Documente Academic
Documente Profesional
Documente Cultură
1 INTRODUCTION ....................................................................................................2
1.1 VPNs and How They Benefits Operators and Customers ................................................................2
4 CONCLUSION........................................................................................................9
RADIUS ..........................................................................................................................................................................14
1 Introduction
GPRS (General Packet Radio Service) must support access to private corporate networks.
Corporations expect convenient, but secure, access from wireless data networks. Roaming
mobile corporate users should have secure, trusted access to the companys data vaults. The
term Wireless Virtual Private Network (Wireless VPN) is used to describe such an environment.
This document reviews key tunneling, authentication and encryption techniques and ways GPRS
can use them to provide secure corporate network access. This document then applies these
components to GPRS VPN access solutions, and shows implications for carriers.
GPRS wireless access services make this possible. Many GPRS operators will enter this
lucrative and competitive market. Sometimes the computers we dont see will participate in VPNs;
in vehicles, vending machines and appliances that are remotely monitored where wireline
connectivity is not feasible or financially practical. Wireless VPNs will share resources in the
GPRS backbone. GPRS VPNs are based on standard Internet protocols and feature seamless
interoperability between providers. Some providers may support multiple access technologies.
With Intranets everywhere, IP will be the main corporate network protocol, enhanced to provide
end-to-end security, confidentiality, authentication and integrity over a shared VPN network.
In summary, VPNs benefit both the corporation and the service provider because:
Corporations outsource remote access to avoid the cost of purchasing and supporting
infrastructure.
Corporations leverage the Internet to provide seamless connectivity to remote offices, SOHO,
mobile employees and extranet business partners over a secure network infrastructure,
VPN enhances corporate relationships with customers, business partners, and suppliers.
Service providers increase revenue by offering secure, value-added network access services.
Service providers differentiate their VPN offerings, adding extranet & content-related services
Service providers alleviate end-point congestion in the PSTN by implementing Internet-based
VPN
Where a GPRS VPN is being considered, a corporation should evaluate several factors unique to
the wireless world. Security aspects may be the foremost concern, especially for what might
appear to be the most vulnerable portion of the Mobile-corporation path: the airlink. TDMA and
the other GPRS access technologies have designed the mobile network so that the packet data
traffic is protected by encryption over the air. This improves performance, as many end-to-end
encryption methods add extra bytes to each packet sent over the air. They will also interfere with
the data compression techniques implemented between the mobile system and the GPRS
operators network.
The availability of VPN service for roaming users should be discussed. Some corporations will
only want their networks accessed using selected wireless operators, or from selected
geographical locations. Multinational corporations may decide that roaming users should
connect with local VPN access points.
The performance of the airlink, especially the throughput seen by data users, will vary. Though
the GPRS airlink has multiple methods to ensure reliable airlink data transmission, factors such
as fading and multipath may reduce performance. A corporation wishing to deploy applications
that are delay and throughput sensitive should discuss the feasibility with the GPRS operator.
Enhancements to the airlink and network infrastructure to meet enhanced QoS requirements are
underway in standards organizations.
GPRS
HLR IPsec
IPsec
VPN Gateway
Clients GGSN Internet Server
Carriers Packet
Data Network (Any ISP) Intranet
GTP Connection
SGSN
IPsec Tunnel, end-to-end
Security
Virtual Private Network (VPN) Server
1. PPTP (Point to Point Tunneling Protocol) from the MS to a gateway within the corporate
network.
2. L2TP (Layer 2 Tunneling Protocol) from the MS to a corporate LNS (L2TP Network Server)
within the corporation. The MS itself takes on the LAC (L2TP Access Concentrator) function.
Note that L2TP does not itself include data encryption. Running L2TP on top of an IPsec
layer will provide the needed confidentiality.
These other two voluntary tunneling solutions utilize PPP (Point to Point Protocol). If a
compression option for PPP can be negotiated between the endpoints, this will provide some
compensation for the additional headers required by tunneling.
Voluntary-based W-VPN Access: Example, Figure 3 below depicts the session flow of IPsec in
rd
an end-to-end service context. Use of a trusted 3 party CA (certificate authority) with its PKI
(Public Key Infrastructure see the appendix) is exposed. This solution might utilize Lucents
access router AP1000, or Lucents Managed Firewall product, both based on IPsec security, and
compatible with the industrys leading RADIUS and PKI products and service providers.
MS Basestation GGSN
Homepage
Access:
Billing = 1
Public Key Infrastructure
Firewall &
Profile = 2
Location = 3
Subscribe = 4
SGSN (PKI) Authentication
TE
Server IPsec Gateway
Trusted
data request
IPsec Connection request
Packet
VPN Connection and service request Data Network
Clients Authentication request
IPsec tunnel
Figure 3 Service Provider Independent (SPI), IPsec with 3rd party PKI
The GPRS operator may provide portions of the Public Key Infrastructure (PKI). While its role in
providing the VPN might seem limited, the operator can play an important role to reduce security
risks associated with the service provider independent, voluntary tunnels. While the remote user
can have a secure path to the corporate intranet, the users device may still be accessible from
the larger, insecure, Internet. Should that device is compromised, the security of the corporation
is imperiled. The problem stems from having a remote device that has a network presence on
both secure and insecure networks. The addition of protective firewall software on the client is
one potential solution. Another solution would be for the GPRS operator to screen the mobiles
traffic to/from IP addresses other than the corporate gateway.
LNS
LAC
Server
Wireless
VPN GPRS Firewall
Users packet data network
Internet , Intranet
any ISP
GGSN
SGSN Compulsory Tunnel
PPP AAA
Server
Figure 4 shows a GPRS W-VPN utilizing compulsory tunneling. Rather than an end-to-end
solution, the VPN is made of two distinct segments, one in the GPRS operators access network
and another that traverses the Internet. The network operator delivers a value-added, secure,
access service. Its access concentrator is the tunnel establishment point. After connecting to it
users data is tunneled to a termination device at the edge of the corporate network. Here user
packets are authenticated, and access to corporate data is authorized. The carrier builds and
manages this network-to-network compulsory solution. Here, the corporation and its road warriors
depend upon the service providers wireless transport to access their Intranet. Example
compulsory GPRS solutions include:
1. L2TP access concentrator in carriers network between GGSN and corporate firewall;
2. Gateway to gateway compulsory IPsec tunneling;
3. A dedicated GPRS-GGSN, co-located at/near the corporate firewall (using GTP tunneling);
The user (mobile device) requests a PPP session that starts at the mobile and then exits the
GPRS network at the GGSN. The GGSN either contains, or is collocated with, an L2TP LAC.
The LAC tunnels the PPP stream (via L2TP packets carrying PPP frames) to an L2TP LNS at the
corporate networks edge. Actual authentication and authorization, as well as IP address
assignment occurs here, under the control of the corporate network.
This scenario is based on a SLA or Security Association (SA) established between a LAC
function that is at the GGSN and corporate-based LNS, see Figure 4. The SA provides privacy
rules and L2TP tunnels for user data. This is important because L2TP does not support its own
security and because PPP encryption is neither widely deployed nor have multi-vendor
interoperability. In this compulsory scenario, the operator assigns a corporation an APN (Access
Point Name) network identifier (for example corp_xyz_vpn.tdmaoperator.net). That APN is used
by the SGSN to select the GGSN to be addressed for a specific group of corporate mobile users.
The GGSN will receive the IP address of the LNS at the users corporate network. This is passed
to the LAC function, for packet forwarding to the LNS.
The user accesses a corporate network after their wireless device first attaches to the GPRS
network, using a data type PPP and specifying the APN. Once the PDP context is active, control
is passed to the LAC so it can relay the information used by PPP. This triggers the establishment
of a L2TP control connection to the corporate LNS. If an L2TP tunnel is already established for
the corporate VPN connection the newly attached user can share it. If not, a new tunnel will be
created. The GGSN then uses the L2TP control connection to establish an L2TP call (L2TP
tunnel to carry PPP) between the LAC and the LNS. The authentication of the mobile is
performed via the corporate LNS. The corporate LNS will often utilize the services of the
corporate AAA system (e.g. RADIUS). After authentication phase an IP address is assigned to
the mobile, as is normally the case. The mobile has no carrier-network IP address associated
with it, instead the mobile has thus established a PPP session directly with the corporate network.
MS
GGSN IPsec Public
Basestation Key
TE Infrastructure
(PKI)
gateway Authentication
Server Firewall &
SGSN IPsec Gateway
Authentication request
CreatePDPContextResponse (without
external PDN address allocation)
Validated auth response
Activate PDP Context Accept
Authentication response
Update PDP Context Responsewith
(
external PDN address allocation
) with PDN address allocation
IPsec tunnel
Figure 5 IPsec gateway with PKI and external address allocation
It is important to note that this solution requires that the GGSN directly associate the mobiles IP
address with the IPSec tunnel so that packets to/from the mobile traverse only that tunnel. The
corporation may internal use IP addresses that conflict with normal Internet assignments, e.g.
through the use of private IP addresses as described in RFC1918.
Figure 5, above, depicts the session flow of a PDP context establishment where the user is
rd
authenticated for private network access via a highly trusted 3 party PKI service provider. This
scenario may be viable for corporations seeking to lower the cost of their internal security
systems, while avoiding full trust in their wireless carrier. Or, the wireless carrier can offer to
provide this PKI as a value-added service, perhaps including wireless e-commerce transaction
services for horizontal services/markets.
Figure 6 below, shows a logical multiple VPN gateway architecture for a GPRS Backbone System
IPsec Tunneling / Packet Filtering IPsec Tunneling / Packet Filtering IPsec Tunneling / Packet Filtering IPsec Tunneling / Packet Filtering
PKI, 3rd Party
Authentication
Server
Carrier Intranet Lucent Corp. Intranet
Packet Data
Base Network FIREWALL
SGSN
Station
GGSN & Router
...
Private Corporate
App.
Corporation Y
Firewall Servers
Router Internet,
any ISP
FIREWALL
Authentication
Server
Security
& Router
...
Private Corporate
App.
Mgt Server
Lucent Corp. Security zone Servers
Tunnel
In this example above, each VPN can be defined by filtering rules in a managed firewall. The
above example suggests a trusted GPRS HLR look-up as the means to authenticate a mobile
subscriber to a VPN group, and be allowed access behind its corporate firewall.
Wireless GPRS
VPN HLR
Clients Firewall
SGSN Carriers Packet
Data Network
Internet Intranet
(Any ISP)
GTP Connection GGSN
GPRS Tunnel
Security
Virtual Private Network (VPN) Server
Putting a GGSN at or behind the corporate firewall provides GTP tunneling over the Internet.
WIth the additional of an IPsec point-to-point tunnel between the GPRS network and the GGSN
the payload itself is protected. The remote GGSN case, shown in Figure 7 is an interesting
alternative with a router-based platform for the GGSN. Issues:
1. Is it cost effective to have a GGSN on the corporate premises?
2. How does the service provider ensure the secure of the GPRS infrastructure when a
connection to the SGSN, a key network node, exists in a remote corporate site.
3. Another issue is ownership and administration of the GGSN.
Does the GPRS operator manage this node? If so, how does the operator gain the
required access? A specific Service Level Agreement is needed.
If the remote GGSN is owned and operated by the corporation, is the corporation then
responsibe for establishing any required roaming agreements?
Working out satisfactory answers to the above can turn this scenario into a very viable VPN
option for corporations.
4 Conclusion
This paper has highlighted a short set of the solutions available for implementing VPNs on GPRS
networks. The surviving solution(s) will be those that can economically deliver secure, efficient,
and low maintenance VPNs, and they could achieve significant market presence.
Lucent is vigorously working standards issues to ensure that interoperable solutions are available
for GPRS operators and their corporate customers.
Much of the PPTP work was done in the PPTP forum (Lucent/Ascend, US Robotics / 3Com
Corp., and Telematics). Support for compulsory PPTP tunnels is also built into network access
servers from these members. Standards bodies attention has shifted to L2TP. Still, PPTP
remains an important option where the encryption and decryption end points are Windows clients
due to the strong support from Microsoft.
PPTP is designed to provide a tunnel for transporting PPP through an IP network, therefore can
support multiple protocols (IP, IPX, and NetBEUI); and be used to access a variety of LAN
infrastructures. PPTP is intended to decouple functions, which exist in Network Access Servers,
in client server architectures designed for VPNs. The client PPTP Access Concentrator (PAC)
can operate as a classic access platform. This is the logical termination of PPP LCP sessions.
The server part, PNS, is intended to run on general-purpose operating systems.
PPTP decoupling allows aggregation of access channels to the Intranet It is possible to have
a many-to-many relationship between PACs and PNSs. As example, an ISP can provide
VPN service for multiple private network clients, and multiple PACs can connect to a single
PNS. Also, PPTP requires no change to the network addressing that is in place today.
PPTP uses an extended GRE header format that can be used to determine the rate at which
packets are to be transmitted over the tunnel during a given session, thus allowing for low
level bandwidth management of the tunnel traffic. It efficiently allows acknowledgments to be
piggybacked onto data packets. The sliding window protocol of the PPTP data path promotes
flow control on each end of the tunnel. It ramps up with each successful packet transmission.
The L2TP tunnel transports both control and data messages. The data messages are PPP
frames encapsulated in the L2TP header. A Session ID in the L2TP header is associated to data
messages belonging to the same PPP session. PPP calls are controlled by L2TP Control
messages. Control messages are transported over a reliable channel that L2TP itself provides.
L2TP can run over UDP, which is faster and leaner than TCP but doesnt retransmit lost packets.
PPTP separates the control and data channels into a control stream that runs over TCP and a
data stream that runs over GRE encapsulation. With combining channels and use of UDP, this
can make L2TP superior to PPTP in some contexts. L2TP is protocol-independent, and can run in
other networks, like X.25, Frame Relay and ATM. Some vendors that support it are implementing
L2TP over UDP for use with Internet tunneling.
As stated above, L2TP by itself is not fully secure. It provides a secure CHAP-like authentication
of the L2TP control connection, but tunnel hijacking is still possible by expert hackers. To fully
secure L2TP tunnels, a service provider needs IPsec mechanisms. Manually configured static
security associations could be part of a Service Level Agreement (SLA) between the corporation
and the wireless network operator. Otherwise, dynamic negotiation procedures could be used, a
la IPsec.
In a typical L2TP context, PPP frames are tunneled between the Remote System (RS) and an
LNS located in a Corporate Intranet/LAN. The RS initiates a PPP connection to a LAC, which
tunnels the PPP connection across the Internet to an LNS whereby access to the Corporate
Intranet is obtained. A LAC Client (a Host which runs L2TP natively) may also participate in
tunneling to the Intranet. In this case, the Host equipped with the LAC Client software uses a
connection to the public Internet to set up a "virtual" PPP via a L2TP tunnel to the LNS. The RS is
assigned an address from the Corporate Intranet/LAN via PPP NCP negotiation. The Intranets
AAA server may provide authentication, Authorization and Accounting (AAA), as if the user was
connected to a Network Access Server directly. The typical AAA protocol used is RADIUS. A
RADIUS client will be normally collocated with the LNS. Where a trusted SLA relationship exists
between the PLMNO and the corporation, proxy authentication is possible, and is performed at
the LAC by passing authentication information and authorization information between the LAC
and the LNS. The LNS may however request the PPP authentication phase to take place at the
LNS by turning off the proxy authentication.
multilink even when sessions spread across distinct physical NASs. (Multilink PPP
[RFC1990] requires that channels of a multilink bundle be grouped at a single or Network
Access Server.)
IPsec - The IETFs Standard Protocol Suite for secure end-to-end W-VPN
The IETF developed the IP security (IPsec) protocol suite (RFC 2401), a set of IP extensions that
provide security services at the network layer. IPsec technology is based on standard
cryptographic technologies, making possible very strong data authentication and privacy
guarantees. IPsec secures the applications and the network they run over. As it secures the
network itself, the IPsec protocol suite guarantees security for any application using the network.
IPsec as a voluntary tunneling approach is a more secure alternative than PPTP or L2TP. It
supports stronger encryption algorithms, such as Triple DES etc. Secure W-VPN solutions
require good key exchange mechanisms that scale easily without degrading performance. IPsec
supports large enterprise needs. Its strong key exchange protocol negotiation scheme sets it
apart from other security systems.
IPsec includes an integrity check, to ensure that no packets are deleted, added or tampered with
during transmission, a strong security differentiator. Via IPsec, information is encrypted, and with
digital certificates authentication the trusted identity of the communicating hosts are assured
using public key encryption. AH and ESP protocols are the IPsec building blocks needed to
implement secure W-VPNs. Encryption services provided by AH and ESP keep data secret, for
verification of its origin, and for providing protection against undetected tampering.
Secure W-VPN solutions require good key exchange mechanisms. The importance increases as
enterprises get larger. IPsec supports large enterprise needs with its strong key exchange
protocol negotiation scheme sets it apart from other security systems. It provides negotiation with
other entities: the protocols, encryption algorithms, and for easy exchange of key mechanisms.
In summary, IPsec W-VPN allows one to:
form Security Associations (SAs) with a range of attributes, layer network access services
build multiple domains of communication within the same secure context, ex: W-VPN, VPN
update keys as frequently as needed, getting the best of both worlds - perfect forward
secrecy, and a transparent background mechanism the user doesnt ever think about
implement in any IP network environment, of any size, for any size of enterprise, and
implement with anyone using IPsec technology, creating new SAs with whomever needed
With an IPsec secure W-VPN you can have secure end-to-end networking, without making
constant, drastic changes to your network infrastructure. A laptop with a suitable IPsec-compliant
program can connect securely and transparently to your corporate network through a W-ISP
anywhere. One no longer needs to lease dedicated data lines because an Internet connection of
suitable available bandwidth will do the same job. Internet Service Providers (ISPs) are now
moving to provide VPN service level guarantees like those of a leased line.
The journal Network World has not reported any detailed results on specific vendors to the public,
but information released is suggesting that exchanging encryption keys using IPsec and a
standard known as the Internet Key Exchange (IKE) can be a problem. IKE interoperability will
become more important as greater numbers of companies use VPNs in extranets and e-
commerce. Security managers need assurance that if they require the exchange of keys before a
transaction can commence the device at the client's or customer's end of the session will be able
to send or receive a key in the process of establishing a session.
An end-to-end PKI security solution for enterprise Intranet and Extranet communications, includes
an overall PKI infrastructure and software that provides desktop security and Web-based digital
certificate issuance. This is transparent to corporate users. Hence, so they are more likely to send
secured e-mails, etc. without any special training. PKIs issue certificates to authenticate
customers, using mathematical "keys" to encrypt and digitally sign each transaction. Such keys
are managed via the PKI, which provides confidentiality and access control for applications
across an enterprise. A PKI manages the life cycle of certificates. PKI software can be combined
with other security elements such as firewalls and routers. All users in a PKI have a registered
identity, making wireless data communication safer. Stored in a digital format in a directory, a
typical PKI certificate includes:
users name and other attributes that uniquely identify the user (i.e. employee number)
public key of the user, required so others can encrypt or verify the users digital signature
Validity period for the certificate (i.e. six months, 2 years etc.)
specific operations for using the public key (i.e. encrypting data, verifying digital signatures,)
RADIUS
The Remote Authentication Dial In User Service (RADIUS) protocol is a very popular method for
managing remote user authentication and authorization. RADIUS is a lightweight, UDP-based
protocol. It is used for managing dispersed serial lines and modem pools for large numbers of
users, because of the need for large-scale administrative support. As modem pools are used for
access from the outside world, they require robust solutions for security, authorization and
accounting. With RADIUS this is achieved by managing a single 'database' of users, that allows
authentication (verifying user name and password) and configuration information detailing the
type of service to deliver to the user (ex: PPP, SLIP, telnet, etc).
The main components of RADIUS, in the Client/Server Model include: A Network Access Server
(NAS) operating as client of RADIUS, and is responsible for passing user information to
designated RADIUS servers, and then acting on the response which is returned. The RADIUS
server receives user connection requests, authenticates the user, and returns all configuration
data needed for client to deliver service to the user. RADIUS servers act as proxy clients to other
RADIUS servers or other authentication servers.
Client and RADIUS server transactions are authenticated via shared secret information that isnt
sent over the network. All user passwords are sent encrypted between the client and RADIUS
server, to eliminate hackers determining a user's password.
Authentication Mechanisms: RADIUS supports several ways to authenticate users. Ex: when
provided with the user name and original user password, it supports PPP PAP or CHAP, UNIX
login, and other authentication mechanisms.
RADIUS is designed to carry authorization data and is widely deployed, so it is reasonable to use
it for transferring the information required for setting up dynamic tunnels, integrating for example
RADIUS and PPTP. In order to implement dynamic compulsory tunnels using RADIUS (see
below), attributes must be defined to carry the data needed to create a new tunnel or use of an
existing tunnel, and a complete implementation strategy must be devised.
Security Associations
Security Associations (SA) refer to configuration and fault management agreements between the
corporation with the network operator, an example being LNS IP address(s) provisioned into the
HLR. SAs covering GGSN(s) interactions with SGSN(s) and LNS(s) must likewise be created.
Changes in the corporate network must be coordinated with the carrier (i.e. updated into the HLR
and the IP security functions at the GGSN's LAC).
ge
Homepa :
Acc ess
MS Basestation GGSN
1
g = = 2
Billin e
Profilon = 3
Locati ibe = 4 SGSN LAC
TE Subscr
Intranet
LNS
Packet
Data Network
AT commands
Activate PDP Context Req.
How well this would scale in a multi-carrier roaming service is an interesting question. The L2TP
service architecture and session flows are shown above in Figure 8. It does not depict actual
security feature flows.