21-08-0006xx-030-0sec-security_sg_par.doc
Project / IEEE 802.21 MIHOTitle / 802.21 Security PAR
Date Submitted / January 16, 2008
Source(s) / Yoshihiro Ohba (Toshiba)
Re: / IEEE 802.21 Session #24 in January 2008
Abstract / This documentdescribes 802.21 security PAR
Purpose / Security Study Group discussion
Notice / This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
Release / The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.21.
Patent Policy / The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual and in Understanding Patent Issues During IEEE Standards Development
The PAR Copyright Release and Signature Page must be submitted by FAX to +1-732-875-0695 to the NesCom Administrator.
If you have any questions, please contact the NesCom Administrator.
Once you approve and submit the following information, changes may only be made through the NesCom Administrator.
Submittal Email:Type of Project: Security Extensions to Media Independent Handover Services
1.1 Project Number: TBD by WG Chair
1.2 Type of Document: Standard
1.3 Life Cycle: Full
1.4 Is this project in ballot now? No
2.1 Title of Standard: Standard for Local andMetropolitan Area Networks:
Media Independent Handover Services - Security Extensions to Media Independent Handover Services.
3.1 Name of Working Group: Media-Independent Handover Services Working Group
Contact information for Working Group Chair
Vivek G. Gupta
Email:
Phone: 408-765-7766
Contact Information for Working Group Vice Chair
MichaelG.Williams
Email:
Phone: xxx-xxx-xxxx
3.2 Sponsoring Society and Committee:IEEE Computer Society/Local and Metropolitan Area Networks (C/LM)
Contact information for Sponsor Chair:
Paul Nikolich
Email:
Phone: 857-205-0050
Contact information for Standards Representative:
Email:
Phone:
3.3 Joint Sponsor:/ ()
Contact information for Sponsor Chair:
Email:
Phone:
Contact information for Standards Representative:
Email:
Phone:
4.1 Type of Ballot: Individual
4.2 Expected Date of Submission for Initial Sponsor Ballot:2010-11
4.3 Projected Completion Date for Submittal to RevCom: 2011-07
5.1 Approximate number of people expected to work on this project:30
5.3 Is the completion of this standard is dependent upon the completion of another standard: No
If yes, please explain:
5.4 Purpose of Proposed Standard:
- Define mechanisms that provide security signaling optimization during inter-technology handovers between 802 access networks and intra-technology handovers within 802 access networks across different administrative domains.
- Define mechanisms that provide security to MIH (Media-Independent Handover) protocol exchange based on a security association that is bound to a pair of mutually authenticated MIH entities.
5.5 Need for the Project:
- Optimization of security signaling, especially network access authentication signaling, isneededto realize session continuity for real-time applications inhandover scenarios where the mobile node must briefly break its activeconnection before being able to make a connection to the target accessnetwork.
- MIH-level security is needed to provide an adequate level of protection for the MIH protocol, which will eventually enable authorization for the MIH services in a secure manner. MIH level security will be an important factor to the providers that wants to deploy these MIH services in their networks without introducing new security threats.
5.6 Stakeholders for the Standard: Semiconductor manufacturers, mobile and wireless device manufacturers and network operators.
Intellectual Property
6.1.a. Has the IEEE-SA policy on intellectual property been presented to those responsible for preparing/submitting this PAR prior to the PAR submittal to the IEEE-SA Standards Board? Yes
If yes, state date: 2007-01-14
If no, please explain:
6.1.b. Is the Sponsor aware of any copyright permission needed for this project? No
If yes, please explain:
6.1.c. Is the Sponsor aware of possible registration activity related to this project? No
If yes, please explain:
7.1 Are there other standards or projects with a similar scope? No
If yes, please explain:
and answer the following: Sponsor Organization:
Project/Standard Number:
Project/Standard Date: 0000-00-00
Project/Standard Title:
7.2 Future Adoptions
Is there potential for this standard (in part or in whole) to be adopted by another national, regional, or international organization? No
If Yes, the following questions must be answered:
Technical Committee Name and Number:
Other Organization Contact Information:
Contact person:
Contact Email address:
7.3 Will this project result in any health, safety, security, or environmental guidance that affects or applies to human health or safety? No
If yes, please explain:
7.4 Additional Explanatory Notes: (Item Number and Explanation)
Notes on Items 5.4 and 5.5
- With regard to security signaling optimization during handovers, the project initially works on handovers between 802 networks to keep the work focused and to complete the work within a reasonable time frame. After completion of its initial work, the PAR of this project may be revised to support handover between 802 networks and non-802 networks.
- Security of the MIH protocol currently relies on the security of the underlying transport protocols without a mechanism to authenticate MIH entities. The lack of authentication of MIH entities shows weakness to the overall MIH protocol security of the MIH protocol and/or does not provide authorization for the MIH services. Thus, either a mechanism to bind the MIH protocol with the security of the transport protocols, or a mechanism to provide MIH entity authentication and protection to MIH protocol exchange based on a security association bound to the authenticated pair of MIH protocol entities is required.
8.1 Sponsor Information:
Is the scope of this project within the approved scope/definition of the Sponsor's Charter? Yes
If no, please explain:
1