Mobile IPv6 Bootstrapping Architecture using DHCP

draft-ohba-mip6-boot-arch-dhcp-00

Yoshihiro Ohba, Rafael Marin Lopez,

Mayumi Yanagiya, Hiroyuki Ohnishi and Kuntal Chowdhury

Mobility Service, Network Access Service and AAA

• Integration of a bootstrapping architecture with AAA infrastructure is needed– Operators rely on AAA protocol to provide authentication,

authorization and accounting functionalities for their subscribers of services

• The services include network access service and mobility service

• In many cases, AAA for network access (AAA-NA) occurs before AAA for mobility service (AAA-MS)

• It is reasonable to consider a scenario where there is some dependency between AAA-NA and AAA-MS

Two Minimum Sets of Seed Information

• Parameter Set 1:– The domain name or FQDN of the home agent– IKE credentials

• Parameter Set 2:– Network access credentials

• draft-ohba-mip6-boot-arch uses Parameter Set 2

Basic Architecture

AAA-NAServer

DHCPServer

NASMobileNode/DHCPClient

AAA-MSServer

HomeAgent

Serving or Home MSP

Serving or Home MSPASP or IASPAAA protocol

AAA protocol

Network accessauthentication

protocol

AAA protocol

DHCPv6

protocol

protocol

AAA protocol

Basic Architecture (cont’d)• DHCP server in the visited network is used for delivering bootstrap

information to MN– The visited network may be the home network

• DHCP delayed authentication is used for integrity protected delivery of bootstrap information– DHCP delayed authentication key is also bootstrapped from AAA-NA– Alper’s comment: DHCP authentication problem can be separated

• NAS and/or DHCP server in the visited network is aware of MIPv6 service (but they do not need to speak MIPv6)

• Two models exist depending on who is AAA-MS client– Model 1: DHCP server as AAA-MS client

• DHCP server directly communicates with AAA-MS server to obtain MIP6 bootstrap information

– Model 2: NAS as AAA-MS client• NAS communicates with AAA-MS server to obtain MIP6 bootstrap

information• NAS passes the obtained bootstrap information to DHCP server

Model 1(DHCP Server as AAA-MS Client)

Client

AAAInfrastructure

NAS

DHCPServer

HomeAgent

Network AccessClient

DHCPClient

MobileNode

DHCPKey

(1’)AAA-NA

(1)Network AccessAuthentication

Protocol

(2) DHCPv6 withDelayed

Authentication

MIP6 bootinfo{HA [,HoA or HoL]}

MIP6 bootinfo{HA [,HoA or HoL], DHCP-key}

(2)AAA-MS

(3)IKE

MIP6 bootinfo{[HoA or HoL]}

(2)AAA-MS

MIP6 bootinfo{IKE credentials [,HoA or HoL]}

AAA-Key

Model 2(NAS as AAA-MS Client)

Client

AAAInfrastructure

NAS

DHCPServer

HomeAgent

Network AccessClient

DHCPClient

MobileNode

DHCPKey

(1’)AAA-NA(2)AAA-MS

(1)Network AccessAuthentication

Protocol

(2’) DHCPv6 withDelayed

Authentication

MIP6 bootinfo{HA [,HoA or HoL]}

MIP6 bootinfo{HA [,HoA or HoL] [,DHCP-key]}

(3)IKE

MIP6 bootinfo{[HoA or HoL]}

(2)AAA-MS

MIP6 bootinfo{IKE credentials [,HoA or HoL]}

MIP6 bootinfo{HA [,HoA or HoL], AAA-Key [,DHCP-key]}

Mapping to Bootstrapping Scenarios

• Bootstrapping problem statement draft identifies four cases– Mobility Service Subscription Scenario– Integrated ASP (IASP) Scenario– Third-party MSP Scenario– Infrastructure-less Scenario

• Some scenarios do not assume relationship between AAA-NA and AAA-MS– Mobility service subscription scenario and infrastructure-less

scenario are not supported in this bootstrapping architecture

• This architecture is intended for IASP scenario and third-party ASP scenario

Integrated ASP Scenario (Model 1)IASP (ASP+MSP)

AAA-NAServer

AAA-MSServer

MobileNode

HomeAgent

NAS/DHCPServer

AuthenticationAuthorization for NA

Parameter Req.

AAA-NA

AAA-NA

DHCP Req.

DHCP Rep.IKEv2

IKEv2

Parameter Req.

Authorization for MS

NA Req.

NA Rep.

IKE credentials

Integrated ASP Scenario (Model 2)IASP (ASP+MSP)

AAA-NAServer

AAA-MSServer

MobileNode

HomeAgent

NAS/DHCPServer

AuthenticationAuthorization for NA Parameter Req.

AAA-NA

AAA-NA

DHCP Req.

DHCP Rep.IKEv2

IKEv2

Parameter Rep.

Authorization for MS

NA Req.

NA Rep.

IKE credentials

Third-Party MSP Scenario (Model 1)ASP Serving MSP Home MSP

AuthenticationAuthorization for NA

Parameter Req.

AAA-NA

AAA-NA

NA Req.

NA Rep.

DHCP Req.

DHCP Rep.

IKEv2

IKEv2

Parameter Req.

Authorization for MSIKE credentials

AAA-NAServer

AAA-MSServer

MobileNode

HomeAgent

NAS/DHCPServer

Home MSP is integrated with ASP, OR Home MSP has roaming agreement with ASP

Third-Party MSP Scenario (Model 2)ASP Serving MSP Home MSP

AuthenticationAuthorization for NA Parameter Req.

AAA-NA

AAA-NA

NA Req.

NA Rep.

DHCP Req.

DHCP Rep.

IKEv2

IKEv2

Parameter Rep.

Authorization for MS

IKE credentials

AAA-NAServer

AAA-MSServer

MobileNode

HomeAgent

NAS/DHCPServer

Home MSP is integrated with ASP, OR Home MSP has roaming agreement with ASP

Other Bootstrapping Architectures(draft-yegin-mip6-aaa-fwk)

• Uses home agent as AAA-MS client

• Assumption: HA address is somehow known to MN (e.g., pre-configuration, DNS SRV record)

• Simplest but operators want to provide flexibility in assignment of HA address– E.g., assigning different HA depending on the

profile of subscriber

Other Bootstrapping Architectures(draft-giaretta-mip6-authorization-eap)

• Uses EAP for conveying bootstrapping information between MN (EAP peer) and AAA-NA server (EAP server)

• The bootstrapping procedure is transparent to access network

• Potential complexity for multiple-domain case

Security Considerations

• Question: Is it valid to use DHCP in ASP to deliver HA assigned by MSP?– If the ASP and MSP are separated, the MSP might not

want to expose bootstrapping information to other providers

• Answer: The bootstrapping information can be encrypted based on SA between MN and AAA-MS server– The DHCP server can deliver the encrypted

information to mobile as opaque data if such an option is defined

Open Issues

• When multiple MSPs are able to assign HA to MN, how to determine which MSP should be the assigner(s)?– This case could happen in a hybrid case of IASP scenario and

third-party scenario (i.e., AAA-MS servers exist in both ASP and home MSP)

• Model 1 might have some security issue– If there is no coordination between AAA-MS client (DHCP

server) and AAA-NA client (NAS), AAA-MS procedure is performed without authentication

– A DHCP server would initiate AAA-MS without making sure whether the requesting MN has been authorized by the NAS in the AAA-NA procedure

Next Step

• If the architecture is relevant, make it part of the entire bootstrapping architecture– This architecture is NOT the only solution

• Resolve the open issues

Thank you!