IGD Working Committee Update

1
IGD Working Committee Update
Ulhas Warrier Chair, IGD Intel Corporation
2
Outline

• IGD v1.0 recap
• IGD v2.0 objectives
• WLAN Enrollment Scenario
• Working Committee Status

3
Internet Gateway Device 1.0

• v1.0 approved in Nov 2001
• Several IGD products in the market
• Different connection types supported
• PPPoE, PPPoA, IP-Routed
• Multiple WAN connections
• Access to gateway info
• Data rate, connection status
• Automatic NAT-traversal

4
UPnP IGD Example for NAT traversal
Peer Game System on Internet
NAT using WAN address
Home LAN
IGD
Game Host with private LAN IP address
Tell peer to send packet to IGDs WAN address
5
Internet Gateway Device 2.0

• Committee formed in Q2 2002
• Two-fold Charter
• Future IGD needs IGD DCP
• 802.11 access point configuration AP DCP
• Current focus mostly on AP DCP
• Completion targeted by Q1 03
• First plugfest in October 2002
• Group has weekly teleconference meetings
• Current active participants Broadcom,
  GlobeSpanVirata, Intel, LG, Microsoft, Thomson

6
IGD DCP 2.0

• IPv6 support
• Existing services modified for IPv6
• New services firewall configuration
• IGD v1 enhancements
• Support for configuring IP Forwarding
• Port mapping additions

7
Access Point DCP

• Simplify Access Point setup
• Initial configuration
• Diagnostic information
• Make enrollment of new clients easy
• Devices with no UI
• Guest clients
• Additional access points
• Enable deployment of stronger link security
• Privacy important as WLAN usage increases
• Make link security setup easy, including 802.1x

8
Access Point UPnP Services
WLANAccessPointDevice
WLANConfigurationService required
WLANAuthenticationService conditionally required
DeviceSecurity required
9
AP Configuration Service

• Common way to programmatically access AP
  information
• SSID
• AP mode repeater or not
• Valid channel set
• Physical location of the access point -
  Longitude-latitude, location address as in
  street, city, state, zip
• Auto-fallback rate, Possible data rates
• WEP encryption level, Default WEP key, WEP keys
  (1 to 4)
• Configuration Status
• Total number of connected clients
• Some of the configuration actions will be secured
• E.g. setting of WEP key

10
AP Authentication Service

• Maintains WLAN client list
• Username
• Credentials (Password)
• Access restrictions
• Simple, common interface to update client list
• Notifies user of authentication attempt from new
  clients
• All actions will be secured

11
Enrolling an 802.11 Client
PC1
Dev1
Secure UPnP
Console PC

• User prompted on PC1 for 802.1x authentication
  password

Username __Dev1__ Password ________

• User enters info provided by Dev1 vendor
  (chassis/manual)

• PC1 informs AP about successful validation

Device without UI easily enrolled into secure WLAN
12
Setting up Console PC
PC1
Secure UPnP established
Username ________ Password ________

• User prompted for 802.1x authentication
  information

• User enters info given by AP vendor
  (chassis/manual)

AP ID WLP1234

• AP identifier string displayed to user

• User can configure AP securely from PC1 anytime

PC1 becomes the secure console for AP
13
Access Point DCP Status

• Configuration Service 0.45
• Ready for first plugfest
• Repeater setup next focus
• Authentication Service 0.2
• Discussion on optional/required status
• Alignment work with other forums
• SSN and IEEE TGi
• WECA
• Dependency on UPnP Security

14
Demo

• Enrolling into secure WLAN

15
For the interconnected lifestyle