Re: [802.21] Two categories of "security"
I understand the general problem of security bindings in roaming
architecture. As far as I know, the problem has been solved by each
roaming architecture that require security bindings among
communication components. In a roaming architecture where EAP is used
for network access authentication, a bootstrapping mechanism has been
defined for each roaming application such as link-layer security and
Mobile IPv6, using EAP keying. On the other hand, 3GPP has GBA for
bootstrapping 3GPP application security from UMTS AKA.
A bigger question in terms of 802.21: In which roaming architecture(s)
should MIH services be provided?
Yoshihiro Ohba
On Thu, Oct 11, 2007 at 05:57:49PM -0700, Clint Chaplin wrote:
> All,
>
> The 802.21 architecture as it currently exists has two problems in the
> security domain to be solved.
>
> One is the problem of handing off the security of communication
> channel as the device roams; it looks like most of the current effort
> in the study group is focused on this problem (use cases, roam cases,
> etc.)
>
> The other problem that needs to be solved is binding the various
> components of the roaming architecture with secure bindings. The
> 802.21 draft architecture has several components as part of the
> infrastructure, and we need to solve the problem of making sure these
> components are securly bound together and their inter-component
> communications is secure.
>
>
> --
> Clint (JOATMON) Chaplin
> Principal Engineer
> Corporate Standardization (US)
> SISA
>