1 / 20

TGe Security @home

TGe Security @home. Bob Beach Symbol Technologies. Goals. Demonstrate how TGe baseline model is usable for SOHO environment Define how a product might work No additional protocols beyond those in the baseline Define model of KDC and Client operation. SOHO Environment. 1-2 Access Points

amanda
Télécharger la présentation

TGe Security @home

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TGe Security @home Bob Beach Symbol Technologies Bob Beach, Symbol Technologies

  2. Goals • Demonstrate how TGe baseline model is usable for SOHO environment • Define how a product might work • No additional protocols beyond those in the baseline • Define model of KDC and Client operation Bob Beach, Symbol Technologies

  3. SOHO Environment • 1-2 Access Points • 1-4 Mobile Units/PCs • No dedicated server • Static configuration • Little or no IS expertise but regular user of Internet and email • Some MUs may be also used in Enterprise • Other systems may be in range before/after installation Bob Beach, Symbol Technologies

  4. Problems to Solve • ESS definition • ESS discovery • KDC location • KDC configuration • KDC discovery • Username/password definition • Multiple AP operation Bob Beach, Symbol Technologies

  5. ESS Definition • By default AP uses its MAC address as the ESS • Send out in beacons with ESN security bit set • APs default to ESN mode • Channel is selected at random but may use TPC/DFC mechanisms Bob Beach, Symbol Technologies

  6. ESS Discovery • MU collect ESS by listening to beacons • Listen on each channel for a short time • Save list of ESSes in nonvolatile storage along with status • MU may collect many ESSes, most of which will prove to be ultimately uninteresting Bob Beach, Symbol Technologies

  7. KDC Location • Each AP has a mini- KDC as well as IAkerb • Much code is common with own authentication routines • Mini-KDC does not consume a lot of space • 32- 64KB code space • few KB for recent ticket storage • space for 8 username/password combinations in non volatile memory (8 * 32 bytes = 256B) Bob Beach, Symbol Technologies

  8. KDC configuration • Realm = ESS = AP MAC address • KDC contains 1 predefined “user” • Null name with AP unique string as its password • String is unique for each AP and is attached to AP chassis (e.g. stick-on label) • String can be any sequence of characters/digits. Assume text strings of interesting phrases (“ColuMBus -1492”) with random capital letters Bob Beach, Symbol Technologies

  9. KDC Discovery • MU defaults to ESN mode • MU discovers KDC and realm using TGe defined mechanisms of probe/probe response Bob Beach, Symbol Technologies

  10. Username/Password Definition • Many ways to do this using another protocol: • Telnet, special user application, etc. • But goal was to use only TGe protocols • Basic approach is to use first session key of new user as password for future accesses Bob Beach, Symbol Technologies

  11. The User Definition Sequence (1) • User runs local application to define self • Comes on installation CD • Application builds ESS list • Application prompts for two items; • User name • AP unique string • Application directs NIC to associate with each ESS Bob Beach, Symbol Technologies

  12. The User Definition Sequence (2) • NIC associates with each ESS and tries to authentication using new name and AP string • KDC on each AP receives name in AS_REQ • Will not find user name in storage • Attempts to decode using AP string name as password • If fails, rejects AS_REQ • If okay, generates AS_REP • If already in data base, will also fail to decode since password is unlikely to match Bob Beach, Symbol Technologies

  13. The User Definition Sequence (3) • If rejected by AP, application/NIC marks ESS as “uninteresting” for future use • If rejected by all known APs, complain to user (probably user entry error) • If accepted by an AP, decrypt ticket and request WLAN service using TGS-REQ • TGS-REP will contain session key Bob Beach, Symbol Technologies

  14. The User Definition Sequence (4) • KDC notes user name as “new user”. When it receives TGS -REQ and allocates session key, it will save that key as password for new user name. • The MU application likewise saves session key as password. May give to user or store in nonvolatile storage. • The MU application also tags ESS as “interesting” • The MU application now restarts the authentication process using new password Bob Beach, Symbol Technologies

  15. Multiple AP Operation • Assumptions: • All APs are controlled by same user • APs are on same subnet and can communicate at MAC layer to one another • Don’t need to worry about unauthorized wired access to APs • All APs have common and well known text string • APs do not have IP addresses Bob Beach, Symbol Technologies

  16. Multiple AP Options • Let each AP be own ESS/realm and require MU to register with each • Requires users to register twice • Roam between ESS, but only two • Make one AP the KDC and others use it • Requires one new protocol (ap-ap) Bob Beach, Symbol Technologies

  17. Multiple AP Operation (1) • User begins by selecting one AP as the master. • This is one whose AP unique string is used to define new users. • All APs begin assuming they are the KDC and so are able to process AS_REQ • When first AP gets a user, it claims to be the KDC via a packet on the wired network. Other APs hear it and disable their KDCs Bob Beach, Symbol Technologies

  18. Multiple AP Operation (2) • Those APs attempt to authenticate with the KDC. They do so using only MAC level packets (just like MUs) • They use their MAC address as both the username and password. • The KDC will accept them via the same model for first time users (MAC address authentication yields session key that becomes the new password). Bob Beach, Symbol Technologies

  19. Multiple AP Operation (3) • This does yield APs with different user names and password and so makes client life a little harder on roaming (but only 2 APs to roam between and so could cache tickets for both). Bob Beach, Symbol Technologies

  20. Summary • TGe security model works in the SOHO • For single AP case no additional protocol support required • A miniKDC can fit on the AP and can support new user definition with only minor changes • Clients use authentication to drive association decisions • After initial configuration, clients operate per TGe security model. Bob Beach, Symbol Technologies

More Related