Session Policy Framework using EAP draftmccannsessionpolicyframeworkusingeap00'doc

About This Presentation

Title:

Session Policy Framework using EAP draftmccannsessionpolicyframeworkusingeap00'doc

Description:

Stephen McCann, Mike Montemurro. Overview. Service providers may have policies that apply to the media types, codecs etc ... draft-mccann-session-policy ... – PowerPoint PPT presentation

Number of Views:32

Avg rating:3.0/5.0

Slides: 12

Provided by: Stephen614

Category:

more less

Transcript and Presenter's Notes

Title: Session Policy Framework using EAP draftmccannsessionpolicyframeworkusingeap00'doc

1
Session Policy Framework using EAPdraft-mccann-se
ssion-policy-framework-using-eap-00.doc

IETF 76 Hiroshima
Stephen McCann, Mike Montemurro

2
Overview

Service providers may have policies that apply to
the media types, codecs etc negotiated for SIP
sessions.
SIP WG has defined a session policy framework
that defines a policy channel for mobile device
to communicate with a policy server to obtain
session policies during SIP session establishment
and modification
Currently uses SIP Event Notification mechanism
(RFC 3265) to realise the policy channel
SIP Event Notification mechanism is not
appropriate for bandwidth constrained links.
It is proposed to have an alternative realisation
of the policy channel using a new EAP TLV. This
could be also be used for other more general non
SIP applications where clients need to obtain
policies from a server using EAP.

3
Solution

Perform initial EAP exchange.
Store keying material from exchange, together
with relevant state information.
Re-use ERP
Encapsulate the Session Policy Exchanges within a
TLV (e.g. Policy Request Info Answer).
TLV is carried within ERP
Determine media authorization information, at L2,
in parallel to AAA authentication.
Media authorization can be implemented more
efficiently using EAP/ERP

4
Initialisation
5
Initialisation

(1) EAP Method Exchange (tunnel initialization)
An EAP exchange is performed between the mobile
device and the initial network component (e.g.
Packet Data Gateway) with the authentication
messages being forwarded to the home network AAA
server. A suitable EAP method is used to
establish a tunnel (e.g. EAP-FAST), from which
the relevant ERP key material is derived for
subsequent use.
(2) SIP registration with PCCh
Although not a part of the layer 2 exchange, it
is worth showing that SIP registration between
the mobile device and the PCCh (home PCC) occurs
at this point. Subsequent SIP level flows are not
shown.

6
Mobile Device Triggered
7
Mobile Device Triggered

(3) EAP-Initiate/Re-auth-Start
An ERP exchange is performed between the mobile
device and the INC (e.g. Packet Data Gateway)
with the authentication messages being forwarded
to the home AAA server.
(4) ERP (Policy Request)
The policy request message is then transported
within ERP (typically using a TLV) to the INC,
and then forwarded (using Diameter) to the PCCh.
(5) Policy-h
At the home AAA server, the home network policy
is determined for subsequent SIP sessions.
(6) AAA (Policy Request)
The home AAA server, then requests policy
information from all visited networks PCCs,
through which the SIP session will traverse,
utilizing a AAA Policy Request message.
(7) AAA (Policy Response)
Each visited PCC will then return its network
policy back to the home network, where the
session policy document is compiled.
(8) ERP (Policy Response)
The session policy document is returned to the
INC and is then encapsulated within ERP, before
being returned to the mobile device.

8
Network Triggered
9
Network Triggered

(9) AAA (Policy Change)
A visited PCC changes the session policy (most
likely whilst the mobile device session is
on-going) and indicates to the home network
server that a policy change has occurred.
(10) AAA (Policy Change Event)
The home network server, sends an Event message
to the INC (most likely within Diameter)
(11) EAP Initiate/Re-auth-Start
The INC then requests the mobile device to
execute ERP.
Message flow continues, as described in (4) and
(8).

10
Future Work