telefÓnica i+d date: 23rd september 2008 proposal for a convergent authentication and authorisation...
TRANSCRIPT
TELEFÓNICA I+DDate: 23rd September 2008
Proposal for a Convergent Authentication andAuthorisation Infrastructure in NGN
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
2TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
MotivationsWhy?
Current fixed platforms require complex user-provisioning processes.
Simplify process and reduce OPEX!!!
User identity is attached to the physical access line.
Enable nomadic services!!!
Mobile and fixed networks have different authentication mechanisms.
Design a convergent Platform!!!
PPP does not support multicast IPTV traffic.
Native support of Triple-Play and Advanced Services!!!
01
3TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
EAP/SIM-AKA over 802.1XEAP/SIM-AKA over 802.1Xauthentication platformauthentication platform
Design decisions02
Req. 1: Access LineIndependent User-Identity
Req. 2: Fixed-MobileConvergence
Req. 3: Well-defined andwidely deployed Protocols
Req. 4: Enable Triple-Play Services
4TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
System architecture03
5TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
6TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
7TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
8TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
9TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
10TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
04
Procedures Authentication procedure
11TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
ConclusionsPros and Cons
Home Gateway hardware becomes more complex (Smart Card reader)
Convergent QoS Architecture and user location retrieval is not full defined yet.
05 Unified fixed and mobile authentication
platforms (TISPAN & 3GPP).
Zero-provisioning systems.
Advanced services for residential users: nomadism
12TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
Contact Information
Telefónica I+D (website: www.tid.es)
Broadband Services Platforms and Architectures Department
Joaquín López Rizaldos ([email protected])
Alejandro Fandiño Orgeira ([email protected])
Alejandro García Henderson ([email protected])
Jose Manuel Palacios Valverde ([email protected])
Francisco Rodríguez García ([email protected])
Francisco González Vidal ([email protected])
14TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
A Backup Material Procedures I: Initial user attachment
15TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
A Backup Material Procedures II: Fast re-authentication
16TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
A Backup Material Procedures III: Full re-authentication
17TELEFÓNICA I+D
© 2008 Telefónica Investigación y Desarrollo, S.A. Unipersonal
A Backup Material Procedures IV: User disconnection