8.6.1.18 MIS_LL_Auth request
This message is used for an MISF to carry link layer frames to conduct an authentication. The correspond- ing primitive is defined in 7.4.28.1.
-
MIS Header Fields (SID=1, Opcode=1, AID=9)
|
Source Identifier = sending MISF ID (Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID (Destination MISF ID TLV)
|
LinkIdentifier
(Link Identifier TLV)
|
LLInformation
(Link Layer Information TLV)
|
8.6.1.19 MIS_LL_Auth response
This message is used for an MISF to carry link layer frames to conduct an authentication. The correspond- ing primitive is defined in 7.4.28.3.
-
MIS Header Fields (SID=1, Opcode=2, AID=9)
|
Source Identifier = sending MISF ID (Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID (Destination MISF ID TLV)
|
LinkIdentifier
(Link Identifier TLV)
|
LLInformation
(Link Layer Information TLV)
|
Status
(Status TLV)
|
MIS messages for event service
MIS_Link_Detected indication
The corresponding MIS primitive of this message is defined in 7.4.6.
This message is transmitted to the remote MISF when a new link has been detected.
-
11IH Header Fields (SID=2, Opcode=3, AID=1)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkDetectedInfoList
(Link detected info list TLV)
|
MIS_Link_Up indication
The corresponding MIS primitive of this message is defined in 7.4.7.
This notification is delivered from an MISF, when present in the PoA, to an MISF in the network when a layer 2 connection is successfully established with an MN.
-
11IH Header Fields (SID=2, Opcode=3, AID=2)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkIdentifier
(Link identifier TLV)
|
OldAccessRouter (optional)
(Old access router TLV)
|
NewAccessRouter (optional)
(New access router TLV)
|
IPRenewalFlag (optional)
(IP renewal flag TLV)
|
MobilityManagementSupport (optional)
(Mobility management support TLV)
|
MIS_Link_Down indication
The corresponding MIS primitive of this message is defined in 7.4.8.
This notification is delivered from an MISF, when present in the PoA, to an MISF in the network when a layer 2 connection with an MN is disconnected due to a certain reason.
-
MIS Header Fields (SID=2, Opcode=3, AID=3)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkIdentifier
(Link identifier TLV)
|
OldAccessRouter (optional)
(Old access router TLV)
|
ReasonCode
(Link down reason code TLV)
|
MIS_Link_Parameters_Report indication
The corresponding MIS primitive of this message is defined in 7.4.9.
This message indicates changes in link conditions that have crossed pre-configured threshold levels. A pre- configured threshold level is set by the MIS_Link_Configure_Thresholds request message.
-
MIS Header Fields (SID=2, Opcode=3, AID=5)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkIdentifier
(Link identifier TLV)
|
LinkParameterReportList
(Link parameter report list TLV)
|
MIS_Link_Going_Down indication
The corresponding MIS primitive of this message is defined in 7.4.10.
This message is transmitted to the remote MISF when a layer 2 connectivity is expected (predicted) to go down within a certain time interval.
-
MIS Header Fields (SID=2, Opcode=3, AID=6)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkIdentifier
(Link identifier TLV)
|
TimeInterval
(Time interval TLV)
|
LinkGoingDownReason
(Link going down reason TLV)
|
MIS_Link_Handover_Imminent indication (ISSUE: mark these sections as excluded)
MIS_Link_Handover_Complete indication
MIS messages for command service
MIS_Link_Get_Parameters request
The corresponding MIS primitive of this message is defined in 7.4.14.2.
This message is used to discover the status of currently available links.
-
11IH Header Fields (SID=3, Opcode=1, AID=1)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
DeviceStatesRequest (optional)
(Device states request TLV)
|
LinkIdentifierList
(Link identifier list TLV)
|
GetStatusRequestSet
(Get status request set TLV)
|
MIS_Link_Get_Parameters response
The corresponding MIS primitive of this message is defined in 7.4.14.3.
This message is used by an MISF to report the status of currently available links.
-
11IH Header Fields (SID=3, Opcode=2, AID=1)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
Status
(Status TLV)
|
DeviceStatesResponseList (optional) (not included if Status does not indicate “Success”)
(Device states response list TLV)
|
GetStatusResponseList (not included if Status does not indicate “Success”)
(Get status response list TLV)
|
MIS_Link_Configure_Thresholds request
The corresponding MIS primitive of this message is defined in 7.4.15.2. This message is used to configure thresholds of the lower layer link.
-
11IH Header Fields (SID=3, Opcode=1, AID=2)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkIdentifier
(Link identifier TLV)
|
ConfigureRequestList
(Configure request list TLV)
|
MIS_Link_Configure_Thresholds response
The corresponding MIS primitive of this message is defined in 7.4.15.3.
This message returns the status of a thresholds configuration request. The MISF generating this message generates MIS_Link_Parameters_Report indication message when the configured threshold is crossed.
-
11IH Header Fields (SID=3, Opcode=2, AID=2)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
Status
(Status TLV)
|
LinkIdentifier
(Link identifier TLV)
|
ConfigureResponseList (not included if Status does not indicate “Success”)
(Configure response list TLV)
|
MIS_Link_Actions request
The corresponding MIS primitive of this message is defined in 7.4.16.1. This message is used to control the behavior of a set of lower layer links.
-
11IH Header Fields (SID=3, Opcode=1, AID=3)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
LinkActionsList
(Link actions list TLV)
|
MIS_Link_Actions response
The corresponding MIS primitive of this message is defined in 7.4.16.2. This message returns the result of an MIS_Link_Actions request.
-
11IH Header Fields (SID=3, Opcode=2, AID=3)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
Status
(Status TLV)
|
LinkActionsResultList (not included if Status does not indicate “Success”)
(Link actions result list TLV)
|
MIS_Net_HO_Candidate_Query request (to be excluded)
MIS_Net_HO_Candidate_Query response (to be excluded)
MIS_M N_HO_Candidate_Query request (to be excluded)
MIS_MN_HO_Candidate_Query response (to be excluded)
MIS_N2N_HO_Query_Resources request (to be excluded)
MI H_N2N_HO_Query_Resources response (to be excluded)
MIS_MN_HO_Commit request (to be excluded)
MIS_MN_HO_Commit response (to be excluded)
MIS_Net_HO_Commit request (to be excluded)
MIS_Net_HO_Commit response (to be excluded)
MIS_N2N_HO_Commit request (to be excluded)
MIS_N2N_HO_Commit response (to be excluded)
MIS_MN_HO_Complete request (to be excluded)
MIS_MN_HO_Complete response (to be excluded)
MIS_N2N_HO_Complete request (to be excluded)
MIS_N2N_HO_Complete response (to be excluded)
MIS messages for information service
MIS Information service uses only the following messages—MIS_Get_Information request, MIS_Get_Information response, and MIS_Push_Information. Due to the need to support different query types and the need for flexibility to customize the query and response, the parameters and their usage in these messages are substantially different from other MIS message parameters, and are therefore separately defined in the following subclauses.
MIS_Get_Information request
The corresponding MIS primitive of this message is defined in 7.4.25.1.
This message is used by an MISF to retrieve a set of Information Elements provided by the information service. A single MIS_Get_Information request message carries only one query list. However, there can be multiple queries in that list in the order of the most preferred query first.
-
MIS Header Fields (SID=4, Opcode=1, AID=1)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
InfoQueryBinaryDataList (optional)
(Info query binary data list TLV)
|
InfoQueryRDFDataList (optional)
(Info query RDF data list TLV)
|
InfoQueryRDFSchemaURL (optional)
(Info query RDF schema URL TLV)
|
InfoQueryRDFSchemaList (optional)
(Info query RDF schema list TLV)
|
MaxResponseSize (optional)
(Max response size TLV)
|
QuerierNetworkType (optional)
(Network type TLV)
|
UnauthenticatedInformationRequest
(Unauthenticated information request TLV)
|
MI H_Get_Information response
The corresponding MIS primitive of this message is defined in 7.4.25.3.
This is used as a response to the MIS_Get_Information request message. The total response message size shall not exceed the value indicated in the Max Response Size TLV of corresponding MIS_Get_Information request message. The order of the query response shall be in the same order as the query requests.
-
11IH Header Fields (SID=4, Opcode=2, AID=1)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
Status
(Status TLV)
|
InfoResponseBinaryDataList (optional)
(Info response binary data list TLV)
|
InfoResponseRDFDataList (optional)
(Info response RDF data list TLV)
|
InfoResponseRDFSchemaURLList (optional)
(Info response RDF schema URL list TLV)
|
InfoResponseRDFSchemaList (optional)
(Info response RDF schema list TLV)
|
MIS_Push_Information indication
The corresponding MIS primitive of this message is defined in 7.4.26.1.
This is an indication to push operator policies or other network information to the MN.
-
11IH Header Fields (SID=4, Opcode=3, AID=2)
|
Source Identifier = sending MISF ID
(Source MISF ID TLV)
|
Destination Identifier = receiving MISF ID
(Destination MISF ID TLV)
|
InfoResponseBinaryDataList (optional)
(Info response binary data list TLV)
|
InfoResponseRDFDataList (optional)
(Info response RDF data list TLV)
|
InfoResponseRDFSchemaURLList (optional)
(Info response RDF schema URL list TLV)
|
InfoResponseRDFSchemaList (optional)
(Info response RDF schema list TLV)
|
Xxx
9. MIS protocol protection
This clause specifies options and mechanisms to protect remote messages in the media independent handover protocol. The remote messages in the MIS protocol can be protected through the transport protocols at layer 2 or layer 3. The protection through the transport protocols are discussed in Annex O. This clause specifies the mechanisms to protect MIS PDUs at the MIS layer. These mechanisms apply protection to MIS PDUs without depending on transport protocols. They are called MIS specific protection mechanisms. To apply MIS specific protection mechanisms, a MN and a point of service (PoS) need to negotiate protection mechanisms and to establish cryptographic keys. MIS message protection shall be accomplished in either of two ways. The first is to use TLS or DTLS and the other is to use EAP or ERP as an MIS service access authentication to establish MIS security associations (SAs). If MIS service access authentication is needed and an authentication server is available, then EAP based authentication and key establishment may be used for establishing an MIS SA. In situations where MIS service access authentication is not required and TLS credentials are available or where MIS service access authentication is required and TLS credentials for access authentication are available at a PoS, then (D)TLS may be used for establishing an MIS SA.
9.1 Protection established through MIS (D)TLS
In this option, a MN, the client, and a PoS, the server, execute a TLS, specified in IETF RFC 5246, or DTLS, specified in IETF RFC 4347, to establish MIS protection. When the MIS protocol transport is reliable, TLS is used. Otherwise, DTLS is used. In the rest of this standard, (D)TLS is used to denote TLS or DTLS. In a (D)TLS handshake, the mutual authentication is executed through either a pre-shared key or a public key certified by a trusted third party such as a certificate authority. It should be noted that all certificates are required to be validated. The TLS certificate used by the PoS is expected to be provided to the MN in a secure manner, e.g., during provisioning process. In this option, the authentication may or may not be related to access control. It can be an access authentication for MIS service if a PoS holds service credentials for the MNs.
After the handshake, a (D)TLS session is established. In this case, the TLS master key and the keys derived from the master key, all the TLS parameters, and TLS ciphersuite negotiated in the TLS handshake form an MIS SA. The (D)TLS security association identifier is carried in each message in the SAID TLV.
In a (D)TLS session, an MIS message is first protected as application data. Then the (D)TLS record is transported by MIS protocol by security TLV.
For a (D)TLS-generated MIS SA, it can be terminated through (D)TLS session termination using an
MIS_Auth indication message.
9.2 Key establishment through an MIS service access authentication
If MIS service is subscription based and provided by a service provider, then an MIS service access authentication may be needed to authorize the service to a MN. In this case, a PoS may obtain a master session key through service access authentication and an MIS security associations can be established through the master session key between the MN and the PoS.
9.2.1 MIS service access authentication
In this standard, it is assumed that EAP [IETF RFC3748] or EAP Re-authentication (ERP) IETF RFC5296 is used as the authentication protocol with an MN as the peer and a PoS as the authenticator. An EAP server may be used as a backend server.
For the interface between an MN and a PoS, the MIS protocol is acting as an EAP lower layer. That is, at the MN, an EAP message is generated at the MISF. When it reaches the PoS, the MISF in the PoS will process it. For an EAP message from the PoS to the MN, it will also be generated by the MISF in the PoS. At the MN, the EAP message is passed to the MISF to process. The protocol stack is illustrated in Figure 30, where it is assumed that an EAP server is employed. After a successful authentication, a master session key (MSK) is exported to the lower layer, that is, MIS layer. An MSK is used to further derive MIS message protection keys.
EAP Peer / MN EAP Authenticator / PoS
EAP Server/ AS
MISF MISF
EAP Method Layer
EAP Peer layer
EAP Method Layer
EAP Authenticator Layer
EAP Method
Layer
EAP Authenticator
Layer
EAP Layer EAP Layer
EAP Layer
MSK
MIS PDU
MSK MSK
MSK
MSK
EAP lower-layer
(MIS Protocol)
EAP Lower-layer
(MIS Protocol)
AAA / IP
AAA / IP
Share with your friends: |