ISD Agenda

May 2014
doc.: IEEE 802.11-14/0158r2
TGaq Pre-Association Discovery Protocol
for ANDSF Discovery Service
Date: 2014-05-14
Authors:
Name
Company
Joe Kwak
InterDigital
Michael Montemurro
BlackBerry
Submission
Address
Phone
email
PO Box 93
Hawkesbury, ON, Canada
K6A2R4
4701 Tahoe Blvd
Mississauga, ON, Canada
L4W0B4
+1-630-739-4159
[email protected]
+1-905-629-4746
x14999
[email protected]
Slide 1
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Abstract
This is a TGaq Pre-Association Discovery (PAD)
Protocol example showing how a pre-associated
STA may access ANDSF Service for WLAN
discovery and selection.
This builds upon the 11aq draft text in
11-14-0657-00-00aq-pre-association-discoveryprotocol and is intended to be the basis for an
informative annex in our 11aq draft.
Submission
Slide 2
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Background
• TGaq develops simple MAC protocol
– Defines over-the-air messages only (PAM)
• Meets low level requirements of use cases
• Other Fora deal with higher layers (L2+)
– Liaison to other fora of our use cases
• 3GPP has developed a discovery service for dual mode
smartphones and other dual mode (cell/WLAN) devices that
uses assistance data to discover and select WLANs suitable for
offload.
• Access Network Discovery and Selection Function (ANDSF) has
been specified by 3GPP to provide this assistance data.
• ANDSF is normally implemented in a server accessible on the
internet, and discovered by DNS lookup.
Submission
Slide 3
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Protocol (PADP) Review
• PADP is different from ANQP
– PADP is not limited to simple Request/Response mechanism.
– Using transparent packet containers, PADP provides flexible
transport for pre-associated STAs to communicate with different
existing Upper Layer Protocols (ULPs) for service discovery,
bonjour, UPnP, etc.
– Service/discovery information is transparently encapsulated for
transport to a Service Transaction Proxy (PADPxy) which
implements this protocol for a particular (or set) of discovery ULP.
– Packets are routed from the pre-associated STA, through the AP,
to the PADPxy, which acts on behalf of the STA to communicate
with the intended discovery protocol server.
– In other words, PADP sets up a short-term tunnel from the STA to
the PADPxy which proxies for the STA for internet packet
exchanges.
Submission
Slide 4
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Protocol (PADP)
Review
1
• Part of the PAM (Pre-Association Messages)
• The TP is implemented as an advertisement protocol
enabling it to be carried, over the IEEE 802.11 air
interface, by the existing GAS mechanism.
• Use a new advertisement protocol id “PADP” – PreAssociation Discovery (e.g. like RLQP
• Define a new IE for use in Beacon, Probe Response
frames to advertise service capabilities.
[1] Transaction Protocol Review (slides 5-10) from
11-13-0788-03-00aq-transaction-protocol
Submission
Slide 5
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Protocol Review
• A mobile device requires service information prior to
association.
• The mobile device supports one or more ULP’s
• The Access Point advertises (in this example using
ANQP) service types as well as a list of ULP’s that are
supported.
• An PADP Encapsulation message carries the ULP
service information request to the AP, which relays the
request to the PADPxy.
• The PADPxy proxies for the STA to exchange service
information using the discovery ULP.
• The PADPxy provides service information in a
response that is encapsulated and sent back to the
mobile device through the Access Point.
Submission
Slide 6
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Protocol Review
• PADP operates between the ULP applications in the
pre-associated STA and the Service Transaction Proxy
(PADPxy).
• As this ANDSF example shows, the encapsulation
mechanism must be transparent to enable this service
for ANDSF and perhaps other popular discovery
services.
Submission
Slide 7
Joe Kwak, InterDigital
May 2014
Upper Layer
Protocol
(ULP)
doc.: IEEE 802.11-14/0158r2
STA
AP
TXP / ULP
1) ULP message A
2) Encapsulation (token, “ULP message A”)
3) Encapsulation (token, “ULP message B”)
4) ULP message B
Submission
Slide 8
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Review
• ULP does not need to be standardised within Tgaq
– deliberately hide the details of the ULP so that we can focus on
MAC design
• When the higher layer ULP responds with another
message B, the TXP uses another PADP Encapsulation
message to transmit message B back to the mobile
device including the PADP token. If an error occurs in
the TXP transaction a Return Code may be
alternatively returned to the mobile.
• When the PADP Encapsulation message is received by
the mobile terminal the contents are passed back to the
service discovery ULP.
Submission
Slide 9
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Pre-Association Discovery Protocol Review
• The message sequence is bi-directional and can be initiated by the
ULP co-located with the PADPxy. The service information is
constructed based on the ULP – it does not necessarily execute the
ULP protocol over frames transmitted in the pre-associated state
• IDs of ULP protocols for the STA and the AP infrastructure are
required for encapsulation/decapsulation.
• Possibly need to fragment large ULP frames.
– GAS already has the capability for fragmentation/reassembly
• To conserve the medium, using a hash of the service information in
the encapsulated PADP exchange may be feasible for some
applications of PADP. (see 13-893r0)
• Messages could be signed to provide some level of data integrity.
• Need to do some additional work on defining the ULP ID space
and its management
Submission
Slide 10
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
ANDSF Example Using 11aq Pre-Association
Discovery Protocol
ANDSF
Network
ANDSF IP messages
between STPxy and
ANDSF
AP2
Local Access
Network
Service
Transaction Proxy
(STPxy)
AP1
Pre-association Messages
Submission
STA
Slide 11
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
3GPP WLAN Network Architecture
• Both trusted
(integrated) and
untrusted
(over-the-top)
interfaces exist
• The trusted interface
involves operator
deployed WLAN and
is being evolved in
3GPP Release 12
Submission
TWAG
Slide 12
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
ANDSF
UE
1. UE connected with the EPC over a 3GPP or non -3GPP access
2. Discover ANDSF and establish secure communication
3. Access Network Info Request
4. Access Network Info Response
5. UE makes access
network selection and
handover decision
6. UE initiates the inter-system
handover
Normal discovery for 3GPP UE(STA) after association and using IP transport
(Figure 8.5.1-1 from 3GPP TS 23.402)
Submission
Slide 13
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
UE
AP/PADPxy
ANDSF
1. STPxy  Limited IP connectivity
2. Discover ANDSF IP address
3. Establish secure communication
4. Access Network Info Request
5. Access Network Info Response
6. UE makes access
network selection and
handover decision
7. UE associates to
selected WLAN
-
Pre-association discovery for 3GPP UE(STA)
using PADPxy with limited IP transport
Submission
Slide 14
Joe Kwak, InterDigital
May 2014
ULP
doc.: IEEE 802.11-14/0158r2
PADPxy-a
STA
PADPxy-a
AP
DNS
Server
ANDSFb
PLMNc
1. STPxy  Limited IP connectivity
ANQP Req(STPxy.ANDSF)
ANQP Resp(STPxy-a)
Limited IP connectivity)
2. Discover ANDSF IP address
DNS Req(ANDSF.MCC.MNC))
PADP-Encap(DNS Req(ANDSF.MCC.MNC)
)
A
DNS Req(ANDSF.MCC.MNC))
DNS Resp(IP Add of ANDSFb)
PADP-Encap(DNS Resp(IP Add of ANDSFb))
)
DNS Resp(IP Add of ANDSFb)
B
3. Establish secure communication
http:TLS-ClientHello({Ks1,Ks2…})
PADP-Encap(http:TLS-ClientHello({Ks1,Ks2…})
)
A
http:TLS-ClientHello({Ks1,Ks2…})
)
http:TLS-ServerHello(Ks2)
-
-
http:TLS-ServerHello(Ks2)
PADP-Encap(http:TLS-ServerHello(Ks2)
)
B
)
A: PADPxy decapsulates message and substitutes its own IP
add in header to replace dummy IP add from STA
B: PADPxy substitutes dummy IP add from STA to replace its
own IP add in header, then encapsulates and sends to AP
Submission
Slide 15
Joe Kwak, InterDigital
May 2014
ULP
doc.: IEEE 802.11-14/0158r2
PADPxy-a
http:TLS-ClientKeyExchange
STA
PADPxy-a
AP
ANDSFb
PLMNc
PADP-Encap(http:TLS-ClientKeyExchangee)
)
)
A
http:TLS-ClientKeyExchange
)
http:TLS-ServerChangeCipherSuite&Finished
PADP-Encap(http:TLS-ServerChangeCipherSuite&Finished)
)
B
http:TLS-ServerChangeCipherSuite&Finished
3. Establish secure communication
https:Access Network Info Request
PADP-Encap(https:Access Network Info Request) A
)
)
https:Access Network Info Request
https:Access Network Info Response
)
PADP-Encap(https:Access Network Info Response)B
https:Access Network Info )Response
)
-
)
UE makes access network
WLAN selection decision
and then associates.
A: PADPxy decapsulates message and substitutes its own IP
add in header to replace dummy IP add from STA
B: PADPxy substitutes dummy IP add from STA to replace its
own IP add in header, then encapsulates and sends to AP
-
Submission
Slide 16
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
Security Notes
• Using PADPxy to setup secure IP connection for PAD
STA needs careful setup and configuration to prevent
abuse and spoofing.
• The AP configuration should include means to
authenticate the PADPxy server(s) used. A rogue
PADPxy may be used to route and implement services
beyond discovery services.
• The PADPxy server should authenticate each ANDSF
server when first setting up connection for PAD.
• Available techniques for authentication include
preconfigured certificates and secure IP tunnels.
THANK YOU
Submission
Slide 17
Joe Kwak, InterDigital
May 2014
doc.: IEEE 802.11-14/0158r2
REFERENCES
(listed in order of relevance to this example)
1.
2.
3.
4.
5.
6.
7.
http://www.3gpp.org/DynaReport/23003.htm
3GPP Network Elements: Numbering, Addressing, and Identification –Explains ANDSF
discovery mechanism using DNS
http://www.3gpp.org/DynaReport/33222.htm
Generic Authentication Architecture and Access to 3GPP Network Using https: --Explains
authentication and TLS security for ANDSF connection based on preconfigured or
bootstrapped shared key.
http://tools.ietf.org/html/rfc2818
HTTP over TLS—General reference for setting up https:
http://www.3gpp.org/DynaReport/23234.htm
Specification of 3GPP-WLAN Interworking—Broad reference that provides detail on
WLAN-ANDSF interface
http://www.3gpp.org/DynaReport/23402.htm
Specification for non-3GPP Access to 3GPP Network—Includes architecture and
interworking descriptions for WLAN discovery and connection to ANDSF
http://www.3gpp.org/DynaReport/23865.htm
Study of WLAN Selection and Policy Application using ANDSF Information—provides set of
illustrative examples showing how STAs use ANDSF Management Object (MO) data to select
WLAN.
http://www.3gpp.org/DynaReport/234312htm
Specification of ANDSF MO—Complete MO details and structure of WLAN selection policy
MO tree.
Submission
Slide 18
Joe Kwak, InterDigital