1 / 4

Discussion Points for 802.21 Security [Input to 802.1AF]

Discussion Points for 802.21 Security [Input to 802.1AF]. Security in the MAC is more about wireless than wired today Some (proposed) link events today have different qualities for wired vs. wireless worlds: Link up (wired link vs. wireless association completed (or open port?))

napua
Télécharger la présentation

Discussion Points for 802.21 Security [Input to 802.1AF]

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Discussion Points for 802.21 Security [Input to 802.1AF] • Security in the MAC is more about wireless than wired today • Some (proposed) link events today have different qualities for wired vs. wireless worlds: • Link up (wired link vs. wireless association completed (or open port?)) • Link down (wired no data vs. wireless beacons etc) • Link_Going_Up (wired not possible? vs. Port in the making / tentative association) • Link changed bandwidth (wired went from 100 to 10 vs. wireless slow man on channel?)) • Link changed mode (wired duplex transition vs. wireless ack to block ack?) • Some events are wireless only: • Link changed QoS (wireless HCCA to EDCA transition, wired ?) • Link_Quality_Crosses_Threshold (wireless signal quality, wired ?) • Better_Signal_Quality_AP_Available • Some events are the same for both wired and wireless: • Link_Going_Down • Trigger_Rollback

  2. Discussion Points for 802.21 Security[Input to 802.1AF] • Some proposed link events could be asymmetric… • Link up (OPER up on one end only) • Link down (OPER down on one end only) • Link_Going_Up (OPER…) • Link_Quality_Crosses_Threshold (better antennae?) • Link_Going_Down (OPER…) • Better_Signal_Quality_AP_Available (sent one way only) • Might want to transmit any of these as status report from other end ? (Should there be remote registered client for push or pull model?) • … vs. the same on both ends of link • Link up (both ends fully plugged in, • Link down (failure of cable, one end fails) • Link changed bandwidth (negotiated) • Link changed mode (negotiated) • Link changed QoS (negotiated) • Trigger_Rollback (transmitted)

  3. Discussion Points for 802.21 Security[input to 802.1AF] • Might want to report any of these locally up from L2 to registered client • Current local registration for link events identifies client, logical interface and particular event • Current local delivery of link events provides report of event occuring, sometimes a data value (never the source MAC) • Current local delivery of link events can be gated by OPER state • Source of link events is not authenticated or authorized by local delivery mechanism • No need for security?

  4. Discussion Points for 802.21 Security[input to 802.1AF] Apply to transmitted signals or triggers (i.e. end to end). Generic threat analysis here due to lack of approved use cases. • DoS attacks • In wireless there is always PHY based DoS • So why spend energy preventing MAC based DoS • Protocol attacks • No new security protocols introduced, no increase in attacks • Association • Authentication • Heavyweight, only for association • Authorization • Heavyweight, only for association • Integrity • Relevant to wired side (yet less needed), not so on wireless? • Privacy / confidentiality • Must use existing encryption methods if used at all, due to scope; Hard to set up w/out latency inducing authentication

More Related