Browse Prior Art Database

Protocol for Carrying Authentication and Network Access (PANA) Threat Analysis and Security Requirements (RFC4016)

IP.com Disclosure Number: IPCOM000101198D
Original Publication Date: 2005-Mar-01
Included in the Prior Art Database: 2005-Mar-16
Document File: 16 page(s) / 36K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Parthasarathy: AUTHOR

Abstract

This document discusses the threats to protocols used to carry authentication for network access. The security requirements arising from these threats will be used as additional input to the Protocol for Carrying Authentication for Network Access (PANA) Working Group for designing the IP based network access authentication protocol.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 8% of the total text.

Network Working Group                                   M. Parthasarathy
Request for Comments: 4016                                         Nokia
Category: Informational                                       March 2005


     Protocol for Carrying Authentication and Network Access (PANA)
              Threat Analysis and Security Requirements

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document discusses the threats to protocols used to carry
   authentication for network access.  The security requirements arising
   from these threats will be used as additional input to the Protocol
   for Carrying Authentication for Network Access (PANA) Working Group
   for designing the IP based network access authentication protocol.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
   2.  Keywords . . . . . . . . . . . . . . . . . . . . . . . . . . .  2
   3.  Terminology and Definitions. . . . . . . . . . . . . . . . . .  2
   4.  Usage Scenarios. . . . . . . . . . . . . . . . . . . . . . . .  3
   5.  Trust Relationships. . . . . . . . . . . . . . . . . . . . . .  4
   6.  Threat Scenarios . . . . . . . . . . . . . . . . . . . . . . .  5
       6.1.  PAA Discovery. . . . . . . . . . . . . . . . . . . . . .  6
       6.2.  Authentication . . . . . . . . . . . . . . . . . . . . .  6
       6.3.  PaC Leaving the Network. . . . . . . . . . . . . . . . .  9
       6.4.  Service Theft. . . . . . . . . . . . . . . . . . . . . . 10
       6.5.  PAA-EP Communication . . . . . . . . . . . . . . . . . . 11
       6.6.  Miscellaneous Attacks. . . . . . . . . . . . . . . . . . 12
   7.  Summary of Requirements. . . . . . . . . . . . . . . . . . . . 13
   8.  Security Considerations. . . . . . . . . . . . . . . . . . . . 13
   9.  Normative References . . . . . . . . . . . . . . . . . . . . . 14
   10. Informative References . . . . . . . . . . . . . . . . . . . . 14
   11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 14
   Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 14
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 15


Parthasarathy                Informational                      [Page 1]
RFC 4016                  PANA Threat Analysis                March 2005


1.  Introduction

   The Protocol for Carrying Authentication for Network Access (PANA)
   Working Group is developing methods for authenticating clients to the
   access network using...