MIPSHOP E. Hepworth Internet-Draft Siemens Roke Manor Research Expires: April 20, 2006 G. Daley Centre for Telecommunications and Information Engineering S. Sreemanthula S. Faccin Nokia Research Center October 17, 2005 Problem Statement: Media Independent Handover Signalling draft-hepworth-mipshop-mih-problem-statement-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 20, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract There are on-going activities in the networking community to develop solutions for handover between heterogeneous wired and wireless access systems including, but not limited to, IEEE 802.21. Hepworth, et al. Expires April 20, 2006 [Page 1] Internet-Draft MIH Signalling October 2005 Intelligent access selection, taking into account link layer attributes, requires the delivery of a variety of different information types to the terminal from different sources within the network. The protocol requirements for this signalling have both transport and security issues that must be considered. The signalling must not be constrained to specific link types, so there is at least a common component to the signalling problem which is within the scope of the IETF. This draft presents a problem statement for this core problem. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Solution Components . . . . . . . . . . . . . . . . . . . . . 5 4. Requirements on the Mobility Service Transport Layer . . . . . 6 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Conclusions and Open Issues . . . . . . . . . . . . . . . . . 9 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 Intellectual Property and Copyright Statements . . . . . . . . . . 12 Hepworth, et al. Expires April 20, 2006 [Page 2] Internet-Draft MIH Signalling October 2005 1. Introduction This Internet Draft provides a problem statement for the exchange of information to support handover in heterogeneous link environments. This mobility support service allows more sophisticated handover operations by making available information about network characteristics, neighbouring networks and associated characteristics, indications that a handover should take place, and suggestions for suitable target networks to which to handover. There are two key attributes to the handover support service problem: 1. The Information Exchange itself: this includes the information elements that describe the information, and any signalling exchanges that are required to support the generation of these Information Elements. 2. The Underlying Transport: this supports the Information Exchange between devices in the network. The requirements on this transfer mechanism include transport issues, because of the volume of data to be sent, as well as security issues, as the signalling may cross administrative boundaries and is interdependent with AAA aspects. The Information Exchange aspect of the problem is an area that is currently under discussion within IEEE 802.21, but it is felt that the definition of the underlying transport that supports transfer of this information over IP is an aspect that is best addressed within the IETF. This draft has been motivated by on-going work within IEEE 802.21, but the following description intentionally describes the problem from a more general perspective. This document represents the views of the authors, and does not represent the official view of IEEE 802.21. The structure of this document is as follows. Section 2 provides a simple model for the entities involved in the signalling and their possible relationships. Section 3 describes a decomposition of the signalling problem into service specific parts and a generic transport part. Section 4 describes more detailed requirements for the transport component. Section 5 provides security considerations, and Section 6 summarises the conclusions and open issues. 2. Entities The following section provides an overview of the network entities Hepworth, et al. Expires April 20, 2006 [Page 3] Internet-Draft MIH Signalling October 2005 that are expected to be involved in the signalling exchanges to support the handover operation. The following abbreviations are used in this section: o MN: mobile node o NN: network node, intended to represent some device in the network (the location of the node e.g. in the access network, home network is not specified, and for the moment it is assumed that they can reside anywhere). o EP: endpoint, intended to represent the terminating endpoints of the transport protocol used to support the signalling exchanges between nodes. There are three basic deployment scenarios: o End-to-end signalling and transport over IP In this case, the end-to-end signalling used to exchange the handover information elements (the Information Exchange) runs end- to-end between MN and NN. The underlying transport is also end- to-end +------+ +------+ | MN | | NN | | (EP) | | (EP) | +------+ +------+ Information Exchange <------------------------------------> /------------------------------------\ < Transport over IP > \------------------------------------/ Figure 1: End-to-end Signalling and Transport o End-to-end signalling and partial transport over IP As before, the Information Exchange runs end-to-end between the MN and the second NN. However, in this scenario, some other transport means is used from the MN to the first NN, and the transport over IP is used only between NNs. This is analogous to the use of EAP end-to-end between Supplicant and Authentication Server, with a upper-layer multihop protocol such as RADIUS used as a backhaul transport protocol between an Access Point and the Authentication Server. Hepworth, et al. Expires April 20, 2006 [Page 4] Internet-Draft MIH Signalling October 2005 +------+ +------+ +------+ | MN | | NN | | NN | | | | (EP) | | (EP) | +------+ +------+ +------+ Information Exchange <------------------------------------> (Transport over /------------------\ <--------------->< Transport over IP > e.g. L2) \------------------/ Figure 2: Partial Transport o End-to-end signalling with a proxy In the final case, a number of proxies are inserted along the path between the two transport endpoints. The use of proxies is possible in both cases 1 and 2 above, but distinguished here as there may be operations performed on the end-to-end Information Exchange. +------+ +-------+ +------+ | MN | | NN | | NN | | (EP) | |(Proxy)| | (EP) | +------+ +-------+ +------+ Information Exchange <-----------------> <------------------> /---------------\ /----------------\ < Transport > < Transport > \---------------/ \----------------/ Figure 3: Proxy Operation As well as these basic scenarios, it is possible to consider the use of transport layer relays (cf. similar functionality in Diameter [3]). This can be seen as a generalisation of scenario 2. Note: while MN-to-MN signalling exchanges are theoretically possible, these are not currently being considered, and are out-of-scope. 3. Solution Components Figure 4 shows a model where the Information Exchanges are implemented by a signalling protocol specific to a particular mobility service, and these are relayed over a generic transport layer (the Mobility Service Transport Layer). Hepworth, et al. Expires April 20, 2006 [Page 5] Internet-Draft MIH Signalling October 2005 +-------------+ ^ | Mobility | | | Service 2 | | +------------| (e.g. ES) | | Mobility Service | Mobility +-------------+ | Signaling | Service 1 | +-------------+ | Layer | (e.g. IS) | | Mobility | | +--------------+ | Service 3 | | | (other) | | +-------------+ V ================================================ +---------------------------------------+ ^ Mobility Service | Mobility Service Transport Protocol | | Transport +---------------------------------------+ V Layer ================================================ +---------------------------------------+ | IP | +---------------------------------------+ Figure 4: Handover Services over IP The Mobility Service Transport Layer provides certain functionality (outlined in Section 4) to the higher layer mobility services in order to support the exchange of information between communicating mobility service functions. The transport layer effectively provides a container capability to mobility services, as well as any required discovery, transport and security operations required to provide communication. The Mobility Services themselves may also define certain protocol exchanges to support the exchange of service specific Information Elements. It is likely that the responsibility for defining the contents and significance of the Information Elements is the responsibility of other standards bodies other that the IETF. Example mobility services include the Media Independent Information Service [1], and the Media Independent Command and Event Services [2]. 4. Requirements on the Mobility Service Transport Layer The following section outlines some of the general transport requirements that should be supported by the Mobility Service Transport Protocol. Analysis within IEEE 802.21 has suggested that at least the following need to be taken into account: Hepworth, et al. Expires April 20, 2006 [Page 6] Internet-Draft MIH Signalling October 2005 Discovery: MNs need the ability to locate nodes that support particular mobility services in the network. There are no assumptions about the location of these mobility services within the network, therefore the discovery mechanism needs to operate across administrative boundaries. Issues such as speed of discovery, when discovery needs to take place, and the length of time over which the discovery information may remain valid all need to be considered. Similar discovery requirements may apply to general NN discovery in the network. Information from a trusted source: The MN uses the Mobility Service information to make decisions about what steps to take next. It is essential that there is some way to ensure that the information received is from a trustworthy source. This includes cases where trusted proxies along the path have access to, and may modify, parts of the Mobility Service information. This requirement has interactions with the AAA infrastructure for the purposes of authenticating and authorising the information exchange itself. Low latency: Some of the Mobility Services generate time sensitive information. Therefore, there is a need to deliver the information over quite short timescales, and the required lifetime of a connection might be quite short lived. For reliable delivery, short-lived connections could be set up as and when needed, although there is a connection setup latency associated with this approach. Alternatively, a long-lived connection could be used, but this requires advanced warning of being needed and some way to maintain the state associated with the connection. It also assumes that the relationships between devices supporting the mobility service are fairly stable. Another alternative is connectionless operation, but this has interactions with other requirements such as reliable delivery. Reliability: Reliable delivery for some of the mobility services may be essential, but it is difficult to trade this off against the low latency requirement. There are three possible approaches. In the first case, all reliability functionality is placed in the transport, which requires the Mobility Service Transport Layer to support loss detection, re-transmission, failure detection and recovery. Alternatively, the reliability can be built into Mobility Service itself, where timers are used by the service to determine whether a re-transmission over an unreliable transport is needed. This is quite useful in cases where the information is time sensitive as it gives the mobility service a chance to update the information it sends. Lastly, a hybrid approach could be adopted where the transport provides an indication of whether the delivery was successful or not to the Mobility Service, and it decides whether to re-transmit. This still supports time Hepworth, et al. Expires April 20, 2006 [Page 7] Internet-Draft MIH Signalling October 2005 sensitive services, as the mobility service can choose to update the information it is sending. Congestion Control: A Mobility Service may wish to transfer large amounts of data, placing a requirement for congestion control in the transport. There is an interaction between this requirement and that of the requirement for low latency since ways to deal with timely delivery of smaller asynchronous messages around the larger datagrams is required (mitigation of head of line blocking etc.). Secure delivery: The Mobility Service information must be delivered securely between trusted peers, where the transport may pass though untrusted intermediate nodes and networks. Multiplexing: The transport service needs to be able to support different mobility services. This may require multiplexing and the ability to manage multiple discovery operations and peering relationships in parallel. Multihoming: For some information services exchanged with the MN, there is a possibility that the request and response messages can be carried over two different links e.g. a handover command request is on the current link while the response could be delivered on the new link. Depending on the IP mobility mechanism, there is some impact on the transport option for the mobility information services. This may potentially have some associated latency and security issues, for example, if the transport is over IP there is some transparency but Mobile IP may introduce additional delay and both TCP and UDP must use the permanent address of the MN. In addition to the above, it may be necessary for the transport to support multiple applications (or modes of operation) to support the particular requirements of the Information Exchange being carried out between nodes. This may require the ability to multiplex multiple information exchanges into a single transport exchange. Further information about transport requirements related to specific Mobility Services can be found in [1] and [2]. 5. Security Considerations Network supported mobility services aim at improving decision making and management of dynamically connected hosts. The control and maintenance of mobile nodes becomes challenging where authentication and authorization credentials used to access a network are Hepworth, et al. Expires April 20, 2006 [Page 8] Internet-Draft MIH Signalling October 2005 unavailable for the purpose of bootstrapping a security association for handover services. Information Services may not require authorization of the client, but both event and command services must authenticate message sources, particularly if they are mobile. Network side service entities will typically need to provide proof of authority to serve visiting devices. Where signalling or radio operations can result from received messages, significant disruption may result from processing bogus or modified messages. The effect of processing bogus messages depends largely upon the content of the message payload, which is handled by the handover services application. Regardless of the variation in effect, message delivery mechanisms need to provide protection against tampering, and spoofing. Sensitive and identifying information about a mobile device may be exchanged during handover service message exchange. Since handover decisions are to be made based upon message exchanges, it may be possible to trace a user's movement between cells, or predict future movements, by inspecting handover service messages. In order to prevent such tracking, message confidentiality should be available. This is particularly important since many mobile devices are associated with only one user, as divulgence of such information may violate the user's privacy. Additionally, identifying information may be exchanged during security association construction. As this information may be used to trace users across cell boundaries, identity protection should be available if possible, when establishing SAs. Finally, the network nodes themselves will potentially be subject to denial of service attacks from MNs and these problems will be exacerbated if operation of the mobility service protocols imposes a heavy computational load on the NNs. The overall design has to consider at what stage (e.g. discovery, transport layer establishment, service specific protocol exchange) denial of service prevention or mitigation should be built in. 6. Conclusions and Open Issues This Internet draft outlined a broad problem statement for the signalling of information elements across a network to support media independent handover services. In order to enable this type of signalling service, a need for a generic transport solution with certain transport and security properties was outlined. Whilst the motivation for considering this problem has come form work within IEEE 802.21, a desirable goal is to ensure that solutions to this problem are applicable to a wider range of mobility services. Hepworth, et al. Expires April 20, 2006 [Page 9] Internet-Draft MIH Signalling October 2005 One important open issue is the question of how much Mobility Service specific functionality (with respect to the structure shown in []) should be seen as part of the common problem within IETF scope. One option is that the problem scope is limited strictly to message transport requirements, the other extreme is that the full mobility service protocols should be defined. An intermediate stage would be to consider message sequences and use cases for different mobility services but leave the details of Information Elements by other bodies, but potentially including IETF working groups. It would be valuable to establish realistic performance goals for the solution to this common problem (i.e. transport and security aspects) using experience from previous IETF work in this area and knowledge about feasible deployment scenarios. This information could then be used as an input to other standards bodies in assisting them to design mobility services with feasible performance requirements. Much of the functionality required for this problem is available from existing IETF protocols or combination thereof. This document takes no position on whether an existing protocol can be adapted for the solution or whether new protocol development is required. In either case, we believe that the appropriate skills for development of protocols in this area lies in the IETF. 7. References [1] Faccin, S., "Some Requirements for a Handover Information Service", draft-faccin-mih-infoserv-01 (work in progress), October 2005. [2] Sreemanthula, S., "A Problem Statement for Event Services and Command Services for Media Independent Handovers", draft-sreemanthula-es-cs-problem-statement-00 (work in progress), October 2005. [3] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003. Appendix A. Acknowledgements Thanks to Robert Hancock and Andrew McDonald for their inputs. Hepworth, et al. Expires April 20, 2006 [Page 10] Internet-Draft MIH Signalling October 2005 Authors' Addresses Eleanor Hepworth Siemens Roke Manor Research Roke Manor Romsey, SO51 5RE UK Email: eleanor.hepworth@roke.co.uk Greg Daley Centre for Telecommunications and Information Engineering Department of Electrical and Computer Systems Engineering Monash University, Clayton Victoria 3800 Australia Email: greg.daley@eng.monash.edu.au Srivinas Sreemanthula Nokia Research Center 6000 Connection Dr. Irving, TX 75028 USA Email: srinivas.sreemanthula@nokia.com Stefano Faccin Nokia Research Center 6000 Connection Dr. Irving, TX 75229 USA Email: stefano.faccin@nokia.com Hepworth, et al. Expires April 20, 2006 [Page 11] Internet-Draft MIH Signalling October 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Hepworth, et al. Expires April 20, 2006 [Page 12]