LinkSec Architecture - PowerPoint PPT Presentation

About This Presentation
Title:

LinkSec Architecture

Description:

LinkSec Network Model A Provider IEEE 802 ... of Management frames LinkSec Architecture ... of LinkSec Support for Handoff between NAPs No ... – PowerPoint PPT presentation

Number of Views:23
Avg rating:3.0/5.0
Slides: 9
Provided by: ieee802Org
Learn more at: https://www.ieee802.org
Category:

less

Transcript and Presenter's Notes

Title: LinkSec Architecture


1
LinkSec Architecture
  • Robert Moskowitz
  • ICSAlabs

2
LinkSec Network Model
  • A Provider IEEE 802 Infrastructure
  • Provider Links
  • Cross-Provider Links
  • Network attachment points
  • Jointly controlled by Provider and Subscriber
  • Network Authentication
  • Link Authorization
  • Link privacy and integrity

3
Provider View Of LinkSec
  • Support billing
  • No money, no network
  • Subscriber and cross-provider
  • Legal obligations
  • Subscriber expectations
  • Legal intercept function of deployment, not
    protocols
  • Control access to Network Attachment Points

4
Subscriber View of LinkSec
  • Network exists to service Subscribers
  • LinkSec exists to protect Subscribers
  • Trust in Network
  • Authenticate the Provider
  • Restriction of exposure
  • Trust in billing
  • Only charged for real usage

5
Business-Driven Requirements
  • Provider Network centric
  • IEEE 802 networks only
  • Provider link protection
  • Intra-Provider, Inter-Provider, Subscriber to
    NAPs
  • Authentication always needed
  • Helps limit miss-use of network
  • Privacy and Integrity protection

6
Business-Driven RequirementsNot Included
  • Link Transparency
  • Virtual, trusted links across hostile bridges
  • See Norms comments
  • Impact on multi-party Adhoc networks
  • Legal Intercept
  • Solved by deployment methodology not provisions
    in LinkSec

7
Requirements Details
  • Multi-link model
  • Each node has N points of connection
  • N 1 is the degenerate case
  • Consider all links as ephemeral
  • permanent links are just long-lived ephemeral
    links
  • Bi-directional nature of Authentication
  • Both ends of a link authenticate the other even
    though one side starts the authentication
  • Mutual Authentication is not always bi-directional

8
More Requirements Details
  • Layer Signalling of LinkSec
  • Support for Handoff between NAPs
  • No direct support of Handoff mechanisms in
    LinkSec. I.E. Transparency
  • Privacy of Data frames
  • Integrity of Management frames
Write a Comment
User Comments (0)
About PowerShow.com