Moby Dick Consolidated System Integration Plan
Moby Dick Consolidated System Integration Plan
Moby Dick Consolidated System Integration Plan
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
D0103v1.doc Version 1 6.7.2003<br />
paged. However, the security support of the paging concept is specified and described in a Deliverable,<br />
and will not be part of the project’s implementation of IP paging support. Therefore, as an example, the<br />
interface between the Paging Agent and the AAAC.f for key management will not be implemented;<br />
hence the NAI will not be deployed here.<br />
Assumptions for the paging concept’s security support<br />
Pre-established security associations:<br />
• AAAC.f – PA<br />
• PA – ARx (ARs inside a domain, in particular these assigned to the registered paging areas)<br />
• MN – current AR before entering the IDLE mode (since dormant mode registration requires<br />
previous authentication with the network, which is considered to be the standard AA procedure<br />
of the <strong>Moby</strong> <strong>Dick</strong> scenario).<br />
Dynamic SAs for registration with a Paging Agent and for a paging process:<br />
• ARx – MN<br />
• MN – PA<br />
5.2.5.2 Service discovery and dormant mode registration<br />
When a mobile terminal decides to enter the idle mode, it has to discover the responsible Paging Agent<br />
first. This agent should be a long-term PA, which is responsible to track the mobile terminal’s location<br />
beyond the scope of the current paging area. This means, the discovered PA, once having a registration<br />
for the respective mobile terminal, should be updated when the idle mode registration lifetime expires or<br />
the paging area changes. Two proposals are illustrated below, one having the idle mode registration<br />
implicit with the PA discovery procedure, the other one keeps PA discovery separated from the actual<br />
registration with this PA. The implicit registration can be requested from the MN in the registration<br />
message sent to the current AR. Messages for discovery and registration are the same, but distinguished<br />
with a flag set. Implicit registration messages carry the respective options required for the actual dormant<br />
registration. Since the mobile terminal has a previously established security association with its current<br />
AR, the AR can authenticate the incoming request. The AR generates another Dormant Mode Request<br />
message, which is to be sent to the responsible PA for dynamic security association establishment<br />
between the MN and the PA as well as for implicit registration purpose. The PA takes the decision on<br />
whether implicit registration should be allowed or the MN has to explicitly register dormant with the PA<br />
after the discovery procedure. In the reply from the PA, the appropriate keys for authentication of paging<br />
messages as well as for optional encryption of paging message parts are encapsulated. The PA either<br />
determines the keys on its own (if allowed from the provider) or contacts the AAAC.f, requesting<br />
appropriate keys. The lifetime of these individual keys terminates after a successful paging process and a<br />
mobile terminal’s active state registration. Before going dormant, the PA has to be registered with the<br />
HA, which is currently done by a BU message carrying the PA’s address within the alternate-CoA suboption.<br />
This signalling flow for PA discovery as well as for implicit dormant registration and explicit<br />
dormant mode registration is illustrated in Figure 101 and Figure 102 respectively.<br />
Explicit registration is optional and will not be deployed in the <strong>Moby</strong> <strong>Dick</strong> test-bed. Implic it registration<br />
is more efficient and will be supported by the test-bed<br />
D0103v1.doc 156 / 168
Change language