Mobile IP Authentication, Authorization, and Accounting Requirements (RFC2977)
Original Publication Date: 2000-Oct-01
Included in the Prior Art Database: 2019-Feb-12
Internet Society Requests For Comment (RFCs)
S. Glass: AUTHOR [+3]
This document contains the requirements which would have to be supported by a AAA service to aid in providing Mobile IP services. This memo provides information for the Internet community.
Network Working Group S. Glass Request for Comments: 2977 Sun Microsystems Category: Informational T. Hiller Lucent Technologies S. Jacobs GTE Laboratories C. Perkins Nokia Research Center October 2000
Mobile IP Authentication, Authorization, and Accounting Requirements
Status of this Memo
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
Copyright (C) The Internet Society (2000). All Rights Reserved.
The Mobile IP and Authentication, Authorization, Accounting (AAA) working groups are currently looking at defining the requirements for Authentication, Authorization, and Accounting. This document contains the requirements which would have to be supported by a AAA service to aid in providing Mobile IP services.
Clients obtain Internet services by negotiating a point of attachment to a "home domain", generally from an ISP, or other organization from which service requests are made, and fulfilled. With the increasing popularity of mobile devices, a need has been generated to allow users to attach to any domain convenient to their current location. In this way, a client needs access to resources being provided by an administrative domain different than their home domain (called a "foreign domain"). The need for service from a foreign domain requires, in many models, Authorization, which leads directly to Authentication, and of course Accounting (whence, "AAA"). There is some argument which of these leads to, or is derived from the others, but there is common agreement that the three AAA functions are closely interdependent.
Glass, et al. Informational [Page 1]
RFC 2977 Mobile IP AAA Requirements October 2000
An agent in a foreign domain, being called on to provide access to a resource by a mobile user, is likely to request or require the client to provide credentials which can be authenticated before access to resources is permitted. The resource may be as simple as a conduit to the Internet, or may be as complex as access to specific private resources within the foreign domain. Credentials can be exchanged in many different ways, all of which are beyond the scope of this document. Once authenticated, the mobile user may be authorized to access services within the foreign domain. An accounting of the actual resources may then be assembled.
Mobile IP is a technology that allows a network node ("mobile node") to migrate from its "home" network to other networks, either within the same administrative domain, or to other administrative domains. The possibility of movement between domains which require AAA services has created an immediate demand to design and specify AAA protocols. Once available, the AAA protocols and infrastructure will provide the economic incentive for a wide-ranging deployment of Mobile IP. This document will identify, describe, and discuss the functional and performance requirements that...