Wireless Hotspots and Network Interworking Initiative

Transcription

1 Wireless Hotspots and Network Interworking Initiative Test Bed Validates a Proposed AAA Blueprint for Cross-Operator Roaming Research & Development at Intel

2 Table of Contents Overview... 3 Wireless Roaming Today: Fragmented and Inefficient... 3 Wireless Roaming Tomorrow: Seamless and Secure... 4 The IDA-Intel Wireless Hotspots and Networking Initiative... 7 Incremental Deployment Testing... 7 Architectural and Operator-Specific Test Beds... 7 Conclusion... 8 This white paper contains information useful to industry professionals interested in cross-operator wireless roaming. It is geared toward a general technology audience, including business managers, executives, technology analysts, and the press. 2

3 Overview The number of public wireless LAN (WLAN) hotspots around the world has grown rapidly, driven aggressively by a multitude of operators including cellular carriers, DSL and cable modem service providers, and wireless ISPs (WISPs) and WISP aggregators. However, to date this growth has been characterized by a proliferation of proprietary systems and protocols, with no clear, standards-based approach to cross-operator roaming. This has resulted in multiple, and in most cases non-interworking, sets of credentials for logging in to different hotspots, as users travel around their regions and the globe. In this fragmented environment, customers must subscribe to different operators, receive multiple bills or pay per-use fees, and are required to consciously switch operators as they use different hotspot networks. This white paper describes the steps that Intel and other industry leaders are taking to help establish open standards and develop a system architecture that uses these standards to create a flexible, end-to-end solution for cross-operator roaming. Consumers are familiar with roaming in the cellular telephone network, which has wide coverage, ease of use, and an established billing and settlement system. With industry participation, Intel hopes to attain an equivalent level of seamless roaming for wireless data services. To achieve this goal, the first step is to establish standards-based solutions that enable multi-provider, subscription-based "one-bill" roaming between WLAN and Wireless Wide Area Network (WWAN) networks. Once this solution is in place, consumers will be able to move between different hotspot networks run by different operators in different locations, and have their billing aggregated into one bill from their home provider. No longer will consumers have to deal with multiple accounts and separate bills from each service provider or operator. This white paper describes the proposed architecture and validation process that would make one-bill wireless roaming a reality. Wireless Roaming Today: Fragmented and Inefficient Current User Experience A user with a wireless laptop can sit down in a hotspot in Boston, Singapore, Sidney, or Tokyo. But most likely each wireless connection is provided by a different carrier. Currently, before the user can connect to the visited network, the visited network provider and the home network provider must have a "roaming agreement" that specifies charges, protocols and version numbers, billing parameters, etc. Because every network provider must have a separate roaming agreement with every other network provider for maximum coverage, the overhead is immense and expensive. The current situation is unwieldy for wireless users as well as service providers. At the end of the month, users receive a separate bill for every visited network, or must pay directly at the time of use, usually by using a credit card. They also receive a bill from their home network provider. This fragmented approach frustrates users, and is inefficient for service providers. A better model is the mobile cell phone industry. In this case, although users may roam outside their home networks, they receive only one bill at the end of the month. The proposed Authentication, Authorization, and Accounting (AAA) architecture will extend this one-bill model to wireless hotspot users. When complete, the proposed wireless roaming model will actually be even easier to use than the current cell phone model, as wireless users will not suffer from the limitations of GSM-CDMA incompatibility. Toward this end, Intel and the Infocomm Development Authority of Singapore (IDA) announced in March of 2003 that they are collaborating in a Wireless Hotspots and Network Interworking Initiative. This technology collaboration will involve several key operators and vendors, and will examine the current standards and various network implementations to help develop and validate a complete, end-to-end, standards-based roaming architecture that is ready for deployment. 3

4 Wireless Roaming Tomorrow: Seamless and Secure The proposed standards-based, widely adopted AAA architecture allows wireless users to log on with one set of credentials, no matter where they are or what service provider is managing the connection, assuming there are roaming agreements between the service providers and the user s home provider. Even though users may roam outside their home network, they can receive one bill that represents all their wireless connection activity. To understand how this would work, consider the generic wireless roaming model. In this model, the user has a home network provider, which maintains the user/subscriber relationship and authenticates roaming users: 1. The user identifies himself or herself to the visited network as a valid subscriber to the home network authentication. 2. The home network recognizes the user and decides which services the user can access authorization. 3. The visited network routes the billing information through a clearinghouse accounting, billing and settlement. Of course, there are more detailed steps involved at each stage. The most common method of wireless connection is through the Universal Access Method (UAM), also called browser hijacking. Figure 1 conceptually illustrates the process for this type of connection. AAA Server Access Controller/ AAA Proxy Web Server Users db Internet Clearinghouse Records User Data Access Router Home Network WLAN $ End-User Billing Wireless-Enabled Laptop Access Point Visited Network Figure 1. Generic Wireless Roaming Model 4

5 Note that Figure 1 is only a logical diagram and actual network implementations may differ. Let s step through Figure 1 to see how the proposed wireless roaming model works. 1. The user turns on the laptop, and the laptop discovers that a hotspot is available. (Instead of a laptop, the user might be using a cell phone, PDA, or other device with WLAN capability.) 2. The laptop initiates communication with the Access Point (AP). 3. The user obtains an IP address on the network. At this point the user is not authenticated yet and cannot access the Internet. 4. The user opens a Web browser and attempts to access a Web page. 5. The Access Router (AR) intercepts the user s request and redirects the user to a login page. 6. The user enters the appropriate login credentials. The most common type of credential is a username and password pair. Other types of credentials are possible, such as hardware tokens and software certificates. 7. The Access Controller forwards the credentials to the AAA Server in the home network, where they are validated against the home network s database of users. Based on the result of this authentication step, an Accept or Reject message is returned back through the AR in the visited network. If the user was accepted, the Accept message includes information about which services the user is authorized to access. 8. For each connection, the visited network creates an accounting record (sometimes called a connection record, or CR). This record may include attributes such as number of minutes connected, megabytes downloaded, and number of connection attempts. 9. When a connection is closed, the AAA Server in the visited network sends accounting records (optionally through a clearinghouse) using an industry-developed protocol and format, such as RADIUS. When involved, the clearinghouse then forwards the accounting information to the user s home network provider. Ultimately, it is the responsibility of the home network to pay the visiting network for the user s connection. This above step-by-step process assumes the Access Point is accessed using Universal Access Method (UAM). UAM is not the only connection method, however. Wi-Fi Protected Access (WPA), along with 802.1X and Extensible Authentication Protocol (EAP), is a robust, secure alternative to UAM. With the exception of steps 4 through 6, the process illustrated in Figure 1 is applicable to WPA connections as well as to browser hijack connections. It is highly probable that UAM will remain a popular connection method for at least the near future, and will co-exist with WPA. As the wireless industry matures, however, the WPA connection method will likely replace UAM connections. The proposed AAA architecture described in this paper is flexible, and can support both UAM and WPA connections. Security in the Wireless Roaming Environment UAM, though simple, is not an ideal connection method. The most serious drawback of UAM connections is that typically the user s credentials (username and password) are exposed to the visited network s Web server, which can leave the connection open to man in the middle or rogue AP attacks that can result in credential theft and/or denial of service. For the open wireless roaming model to succeed, these security considerations must be addressed. A layered AAA framework that enables seamless wireless roaming while at the same time protecting users from security breaches is needed. To make cross-operator roaming adequately secure, networks need strong mutual authentication the network must identify itself to a roaming user before the user presents his/her credentials to the network. An encrypted channel following mutual, also known as bilateral, authentication results in an end-to-end trusted system, where the client and the network are both known to each other and are able to exchange information securely. UAM connections cannot implement such a mutual authentication framework, but 802.1X can. To implement this multi-layered security framework, a variety of protocols are used at each step of the connection process and between each component of the connection. Figure 2 illustrates the proposed AAA security architecture, based on the 802.1X protocol. 10. The home network aggregates all the user s roaming activity onto the user s monthly bill. 5

6 Hotspot Wireless Station Access Point Access Controller/ AAA Proxy Home Provider AAA Server Inner EAP Methods (e.g. EAP-MSCHAPv2, EAP-SIM...) PEAP (TLS) EAP EAPoL 802.1X (WPA, i) RADIUS UDP IP Other* Figure 2. Proposed AAA Security Architecture *Other Back Haul (T1/E1, Fast Ethernet, etc.) The following chart describes the primary security protocols used by the proposed AAA architecture. Protocol Name Protocol Purpose 802.1X Framework for authentication. It is a Port-Based Network Access Control for 802 LANs and is an Institute of Electrical and Electronics Engineers (IEEE) specification. EAP (Extensible Authentication Protocol) EAP-MSCHAPv2 EAP-SIM EAPoL Generic encapsulation protocol defined by the Internet Engineering Task Force (IETF) that can support a large variety of authentication token formats. An EAP method is required for each token type (for example, EAP-MSCHAPv2 for passwords, EAP-SIM for Subscriber Identity Modules (SIMs), and so on). EAP messages are carried over EAPoL (EAP over LAN) frames between the workstation and the AP. RADIUS (Remote Access Dial-In User Service ) PEAP (Protected EAP) Re-encapsulates EAP messages when sent from the AP to the AAA Server. Provides strong cryptographic binding to encapsulated EAP methods and provides a secure, encrypted tunnel between the client and the authenticating server. 6

7 The IDA Intel Wireless Hotspots and Networking Initiative The IDA Intel Wireless Hotspots and Networking Initiative is part of Intel s ongoing efforts to accelerate wireless connectivity and deployments. It is a program to work with industry participants to develop and deliver tested solutions to overcome the technical challenges that impede cross-operator roaming between networks due to different operating networks and technical standards. It has two components an interworking study and interoperability lab tests. The Interworking Study With the participation of key players from the industry (operators, aggregators, clearinghouses, and vendors), the interworking study recommends a standardized approach to support roaming across multi-provider public WLAN hotspots. The interworking study and the interoperability lab tests will culminate in a blueprint that defines the steps needed to achieve cross-operator roaming by incorporating user roaming requirements and developing a harmonized standards-based interworking architecture. Intel will continue to work with key industry forums to facilitate industry acceptance of this blueprint and architecture. Interoperability Lab Tests The interoperability lab tests will test the viability of the recommendations made by the interworking study, paving the way for deployment of the WLAN hotspot and infrastructure blueprint. Secondarily, the interoperability lab tests will enable interoperability of multi-vendor solutions used by specific network operators participating in the program, particularly in the areas of user authentication, authorization, and accounting. The unique aspect of this program is that it goes beyond writing technical papers to actually building and validating standards-based systems from multiple vendors and working with multiple operators. In particular, validation will include the following technologies: 802.1X (mutual authentication) Co-existence of UAM and 802.1X EAP-SIM (SIM credentials) PEAP (secure tunnel through which to pass credentials) EAP-MSCHAPv2 (username/password credentials) Wi-Fi Protected Access (WPA) Incremental Deployment Testing The test bed will be implemented incrementally to address different aspects of the proposed architecture, in order to enable interworking with a variety of existing network providers such as WISPs, WISP aggregators, fixed line operators deploying hotspots (DSL and cable), and cellular and GSM carriers deploying hotspots. The following operational models will be addressed in the test bed: WISP roaming over 802.1X Implement and demonstrate the viability of coexistence between 802.1X and browser hijack-based authentication schemes. Enterprise and fixed line operator roaming Validate interworking with home network providers that may or may not themselves operate wireless networks. This includes enterprise networks having roaming arrangements with hotspot operators, cable and DSL broadband providers, and dial-up ISPs and WISP aggregators. Introduce WPA security with dynamic keys, and validate username/password-based authentication based on MS- CHAPv2. 3GPP roaming with SIM Credentials Demonstrate the ability for a Third-Generation Partnership Project (3GPP) customer with SIM credentials to obtain services at a hotspot deployed by a WISP or other non-3gpp operators and have associated charges billed to the customer s cell phone account. Addition of Billing and Settlement Intermediaries Introduce roaming, billing, and settlement intermediaries such as clearinghouses and WISP aggregators. Architectural and Operator- Specific Test Beds The test lab will be partitioned into an architectural test-bed and several operator-specific test-beds. In the architectural test-bed, the architecture as proposed in the Interworking Study will be validated with an initial set of participating vendors. In addition, there will be several test-beds dedicated to specific operators. These will further validate the architecture across other vendor implementations, and according to configurations specified by the operator associated with each test-bed. These technologies have implications for the mobile computing platform as well as for the network infrastructure. Hence, this program will validate both elements to ensure that seamless roaming can be achieved. 7

8 Conclusion Standards Bodies and Forums For cross-operator roaming to become a popular, profitable enterprise for service providers, customers must see it as practical, efficient, easy to use and secure. The Wireless Hotspots and Network Interworking Initiative is defining and validating a framework to make this happen. At the end of the study and lab tests, the wireless industry will have access to a flexible standardsbased wireless roaming architecture that provides a consistent way to get access when networks are owned by different operator types with diverse authentication mechanisms. Like cellular phone users, public WLAN hotspot users will be able to connect seamlessly and receive a single bill that represents all of their wireless activity. Intel is working with the following international standards bodies and forums that are related to this collaboration: 3rd Generation Partnership Project: 3rd Generation Partnership Project 2 (3GPP2): GSM Association (GSMA): Internet Engineering Task Force (IETF): Wi-Fi Alliance: Additional Resources Public WLAN Hotspot Deployment & Interworking Study (Intel) Wi-Fi Alliance Wireless ISP Roaming Best Practices Document Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document. except as provided in Intel s terms and conditions of sale for such products. Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel products are not intended for use in medical, life saving, life sustaining applications. Intel may make changes to specifications and product descriptions at any time, without notice. Intel and the Intel logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. * Other names and brands may be claimed as the property of others. Copyright 2003, Intel Corporation. All rights reserved 0803/CTG/ITF/XX/PDF P/N