JUNHYUK SONG
INTERNET DRAFT CHAEYOUNG CHONG
October 2001 SAMSUNG ELECTRONICS.
DONGKIE LEIGH
SK TELECOM
IP User Mobility Support Model
draft-song-network-user-mobility-00.txt
Status of This Memo
Distribution of this memo is unlimited.
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at
any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at:
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at:
http://www.ietf.org/shadow.html.
Abstract
The demand for wireless mobile networking has been dramatically
increased thanks to rapid development of wireless technology and
de facto Mobile IP technology [1]. Mobile IP, as originally
specified, defines the protocol enhancements that can provide IP
mobility over the Internet. The mobile node, identified by its Home
Address regardless its attaching point can have transparent routing
of IP datagrams. However, the need for the user mobility support has
identified by many wireless operators so as to keep up with nowadays
competitive wireless mobile industry. The IP user mobility is as
this document defines that the ability of end user to send and
receive IP datagrams regardless of mobile terminal and current
location. This document specify the definition of the user mobility,
the merits of IP User Mobility, and finally provide IP user mobility
support model.
Song et al. Expires March 2002 [Page 1]
Internet Draft 12 October 2001
1. Introduction
The demand for wireless mobile networking has been dramatically
increased thanks to rapid development of wireless technology and
de facto Mobile IP technology [1]. Mobile IP, as originally
specified, defines the protocol enhancements that can provide IP
mobility over the Internet. The mobile node, identified by its Home
Address regardless its attaching point can have transparent routing
of IP datagrams. However, the need for the user mobility support has
identified by many wireless operators so as to keep up with nowadays
competitive wireless mobile industry. The user mobility is as
this document defines that the ability of end user to send and
receive IP datagrams regardless of mobile terminal and current
location. This document specify the definition of the user mobility,
the merits of IP User Mobility, and finally provide IP user mobility
support model.
1.1 IP User Mobility Definition
IP User Mobility is the ability of end users to originate and receive
IP datagrams on any host in any location, through the ability
of the network to locate end users as they move. IP User Mobility
is based on the use of a unique user identifier (i.e. 'Network
Access Identifier', NAI [2])
[Note: Above definition is from "Personal Mobility" [5] and modified
to fit IP world accordingly]
1.2 The merits of IP user mobility
- User can be located by user identifier regardless of point of
attachment
- IP user mobility can alleviate shortage of IPv4 address,
because user is not required to have an unique IP address
- The mobile node belong to either IPv4 and IPv6 network will be
supported since the attachment point of the user will be
dynamically binded to user identifier
- IP User Mobility provides scalability and reliability while
avoiding triangular routing by proxy agent
1.3 Network Model Requirements
A user must be able to send and receive IP datagrams, directed by
user identifier regardless of point of attachment and IP address of
user mobility node.
Song et al. Expires March 2002 [Page 2]
Internet Draft 12 October 2001
1.4 Goal
The goals of this document is to define IP user mobility and provide
the IP user mobility model.
1.5 Assumptions
- The high degree of mutual trust is assumed between user and User
Mobility Agent through authentication. The method or protocol used
for establishment of the security association is outside the scope
of this document.
- The high degree of mutual trust is assumed between correspondent
host and location server. The method or protocol used for
establishment of the security association is outside the scope of
this document.
- The location server MUST be globally locatable by correspondent
Host.
- The specific protocol used in user mobility model is outside the
scope of this document. However, authors have in mind of using SIP
[6], DIAMETER [8] or Mobile IP [1] with new extension as a
registration protocol, and DNS as a location update protocol.
- The IP address of User Mobility Agent in user's home network is
assumed to be known to user in this document. However, assigning
one specific UMA to the user may decreases scalability.
AAA infrastructure can be used to increase scalability and
reliability.
1.6 IP User mobility Applicability
The most of the widely deployed wireless IP mobility service is based
on IPv4, known for the IP address shortage problem. Mobile IP can
provide IP mobility service for the mobile node that frequently
change the point of attachment, and IP address while continue to
receiving IP routing service directed to its home IP address.
However, one of the drawbacks of IP mobility service is every mobile
IP subscriber need to have an unique home IP address for IP mobility
service which is difficult to accommodate in IPv4 network.
User mobility can resolve this problem by dynamically binding IP
address with user identifier that can be globally resolved through
location server while reducing latency caused by triangular routing,
and increase network reliability. IP user mobility and IP mobility
can supplement each other. [see Appendix A.2]
Song et al. Expires March 2002 [Page 3]
Internet Draft 12 October 2001
Since IPv6 is providing the large address space, each individual may
have unique IPv6 addresses to identify itself rather than host or
mobile terminal. IPv6 address is made of 16 octets; 32 characters.
It is not easy to use for ordinary people to identify an user.
User mobility service can provide the authority to let user to
register its IP address and user identifier through location server.
1.7 IP User Mobility application example
The one example of the user mobility service is global roaming
service through User Identification Module (UIM) that can be inserted
to any Host or Mobile Station in order to send and receive IP
datagrams directed to user identifier such as NAI [1]. UIM shall
have information of user, such as user identifier, shared key for
user authentication, IP address of the server that user can download
the necessary files to enable user mobility service. Another example
is instant messaging service that let other users or the Infomration
Broker to constantly reach the individual or group of specific users
regardless of user location by user identifier rather than IP
address.
1.7 Terminology
This document frequently used the following terms:
AAA
The server performing Authentication, Authorization, and
Accounting service
Correspondent Host (CH)
The host that a user is currently communicating with
Home Network
A network that user's AAA server and User Mobility Agent
located
Home Address
An IP address that is assigned for an extended period of time
to a mobile node. It remains unchanged regardless of where
the node is attached to the Internet [1]
Location Server
The server widely available for access that contains binding
table of the user identifier and current IP address
Song et al. Expires March 2002 [Page 4]
Internet Draft 12 October 2001
User Mobility Node (UMN)
A host or router that is capable of user mobility support, it
could either mobile or static.
Router
A node that provide forwards IP packets not explicitly
addressed to itself
User Binding Table
A cached table of User Mobility Agent has entry made of user
identifier, current IP address and lifetime.
User Mobility Agent (UMA)
A router on user's Home Network which dynamically update the
location of the user in location server.
User Identifier (UI)
The identifier made of concatenation of User ID and realm.
UI is basically used to identify the user and user
authentication
UI-AAA
User Identifier AAA authentication
2. Basic Operation
A user is identified by its User Identifier(UI) made of concatenation
of userID and realm. The user mobility agent in home network shall
have the user profile that contains User Identifier, shared key for
user authentication and some other user information.
(Note: Those information can be centrally stored in the AAA server).
Regardless of the location of the user, a user is always addressable
by its user identifier registered in location server as an entry;
user identifier (UI) matching current user mobility node IP address.
While the user is roaming into foreign network, user may obtain IP
address in order to access network after successful local access
authentication. After successful IP address allocation user shall
register it's newly allocated IP address to the user mobility agent
in its home network.
The user mobility agent MUST authenticate the registration message
and then update the current location of user in the location server.
After successful update with the location server, User Mobility
Agent MUST return registration reply message.
Song et al. Expires March 2002 [Page 5]
Internet Draft 12 October 2001
+---------+
|Location |
| Server |
+---------+
^
Update |
Current |
Location(3)|
+------+ +--------+ +---------+
| | | | | |
| | Registration (1) | | | |
| |-------------------->| Access | Registration (2) | User |
| UMN | | Router |------------------->| Mobility|
| | | |<-------------------| Agent |
| |<--------------------| | Registration Reply | |
| | Registration Reply | | (4) | |
| | (5) | | | |
+------+ +--------+ +---------+
Figure 1: User location registration
A User MUST re-register with User Mobility Agent periodically to
inform its network connectivity. If the user stop re-registering to
UMA, UMA MUST delete the entry in the User Binding Table after timer
expires, and MUST update the information to the location server.
When user move to the new location while communicating with
correspondent host, user mobility node MUST update its new location
by periodically retransmiting registration message to User Mobility
Agent until acknowledged. The user mobility node MAY send Redirect
Notification message to provoke Correspondent Host (CH) to update the
current location of user (IP address matching user identifier) from
the location server. (see figure 2)
Upon sending Redirect Notification message to CH, UMN shall
periodically retransmit Redirect Notification message for certain
number of times until UMN begin to receiving redirected IP datagrams
or retransmission timer expires.
Upon receiving Redirect Notification message, CH shall query the
location server for the current location of user. After obtain
location information (new IP address) for the user from the location
server, CH shall begin to sending IP datagrams to the new location of
the user.
Song et al. Expires March 2002 [Page 6]
Internet Draft 12 October 2001
Redirect Notification(6) +-------+ Location Query(7) +---------+
+------------------------>| CH |<------------------->|Location |
| +---------------------- +-------+ | Server |
| | Redirected IP datagrams (8) +---------+
| | ^
| | Update |
| | Current |
| v Location v (3)
+------+ +--------+ +---------+
| | | | | |
| | Registration (1) | | | |
| |-------------------->| Access | Registration (2) | User |
| UMN | | Router |------------------->| Mobility|
| | | |<-------------------| Agent |
| |<--------------------| | Registration Reply | |
| | Registration Reply | | (4) | |
| | (5) | | | |
+------+ +--------+ +---------+
Figure 2: Redirect Notification model
3. Requirements
This section describes requirements of IP user mobility service
for user mobility node, user mobility agent, and correspondent host.
3.1 User Mobility Node requirements
The host or router that user is using to register to the user
mobility agent MUST be aware of User Mobility Service that fully
complied with following requirements. It applies to all user
mobility node that support IP user mobility service
- Since user may move to new location frequently, it is required to
register its current location to location server through User
Mobility Agent in home network. The exact protocol for the
registration message is outside scope of this document, however
mobile node MUST support sending Registration message, and MUST be
able to receive and process Registration Reply message.
- User Mobility node MUST re-register its current location
periodically to User Mobility Agent. This is to prevent
misbehaving of location server caused by obsolete, not synchronized
user location data.
Song et al. Expires March 2002 [Page 7]
Internet Draft 12 October 2001
- The method by which a user mobility node to authenticate
registration message for secure communication with user mobility
agent is outside scope of this document, however registration
message MUST be authenticated. Using AAA infrastructure is one such
a method.
- User Mobility Node MUST maintain the list of correspondent host
that user mobility node has sent Redirect Notification message
until the lifetime of cached correspondent host expires.
3.2 User Mobility Agent requirements
The following requirements MUST apply to all User Mobility Agent
regardless of how User Mobility Agent is implemented. User Mobility
Agent can be implemented over AAA, Mobile IP Home Agent, web server,
standalone and etc. (see Appendix A)
- User Mobility Agent MUST be able to process registration message
for user authentication and user location update with location
server.
- User Mobility Agent MUST have user binding table made of an
entry for each registered user identifier(UI) with IP address of
UMN that currently user is using and its lifetime.
- User Mobility Agent MUST maintain lifetime for the user binding
table. It is initialized upon receiving registration message from
the user mobility node, and re-newed by each time reception of
re-registration message. If the lifetime expires, User Mobility
Agent MUST delete entry for the user binding table and MUST send
update message to the location server to delete the record of user
identifier.
- User Mobility Agent MUST be able to return registration reply
message in response to registration message after successful user
location update.
- User Mobility Agent MUST have high degree mutual trust with
registerd user
- User Mobility Agent MUST have high degree mutual trust with
location server.
Song et al. Expires March 2002 [Page 8]
Internet Draft 12 October 2001
3.3 Correspondent Host requirements
The following requirements apply to all correspondent hosts which is
either sending or receiving IP datagrams from user mobility node
- Correspondent host MUST be able to query the current location of
user from the location server.
- Correspodent host MUST have certain degree of mutual trust with
location server. (Note: The degree of mutual trust depends on what
protocol is used between CH and Location server)
- Correspondent host MUST be able to process Redirect Notification
message from user mobility node for update of the current location
of the user.
- Correspondent host SHOULD maintain a cache table for user
identifier and IP address of user mobility node obtained from the
location server.
4. Security Considerations
There is a possibility of denial service attack by malicious user.
The DoS attack is possible by sending forged Redirect Notification
message continuously to correspondent host. Upon receiving of
every Redirect Notification, CH may ended up keep querying to the
location server, eventually bombarding the location server.
The lifetime value for the cache of the user location must be set to
reasonable time to minimize the risk of denial of service attack.
5. Acknowledgements
Special thanks to Prof. Murali Venkatesh of Syracuse University.
Song et al. Expires March 2002 [Page 9]
Internet Draft 12 October 2001
Appendix A. IP User Mobility implementation example model
1. User Mobility Agent implemented in AAA
This model defines user mobility support through User Mobility Agent
implemented in AAA infrastructure. This model can provide better
salability than standalone UMA model because User Mobility Agent
implemented where user profile is located. MN shall generate UI-AAA
authentication for user authentication. After successfully
authenticate the user authentication request, UMA shall transmit User
location Update to location server.
+--------------+ UI-AAA (3) +--------------+
| | Auth Req | AAAH/ |
| AAAF |-------------->| User Mobility|
| |<--------------| Agent |
+--------------+ UI-AAA (5) +--------------+
^ | Auth Ack |
UI-AAA | | User |
Auth Req | | UI-AAA Location |
(2) | | Auth Ack Update(4)|
| | (6) v
| v +---------------+
+------+ UI-AAA +-----------+ |Location Server|
| | Auth Req (1) | | +---------------+
| |---------------------->| ROUTER | ^
| |<----------------------| | User |
| UMN | UI-AAA | | Location |
| | Auth Ack (7) | | Query |
| |<--------------------->| | |
| | IP data (8) | | +-------+
+------+ | | <-----------| CH |
+-----------+ IP data +-------+
Figure 3: User Mobility support through AAA
Song et al. Expires March 2002 [Page 10]
Internet Draft 12 October 2001
2. User Mobility Agent support with MIPv6[9] and DNS[6]
This model defines user mobility support of Mobile IPv6 network.
When user moves to new location, user shall register its current
location to UMA by using Mobile IP binding update message with user
authentication option. UMA implemented in Home Agent shall update
the location of the user to DNS server after successful user
authentication and Mobile IP process.
MIPv6 Host shall query of the user location through DNS server to
locate the most recent location of the user. The MIPv6 host shall
retrieve two records, one for home address of mobile node and the
other is current UMN address. MIPv6 host shall begin to transmit IP
packets to home address of MN.
The IP data will deliver to MN by HA as encapsulated data.
Upon receiving of encapsulated IP data, MN shall send binding
update request message to MIPv6 host. The MIPv6 host shall compares
IP source address of binding update request with retrieved records of
the user, and if it matches same shall begin to sending IP packets to
MN directly.
+------+ Agent +------------+ +--------------+
| | Advertisement(1)| | | |
| MN/ |<----------------| MIPv6 |Binding Update(3)| MIPv6 |
| UMN |Binding Update(2)| Router |---------------->| HA/UMA |
| |---------------->| |<----------------| |
| |<----------------| |Binding Ack (5) | |
| |Binding Ack(6) | | | |
| | | |<----------------| |
| |<----------------| |Encapsulated IP | |
+------+ Encapsulated IP +------------+Packet (9) +--------------+
| ^ Packet (10) ^ ^
| | | |
| | | |
| | IP traffic (12) +------------+ IP traffic (8) | |
| +----------------------| MIPv6 Host |---------------------+ |
+----------------------->| | |
Binding Update Request(11)+------------+ |
^ DNS |
| Update |
DNS | (4) |
Query | |
(7) | v
| +--------------+
+-------------------->| DNS server |
+--------------+
Figure 4: User Mobility support by MIPv6 and DNS
Song et al. Expires March 2002 [Page 11]
Internet Draft 12 October 2001
3. User Mobility Support using UIM and AAA infrastructure
When user access foreign network with UIM, access Router may provide
local authentication (such as CHAP) for the mobile node.
After successful local authentication for network access, MN shall
access the webserver to UMN client program. Upon completion of
installation, UMN form the user location update message with UI-AAA
authentication for location registration to User Mobility Agent.
User Mobility Agent shall update the current location of user to
location server after successful UI-AAA authentication through AAAH.
+--------------+
| |
| AAAH |
| |
+--------------+
^ |
+-----+ | |UI-AAA
| UIM | UI-AAA | |Auth(5)
+-----+ Auth(4)| |
| | V
+------+ Terminal (1) +--------+ +---------+
| | Authentication | | | |
| |<------------------->| |User Location Update| |
| | | Access |with UI-AAA auth(3) | User |
| UMN | User Location Update| Router |------------------->| Mobility|
| | with UI-AAA auth (2)| |<-------------------| Agent |
| |-------------------->| |User Location Update| |
| |<--------------------| | Ack(7) | |
| | User Location Update| | | |
+------+ Ack (8) +--------+ +---------+
^
| (6)
|
v
+----------------+
|Location Server |
+----------------+
Figure 5: UIM support through User Mobility Agent and AAA
Song et al. Expires March 2002 [Page 12]
Internet Draft 12 October 2001
References
[1] C. Perkins, Editor. "IP Mobility Support". RFC 2002. October
1996.
[2] Bernard Aboba and Mark A. Beadles "The Network Access
Identifier". RFC 2486. January 1999.
[3] Calhoun, P. and C. Perkins. "Mobile IP Network Access Identifier
Extension for IPv4", RFC 2794, January 2000.
[4] Calhoun, P. and C. Perkins. "Mobile IPv4 Challenge/Response
Extensions", RFC 3012, November 2000.
[5] R. Pandya, "Emerging mobile and personal communication systems."
IEEE Communication Magazine, vol. 33. pp 44-52, June 1995
[6] M. Handley, H. Schulzrinne, E Schooler, and J. Resenberg,
"SIP: session initiation protocol,: Request for Comments
(Proposed Standard) 2543, Internet Engineering Task Force,
Mar. 1999
[7] J.H Song and C.Y Chong
"draft-song-mobileip-mipv6-user-mobility-00.txt"
[8] Pat R. Calhoun and C. Perkins. "Diameter Mobile IPv4
Application" draft-ietf-aaa-diameter-mobileip-07.txt
[9] David B. Johnson and C. Perkins. "Mobility Support in IPv6"
draft-ietf-mobileip-ipv6-14.txt
Song et al. Expires March 2002 [Page 13]
Internet Draft 12 October 2001
Addresses
Questions about this memo can be directed to the authors:
JUNHYUK SONG
SAMSUNG ELECTRONICS.
Mobile Development Team
Network Systems Division
Phone: +82-31-779-6822
Email: santajun@lycos.co.kr
FAX: +82-31-7798769
CHAE YONG CHONG
SAMSUNG ELECTRONICS.
Mobile Development Team
Network Systems Division
Phone: +82-31-779-6822
Email: cychong@samsung.com
DONGKIE LEIGH
SK TELECOM
Core Network Development Team
Network R&D Center
Phone +82-2-829-4640
Email: galahad@netsgo.com
FAX:+82-2-829-4612
Song et al. Expires March 2002 [Page 14]