September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 1

doc.: IEEE 802.11-07/2491r00

Submission Slide 1

WLAN Segregated Data ServicesDate: 2007-09-17

Name Affiliations Address Phone email Donald Eastlake 3rd Motorola 111 Locke Drive, Marlboro,

MA 01757 USA +1-508-786-7554 Donald.Eastlake@motorola.com

Guido R. Hiertz Philips ComNets, RWTH Aachen

University Kopernikusstr. 16, 52074 Aachen, Federal Republic of Germany

+49-241-802-5829 hiertz@ieee.org

Stephen McCann Nokia Siemens

Networks

Roke Manor Research Ltd Old Salisbury Lane Romsey, Hampshire

SO51 0ZN, United Kingdom

+44 1794 833341 stephen.mccann@roke.co.uk

Dee Denteneer Philips Philips Research, HTC 27 (WL

1.132), 5656 AE Eindhoven, The Netherlands

+31-402-746-937 dee.denteneer@philips.com

Nancy Cam-Winget Cisco Systems 190 W Tasman San Jose CA 95134 USA

+1-408-853-0532 ncamwing@cisco.com

Stephen Rayment BelAir

Networks 603 March Road, Ottawa, ON,

Canada K2K 2M5 +1 613 254 7070

x112 srayment@belairnetworks.com

Tony Metke Motorola 1301 E. Algonquin Road Mail Stop: 1232

Schaumberg, IL 60196 USA

+1-847-576-0092 Tony.Metke@motorola.com

Authors:

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 2

doc.: IEEE 802.11-07/2491r00

Submission Slide 2

Abstract

802.11 networks, particularly meshes, need VLANs or a similar mechanism for segregated data services. The need varies from a mild requirement to distinguish “visitors” from “residents” in a one AP home network to much stronger and more complex requirements in enterprise, municipal, and other systems. The requirements are particularly important in WLAN meshes. Scenarios and requirements for adding segregated services to IEEE 802.11 are presented along with some comments on existing, under development, or prospective mechanisms to met those requirements.

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 3

doc.: IEEE 802.11-07/2491r00

Submission Slide 3

Motivation• Segregating traffic for “visitors” who should only have

access to the Internet and limited facilities, from “insider” traffic.

• Provision of different services for free and subscriptions services in Hot Zone or Municipal systems. (May also segregate subscription service through different carriers.)

• In mesh environments, ability to safely forward data through nodes with limited trust.

• To enable aggregation of traffic over a single infrastructure for efficient deployment.

• Dedicated traffic segregation by type, such as VoIP

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 4

doc.: IEEE 802.11-07/2491r00

Submission

Example Scenario I(unified infrastructure, single interface end stations)

MAP 1

Guest Station

MAP 2

AP 2

Guest Station

Local Station

Local Station

Internet

Local Station

Protected Services

Local Station

Local VLAN

Guest VLAN

Wired Connection

Firewall

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 5

doc.: IEEE 802.11-07/2491r00

Submission

Example Scenario II(diverse mesh, multi-interface mesh points)

Org 1MP

Internet

Org 1MP

Org 2MP

Org 2MP

Org 2MP

Org 3MP

Org 1MP

Organization 1 Infrastructure

Org 1MPP

Lo

cal M

esh

Ser

vice

Org

aniz

atio

n 1

S

ervi

ce

Org

aniz

atio

n 2

S

ervi

ce

Organization 2 Infrastructure

Org 2MPP

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 6

doc.: IEEE 802.11-07/2491r00

Submission

Scenario II without segregated data services

Org 1MP

Internet

Org 1MP

Org 2MP

Org 2MP

Org 2MP

Org 3MP

Org 1MP

Organization 1 Infrastructure

Org 1MPP

Org

aniz

atio

n 1

S

ervi

ce

Org

aniz

atio

n 2

S

ervi

ce

Organization 2 Infrastructure

Org 2MPP

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 7

doc.: IEEE 802.11-07/2491r00

Submission Slide 7

Requirements

1. Advertising Availability of Services2. Associating/Authenticating/Authorizing for One or

more Specific Services3. Multiple Service Security Channels Between Two

Stations4. Transit Frame Labelling5. Protection of Segregated Data from Unauthorized

Access6. Configuration and Management

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 8

doc.: IEEE 802.11-07/2491r00

Submission Slide 8

1. Advertising Availability of Services

• Current practice: Transmit multiple Beacons, as is done at IEEE 802 meetings.

• Work in progress: General Advertisement Service (GAS) mechanisms in 802.11 TGu (Interworking with External Networks).– Includes SSIDC (SSID Container IE) for transmission of multiple

SSIDs (with or without multiple BSSIDs) in a single beacon.

• No additional chartered work appears necessary for this requirement. The TGu mechanisms are adequate.

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 9

doc.: IEEE 802.11-07/2491r00

Submission Slide 9

2. Associating/Authenticating/Authorizing for a Specific Service

• Current practice: Only one association, 802.11i security.

• Work in progress:– TGw (Protected Management Frames) to extends security to some

control messages

– TGs (Mesh Networking) with authentication to mesh distinguished from authentication to an AP

– TGu (Interworking with External Networks) different credentials/authentication for different back end carriers

• Possible new work: Ability to have different credentials / authentication for different Services/VLANs.

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 10

doc.: IEEE 802.11-07/2491r00

Submission Slide 10

3. Multiple Service Security Channels Between Stations

• Current Practice:– AP can have multiple security associations but each with a different end

station.

– Two stations can have multiple IPsec security associations or the like at the application level.

• Work in Progress: TGs (Mesh Networking) permits multiple associations but each with a different mesh point.

• Possible new work:– Different security associations for different services/VLANs

– Need to handling unicast, multicast, and broadcast

– Development of a new Authenticator PAE function that can manage multiple SAs with a given neighbor

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 11

doc.: IEEE 802.11-07/2491r00

Submission Slide 11

4. Transit Frame Labelling

• Current Practice:– Current standard explicitly permits 802.1Q-Tag in payload

(802.11-2007 Annex M) but Q-Tag’s priority and VLAN ID fields are otherwise ignored.

– Only obvious way is to use different MAC addresses.

• Work in Progress: none...

• Possible new work:– Header addition to distinguish Service/VLAN

– Other mechanisms?

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 12

doc.: IEEE 802.11-07/2491r00

Submission Slide 12

5. Protection of Segregated Data from Unauthorized Access

• Current Practice: Have to use IPsec or some similar application level mechanism to protect data at intermediate hops.

• Work in Progress: none...

• Possible new work:– Optional edge-to-edge security between original source station and

final destination station. But not all services would require this. (If VLAN mapping is possible, authentication should be keyed to SSID, not VLAN ID.)

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 13

doc.: IEEE 802.11-07/2491r00

Submission Slide 13

6. Configuration and Management

• Current Practice:– SNMP (Simple Network Management Protcol)

– GVRP (GARP VLAN Registration Protocol)

– Proprietary command line interfaces and protocols

• Work in Progress: SNMP MIB (Management Information Base) additions by TGu (Interworking with External Networks)

• Possible new work:– MIB additions or other mechanisms for configuration and

management including setting-up and deleting VLANs

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 14

doc.: IEEE 802.11-07/2491r00

Submission Slide 14

Straw Polls in San Francisco

• Results in WNG SC during morning session on 17 July 2007:

– Should the 802.11 WNG SC proceed at this time to vote on a motion to set up a Study Group?Yes: 6 No: 27 Abstain: 18

– Should 802.11 receive further presentations on the topic of segregated data services?Yes: 46 No: 0 Abstain: 1

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 15

doc.: IEEE 802.11-07/2491r00

Submission Slide 15

Motion

• Changes from previous draft motion:

– Remove Requirement 1, which is covered by TGu, from the purview of the proposed Study Group.

– The Study Group would not be directed to produce a PAR and 5 Criterion to amend 802.11 but can consider whatever is the best course within the 802.11 rules.

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 16

doc.: IEEE 802.11-07/2491r00

Submission Slide 16

Motion (cont.)• Moved, To request the IEEE 802.11 Working Group to

approve and forward to the IEEE 802 Executive Committee the creation of a “WLAN Segregated Data Services” Study Group to consider how best to meet requirements as follows:– labeling frames per service; security of data within a service; and

the configuration and management of such services.

Moved: Seconded:

Yes: No: Abstain:

September 2007

D. Eastlake (Motorola), G. Hiertz (Philips)

Slide 17

doc.: IEEE 802.11-07/2491r00

Submission Slide 17

References

• Draft 802.11s D1.06 – ESS Mesh Networking

• Draft 802.11u D1.0 – Interworking with External Networks

• Draft 802.11w D2.1, – Protected Management Frames

• IEEE Standard 802.11-2007 – WLANs

• IEEE Standard 802.1Q-2005 – VLANs, GVRP

• IETF STD 62 (IETF RFCs 3411 through 3418) – SNMP