Media Independent Handover Services



Yüklə 99 Kb.
tarix29.09.2018
ölçüsü99 Kb.
#71085



Project

IEEE 802.21 Media Independent Handover Services

<http://www.ieee802.org/21/>

Title

MEDIA INDEPENDENT HANDOVER


Date Submitted

May, 2005

Source(s)

802.21 Contribution




Re:

21-05-0xxx-00-0000-802-1al-proposed-secure-id.doc

Abstract

Proposed Project 802.1al Secure Device Identity

Purpose

Introduce a Question about Secure Device Identity

Notice

This document has been prepared to assist the IEEE 802.21 Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.

Release

The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that IEEE 802.21 may make this contribution public.

Patent Policy

The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual <http://standards.ieee.org/guides/opman/sect6.html#6.3> and in Understanding Patent Issues During IEEE Standards Development <http://standards.ieee.org/board/pat/guide.html>.


List of Contributors


Name



Company


Address


Phone


Email

David Hunter

Vetronix \ ETAS \

Robert Bosch









hunter@timefactor.com



Table of Contents


1 Overview 4

1.1 Resources 4



2 Proposed Project 4

2.1 Scope 4



3 802.1al Five Criteria Highlights 5

1Overview

A new project, 8021al, is being proposed in IEEE 802.1. As usual, this proposal for an 802.1 task group is to create normative text for modification of the 802.1 standard.


The purpose of this IEEE 802.21 document is simply to solicit review and comments from the 802.21 Working Group. Do you believe this proposed 802.1 Task Group is taking up material relevant to 802.21? Do you have an opinion on its usefulness to or impact on 802.21? Should 802.21, as a group, express a comment about the formation of 802.1al?

1.1Resources

Copies of the 802.1al PAR and 5 Criteria are on the IEEE 802.21 website:

new-borza-viega-secure-device-identity-par-0405.doc

new-borza-viega-secure-device-identity-five-criteria-0405.doc



2Proposed Project

2.1Scope



13. Scope of Proposed Project:

This standard specifies unique per-device identifiers (DevID) and the management and

cryptographic binding of a device to its identifiers, the relationship between an initially

installed identity and subsequent locally significant identities, and interfaces and methods

for use of DevIDs with existing and new provisioning and authentication protocols.


    1. Purpose and Reason


14. Purpose of Proposed Project:

There is presently no standard identifier for IEEE 802 devices that is cryptographically

bound to that device, nor is there a standard mechanism to authenticate a device’s

identity. A verifiable unique device identity allows establishment of the trustworthiness

of devices. This facilitates secure device provisioning.
15. Reason for the Proposed Project:

It is desirable to authenticate entities attached to a network in a secure fashion; e.g., by

mans of the mechanisms defined in IEEE Std 802.1X. A standardized device identity

facilitates interoperable secure device authentication. User organizations have identified

this as a desirable capability to simplify and standardize security management in their

networks. The IETF has identified DevID or an equivalent capability as an enabling

component of a solution to security issues in several of their protocols, e.g. ARP. DevID

is specifically conceived to address this need.




    1. Timing


11. …Expected Date of Submission for Initial Sponsor Ballot: 2007-03-31

12. Projected Completion Date for Submittal to RevCom: 2007-12-31

3802.1al Five Criteria Highlights



1. Broad Market Potential

A standards project authorized by IEEE 802 shall have a broad market potential. Specifically, it shall have the potential for:



  1. Broad sets of applicability.

  2. Multiple vendors and numerous users

  3. Balanced costs (LAN versus attached stations)

DevID has applicability to every IEEE 802 protocol. All networks go through the process of provisioning devices to the network. It is increasingly desirable to authenticate entities attached to the network in a secure fashion, e.g. 802.1X. DevID is specifically conceived to address this need.


The IETF has identified DevID or an equivalent capability as an enabling component of a solution to security issues in several of their protocols, e.g. ARP.
The LinkSec Task Group has representation from multiple vendors all of whom are interested in providing and using this capability. A standardized device identity facilitates interoperable secure device authentication. User organizations have identified this as a desirable capability to simplify and standardize security management in their networks.
DevID will provide its capabilities at low cost relative to the cost of a Silicon MAC integrated circuit, e.g. storage on the order of 1 KB in its minimal configuration, while providing sufficient trust.

.


5. Economic Feasibility

For a project to be authorized, it shall be able to show economic feasibility (so far as can reasonably be estimated), for its intended applications. At a minimum, the proposed project shall show:



  1. Known cost factors, reliable data.

  2. Reasonable cost for performance.

  3. Consideration of installation costs.



  1. Experience with DOCSIS shows that secure device identity may be added to highly cost sensitive devices at minimal additional equipment cost

  2. Moreover DevID enabled devices can be incrementally deployed, and thus do not incur large one time capital expenditures before any benefits are realized. Existing devices that do not have DevID capabilities will continue to operate as at present, while DevID enabled devices may be deployed on existing networks while taking advantage of enhanced capabilities as they are deployed in the network.

  3. DevID has the potential to be added as a retrofit capability to existing hardware in some contexts.

  4. Secure device identity has been shown to play a significant role in reducing operating expenses by providing reliable device tracking, equipment history logs, etc.




Yüklə 99 Kb.

Dostları ilə paylaş:




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət

    Ana səhifə