IEEE 802.11-22: Addressing Identification Issues in Pre-Association

feb 2022 n.w
1 / 14
Embed
Share

"Explore the identification challenges in pre-association scenarios for IEEE 802.11 networks. Discussion includes home automation, device detection, and user cases. Learn about the implications of MAC address recognition and securing user privacy within the network."

  • IEEE
  • Identification
  • Pre-Association
  • Home Automation
  • MAC Address
rayaanacharya
angelos_c Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Feb 2022 Doc.: IEEE 802.11-22/360r0 The identification issue in pre-association Date: 2022-02-19 Authors: Name Jay Yang Affiliations Nokia Address Phone email Zhijie.yang@nokia-sbell.com Max Riegel Mika Kasslin Jianguo Liu Okan, Mutgan Submission Slide 1 Jay Yang, et al. (Nokia)

  2. Feb 2022 Doc.: IEEE 802.11-22/360r0 Abstract Further discussion on some user cases in Reference [1] Supplement some new user cases Submission Slide 2 Jay Yang, et al. (Nokia)

  3. Feb 2022 Doc.: IEEE 802.11-22/360r0 4.3 Post-association home automation (including arrival detection) NOTE: Post-association means after both association is complete, and security context is established. Similarly, two trends in home automation are converging: use of 802.11 technologies as the backbone of the automation system; and a feature of the automation system which allows it to recognize when one of the residents arrives and welcoming them home by turning on lights, music, etc., tailored to the individual. This convergence means that using the 802.11 network to detect the individual s arrival, by detecting their personal 802.11 device (smartphone, etc.) is a highly desirable capability. Currently, this device recognition is usually done based on the MAC address. Key point: the device (user) is voluntarily opting-in to this system. Also key that protection from third-party tracking is included. This scenario can be handled with an opt-in method for providing a device or user identification that is hidden from third party snooping, and provided only to trusted infrastructure (for example, where RSN has been established). Any broader solution (not explicitly opt-in , not secured from snooping, or not restricted to trusted infrastructure) is considered out of scope for 802.11bh. Details of device or user are left to solution debate. Submission Slide 3 Jay Yang, et al. (Nokia)

  4. Feb 2022 Doc.: IEEE 802.11-22/360r0 Further discussion on user case 4.3 in reference [1] Reference[1] subclause 4.3 discloses the case that smart home system based on Wi-Fi network can perform a certain reaction after detecting the device that is associated with the AP. E.g. turn on the light, open the door, etc. Let s think about the case: if the end user lost the password of the AP by misoperation on his/her cellphone, his/her will be blocked out of the door forever. Submission Slide 4 Jay Yang, et al. (Nokia)

  5. Feb 2022 Doc.: IEEE 802.11-22/360r0 4.8 Infrastructure (home or enterprise): Probes are randomized, even to/heard by associated AP A client that is using Local-ID MAC addresses could easily have an implementation that generates a new Local-ID MAC address for every Probe Request. This could even apply to Probe Requests that are directed to the associated SSID, when the client would otherwise use a consistent MAC address for transmissions within an association. If the client has this extreme (or approaching this extreme) of an implementation of MAC address randomization, it will have a strong impact on the infrastructure s ability to making steering decisions for that client. When attached to a multiple-AP infrastructure, if the client uses the stable MAC address when probing, the infrastructure can help steer the client across both APs and bands, to give the entire network better experience. This could apply to both directed probes and broadcast probes, too. Recommendations could be added to the Standard, to discuss the use of MAC addresses in scanning. There are trade-offs to be considered for a client to balance privacy and providing information to the network that could improve user experience. It should also be noted that passive scanning is becoming more common, so reliance on identifiable probes for client steering has other problems, already. Submission Slide 5 Jay Yang, et al. (Nokia)

  6. Feb 2022 Doc.: IEEE 802.11-22/360r0 Further discussion on user case 4.8 in reference [1] For the associated STA in multiple-AP infrastructure, the associated AP may send Beacon request frame to the associated STA to trigger an active scan (i.e making STA to send probe req) for steering purpose in practice, and thus there is no issue if the steering mechanism is based on the probe request frame sent by the STA. We propose to delete the sentence It should also be noted that passive scanning is becoming more common, so reliance on identifiable probes for client steering has other problems, already. as we already has implementable solution to address such concern. Submission Slide 6 Jay Yang, et al. (Nokia)

  7. Feb 2022 Doc.: IEEE 802.11-22/360r0 User case-1 The Administrator will allocate an account(SSID/password) for new employee to access the company s network via a special AP based on the cellphone s MAC address shown in the system. If there is no user connected to AP, the system will close the some APs to save power and to improve the channel condition, at least enable one general AP with constraint permission is always powering on to monitor the probe request frame sent by the STA so that the system can enable the corresponding AP immediately once the STA MAC address recorded in the DB detected. The similar issue can broaden to the residential environment as well. e.g. the AP1 with SSID of Guest is always powering on to provide the basic access service. The system will enable the AP with the SSID of Employee-1 once detecting the known STA1 s probe request frame. Submission Slide 7 Jay Yang, et al. (Nokia)

  8. Feb 2022 Doc.: IEEE 802.11-22/360r0 Problem Random MAC mechanism involved in 11aq makes such mechanism broken. The System can t identify the STA as a know STA in the probe request frame with the Random MAC address(RMA). the corresponding AP can t be enabled once it s disabled. On the STA side, the employee can t find the AP to access the company s network. Submission Slide 8 Jay Yang, et al. (Nokia)

  9. Feb 2022 Doc.: IEEE 802.11-22/360r0 User case-2 allow/deny MAC address list feature is widely used in current AP products The owner of the AP may log on to the AP management page to disable some active STAs by adding their current MAC address to the deny list. The system will disconnect these STAs by sending disconnection frame or de-auth frame to them. AP will reject the auth/association request once the MAC address of requesting STA is in deny list. Submission Slide 9 Jay Yang, et al. (Nokia)

  10. Feb 2022 Doc.: IEEE 802.11-22/360r0 Problem Random MAC mechanism in auth/association phase makes such mechanism broken. The traditional deny/allow list function doesn t work once the STA sends association request frame with an RMA after it back again. Submission Slide 10 Jay Yang, et al. (Nokia)

  11. Feb 2022 Motivation: the known STA with RMA still can be identified Doc.: IEEE 802.11-22/360r0 We propose to define an solution to identify the known STA with RMA in pre- association phase(revert MAC mechanism).e.g. the AP can convert the RMA MAC of the probe request frame or auth/association frame to the True MAC. STA AP MAC Encrypt Change True MAC to RMA MAC MAC Decrypt Probe/Auth/Association request carrying RMA MAC Convert RMA MAC to True MAC and then make the decision Probe/Auth/Association response from AP Submission Slide 11

  12. Feb 2022 Doc.: IEEE 802.11-22/360r0 reference [1] 11-21-0332-28-00bh-issues-tracking Submission Slide 12 Jay Yang, et al. (Nokia)

  13. Feb 2022 Doc.: IEEE 802.11-22/360r0 SP1 Do you agree to supplement user case 1-3 in the slide to 11-21-0332-28-00bh- issues-tracking ? Submission Slide 13 Jay Yang, et al. (Nokia)

  14. Feb 2022 Doc.: IEEE 802.11-22/360r0 SP2 Do you agree the known STA with RMA can be identified in pre-association phase by the AP in 11bh? Note: the identification mechanism is TBD. Slide 14 Jay Yang, et al. (Nokia) Submission

Related


Nevada Restaurant Association Media Kit

Nevada Restaurant Association Media Kit

zero
Proposed Approach for MAC Address Assignment in IEEE 802.11

Proposed Approach for MAC Address Assignment in IEEE 802.11

adlai
Resolving the “QuickBooks Unable to Connect to Remote Server” Issue

Resolving the “QuickBooks Unable to Connect to Remote Server” Issue

paxton1
American Association for Chinese Studies Newsletter 2022-2023

American Association for Chinese Studies Newsletter 2022-2023

iver
West Niagara Minor Hockey Association Meeting Overview

West Niagara Minor Hockey Association Meeting Overview

max
LRIT System for Ship Identification and Tracking

LRIT System for Ship Identification and Tracking

amias
Industry Association for Automatic Identification & Data Collection in India

Industry Association for Automatic Identification & Data Collection in India

galen
Association Rules with Graph Patterns: Exploring Relationships in Data

Association Rules with Graph Patterns: Exploring Relationships in Data

ilyas
Data Governance Issue Assessment Process Overview

Data Governance Issue Assessment Process Overview

pol_nze
Overview of Moroccan Association of Actuaries: History, Ecosystem, and Achievements

Overview of Moroccan Association of Actuaries: History, Ecosystem, and Achievements

tute492
IEEE 802.11-20/0834r1: Recap of Association and Fast BSS Transition

IEEE 802.11-20/0834r1: Recap of Association and Fast BSS Transition

ahint
US Army Warrant Officers Association Annual Meeting and Past Presidents Council Focus

US Army Warrant Officers Association Annual Meeting and Past Presidents Council Focus

caer529
Superyacht Claims Adjusters Association: Elevating Yacht Claims Management

Superyacht Claims Adjusters Association: Elevating Yacht Claims Management

mmcti
Fine-Grained Language Identification Using Multilingual CapsNet Model

Fine-Grained Language Identification Using Multilingual CapsNet Model

bkha
Empowering Community Through Persatuan Buddhis Melaka (Malacca Buddhist Association) Initiatives

Empowering Community Through Persatuan Buddhis Melaka (Malacca Buddhist Association) Initiatives

hlor
Structural Identification in Vector Autoregressions

Structural Identification in Vector Autoregressions

kingsland_t
IEEE 802.11-22/0955r0 TGbh Pre-association Schemes Exploration

IEEE 802.11-22/0955r0 TGbh Pre-association Schemes Exploration

omcpi
Enhancing Low Latency Applications with Pre-emption in IEEE 802.11-24/103r1

Enhancing Low Latency Applications with Pre-emption in IEEE 802.11-24/103r1

cjid
GWAS: A Brief Overview of Genetic Association Studies

GWAS: A Brief Overview of Genetic Association Studies

hen_pl
Introduction to Frequent Itemsets and Association Rules in Data Mining

Introduction to Frequent Itemsets and Association Rules in Data Mining

vcoak
Introduction to Association Analysis in Data Mining

Introduction to Association Analysis in Data Mining

hashimoto_o
Strategic plan 2016-2018

Strategic plan 2016-2018

jslag

More Related Content