1 / 10

WLAN Backend System Security and WLAN Interworking Security

WLAN Backend System Security and WLAN Interworking Security. Andrew Myers British Telecommunications (WNG-SC) 18 th March 2004. Introduction. Backend System Security WLAN Interworking Security Security of WLANs when interworking with external networks such as 3GPP etc.

barton
Télécharger la présentation

WLAN Backend System Security and WLAN Interworking Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WLAN Backend System Security and WLAN Interworking Security Andrew Myers British Telecommunications (WNG-SC) 18th March 2004 Andrew Myers, BT

  2. Introduction • Backend System Security • WLAN Interworking Security • Security of WLANs when interworking with external networks such as 3GPP etc... Andrew Myers, BT

  3. WLAN Interworking Security • The purpose of this presentation is to stimulate discussion on common approaches to securing backend systems within IEEE 802.11 for the development of WLAN platforms and the security of WLAN interworking • Why? …. A common security approach was adopted in the cellular or mobile networks with the primary reason to provide roaming capability which has proved to be very successful. • A common security approach is one criteria for establishing partnerships between operators. Security is often a key aspect of Service Level Agreements • Therefore the question is, does a common security approach need to be considered for guidance on developing WLANs? Andrew Myers, BT

  4. C Other Services Internet Corporate A VPN WLAN Back End System Security 802.11 Network Layer HSSP A Core Network Access Point FW Data Centre HSSP A Customer Inbound Firewall HSSP A Wireless LAN Hot Spot Andrew Myers, BT

  5. Data Centre & Core Network Nodes • Access Points • AAA Server • Diameter • Radius • Node Billing • TAP Records • Data Centre Network Components • Service Selection Gateways • Network Management Systems • Service Management Systems • Internal Firewalls • Access Point Controller [CAPWAP]? Andrew Myers, BT

  6. Security Mechanisms • 802.1X authentication for service segregation? • VPN Tunnels • IPSec • SSL • End User Management • Link Layer Key Management • Mechanisms for immediate Service Termination Andrew Myers, BT

  7. Computer Installations Computer Viruses Cryptography Data Comms and Networks Computer Development & Support Failure & Disaster Protection Interconnection Internet & Intranet Passwords & UserIDs PC Security Product Protection Information Management Data Protection Computer Media Handling Telecomms Fraud Alliances and Joint Ventures Generic Security Considerations Andrew Myers, BT

  8. 802.11 Network Layer C C HSSP A Core Network Access Point Data Centre HSSP A Customer Inbound Firewall HSSP A Wireless LAN Hot Spot IPSec Application Layer 802.11 Network Layer Firewall Internet Other Services Other Services Internet Corporate A VPN Access Point Data Centre HSSP A Customer Outbound Partner HSSP Core Network Partner HSSP Wireless LAN Hot Spot WLAN Interworking Security Andrew Myers, BT

  9. Open Questions • What consideration has been given by IEEE 802.11 to the security measures and mechanisms that need to be applied to the various network nodes on a WLAN platform? • Are there any other network nodes or security mechanisms that should be included? • Is the interworking scenario likely or feasible (especially in terms of security and scalability)? • Will / should the WIEN Study Group be addressing end to end security as well as interworking security? Andrew Myers, BT

  10. Summary • End to End Security • platform • service • WLAN Interworking Security • Security of interworking WLAN with other platforms e.g. GPRS, 3GPP etc... Andrew Myers, BT

More Related