers and coordinator after successful authentication
<Sept 2010>
Submission
15-10-0684-00-0psc
Slide 11
Summary
• Background and scenario for authentication the WPAN nodes to the operator’s network
• Requirements and gap analysis
• Possible directions for the authentication framework
<Sept 2010>
Submission
15-10-0684-00-0psc
Slide 12
Questions?Thank You!
<Sept 2010>