privecsg-14-0010-00-ecsg

1

IEEE 802 EC Privacy Recommendation Study Group

October 1st, 2014, Conference Call

2014-10-01Juan Carlos Zuniga, InterDigital Labs

(EC SG Chair)

privecsg-14-0010-00-ecsg

2

Conference Call Details • Wednesday, October 1st, 2014, 10:00-11:00am EDT

• WebEX:– Meeting Number: 747 061 585 – Meeting Password: privecsg – To join this meeting (also from mobile devices):

1. Go to https://premconf.webex.com/premconf/j.php?MTID=m17cc57d9646de0109b3432d205fd2ecb 2. If requested, enter your name and email address. 3. If a password is required, enter the meeting password: privecsg 4. Click "Join". 5. Follow the instructions that appear on your screen.

– To view in other time zones or languages, please click the link: – https://

premconf.webex.com/premconf/j.php?MTID=m5675de0a96840130c93226c1e8f24e9d

• Teleconference information– Show global numbers: https://

www.myrcplus.com/cnums.asp?bwebid=8369444&ppc=542167&num=1&num2=1719-867-1571

– Attendee access code: 542167

privecsg-14-0010-00-ecsg

3

Participants, Patents, and Duty to Inform

All participants in this meeting have certain obligations under the IEEE-SA Patent Policy. • Participants [Note: Quoted text excerpted from IEEE-SA Standards Board Bylaws

subclause 6.2]:– “Shall inform the IEEE (or cause the IEEE to be informed)” of the identity of each “holder of

any potential Essential Patent Claims of which they are personally aware” if the claims are owned or controlled by the participant or the entity the participant is from, employed by, or otherwise represents• “Personal awareness” means that the participant “is personally aware that the holder may have a

potential Essential Patent Claim,” even if the participant is not personally aware of the specific patents or patent claims

– “Should inform the IEEE (or cause the IEEE to be informed)” of the identity of “any other holders of such potential Essential Patent Claims” (that is, third parties that are not affiliated with the participant, with the participant’s employer, or with anyone else that the participant is from or otherwise represents)

• The above does not apply if the patent claim is already the subject of an Accepted Letter of Assurance that applies to the proposed standard(s) under consideration by this group

• Early identification of holders of potential Essential Patent Claims is strongly encouraged

• No duty to perform a patent search

privecsg-14-0010-00-ecsg

4

Patent Related Links

All participants should be familiar with their obligations under the IEEE-SA Policies & Procedures for standards development.• Patent Policy is stated in these sources:

– IEEE-SA Standards Boards Bylawshttp://standards.ieee.org/develop/policies/bylaws/sect6-7.html#6

– IEEE-SA Standards Board Operations Manualhttp://standards.ieee.org/develop/policies/opman/sect6.html#6.3

• Material about the patent policy is available at – http://standards.ieee.org/about/sasb/patcom/materials.html

• If you have questions, contact the IEEE-SA Standards Board Patent Committee Administrator at patcom@ieee.org or visit http://standards.ieee.org/about/sasb/patcom/index.html

• This slide set is available at https://development.standards.ieee.org/myproject/Public/mytools/mob/slideset.ppt

privecsg-14-0010-00-ecsg

5

Call for Potentially Essential Patents

• If anyone in this meeting is personally aware of the holder of any patent claims that are potentially essential to implementation of the proposed standard(s) under consideration by this group and that are not already the subject of an Accepted Letter of Assurance: – Either speak up now or– Provide the chair of this group with the identity of the holder(s) of any and all such claims as soon as possible or– Cause an LOA to be submitted

privecsg-14-0010-00-ecsg

6

Other Guidelines for IEEE WG MeetingsAll IEEE-SA standards meetings shall be conducted in compliance with all applicable laws, including antitrust and competition laws. • Don’t discuss the interpretation, validity, or essentiality of patents/patent claims. • Don’t discuss specific license rates, terms, or conditions.

– Relative costs, including licensing costs of essential patent claims, of different technical approaches may be discussed in standards development meetings. • Technical considerations remain primary focus

• Don’t discuss or engage in the fixing of product prices, allocation of customers, or division of sales markets.

• Don’t discuss the status or substance of ongoing or threatened litigation.• Don’t be silent if inappropriate topics are discussed … do formally object.

---------------------------------------------------------------

See IEEE-SA Standards Board Operations Manual, clause 5.3.10 and “Promoting Competition and Innovation: What You Need to Know about the IEEE Standards Association's Antitrust and Competition Policy” for more details.

privecsg-14-0010-00-ecsg

7

Resources – URLs

• L ink to IEEE Disc losure of Affiliation – http://standards.ieee.org /faqs/affiliationFAQ.html

• L inks to IEEE Antitrust Guidelines– http://standards.ieee.org /resources/antitrust- guidelines.pdf

• L ink to IEEE Code of Ethics– http://www.ieee.org /web/membership/ethics/code_ethics.html

• L ink to IEEE Patent Policy– http://standards.ieee.org /board/pat/pat-slideset.ppt

privecsg-14-0010-00-ecsg

8

Agenda• Welcome• Chair's slides

– IEEE Slides– Call meeting to order

• Group’s updates– Presentations and discussions at IEEE 802 interim meetings– IETF-IEEE coordination meeting– IETF MAC address randomization trial status

• Technical Topics1. Threat Model for Privacy at Link Layer2. Privacy Issues at Link Layer3. Proposals regarding functionalities in IEEE 802 protocols to improve Privacy4. Proposals regarding measuring levels of Privacy on Internet protocols5. Implications of MAC address changes6. Other

• Next Steps

privecsg-14-0010-00-ecsg

9

Business#1• Call Meeting to Order

– Meeting called to order by chair at • Minutes taker

– • Roll Call

Name Affiliation Name Affiliation

Juan Carlos Zuniga (Chair)

InterDigital Piers O’Hanlon Oxford Internet Institute

Mathieu Cunche INRIA Walter Pienciak IEEE-SA

Antonio de la Oliva UC3M Karen Randall Randall-Consulting

Dan Harkins Aruba Networks Max Riegel NSN

Paul Lambert Marvell Dan Romascanu Avaya

Soo Bum Lee Qualcomm Rene Struik Struik Security Consultancy

Robert Moskowitz Verizon Brian Weis Cisco

privecsg-14-0010-00-ecsg

10

Business#2

• Agenda bashing–

• Approval of minutes–

• Reports– Group’s updates

• Presentations and discussions at IEEE 802 interim meetings

• IETF-IEEE coordination meeting• IETF Trial

privecsg-14-0010-00-ecsg

11

IEEE 802 EC Privacy SG - updates

• Priv Rec EC SG presentation and discussion at 802.1/802.3 Interim meeting in Ottawa, Canada – Sept 9 and 10

• Priv Rec EC SG presentation and discussion at IEEE 802 Wireless (802.11, 802.15, 802.22, etc.) meeting in Athens, Greece – week of September 15

• Priv Rec EC SG presentation and discussion at IETF-IEEE Exec Coordination meeting in Newark, NJ – Sept 29

privecsg-14-0010-00-ecsg

12

IEEE 802.1 - 802c PAR• Local MAC address - Claiming protocol without a server

– Client generates a proposed address and initiates a claim, waits for response and uses address if no conflict detected

– Proposed address might have a set value for the first 24 bits (CID+Local+U’cast) and a randomly generated value for the other 24

– Most suited to small* (~1000 nodes) networks which can operate without a (coordination) server

– Requires that all nodes receive each other’s traffic (or something in the network can proxy for nodes that don’t receive the claim).

– Similar protocols exist for IPv6 (RFC 4862) and FCoE (FC-BB-6 VN2VN)

privecsg-14-0010-00-ecsg

13

IEEE 802.15 – Should allow to opt-in for tracking

• Certain applications may require tracking an individual (e.g. eHealth location tracking)

• Recommendation should not prevent these applications from choosing to be tracked– Recommended practices document should explain the scenarios in which

privacy features should be applicable and should also allow to opt-in in case privacy is not a concern

• Besides identifiers, other privacy features could still be applicable– Message size, message sequence, use of authentication and encryption,

etc.

privecsg-14-0010-00-ecsg

14

IEEE 802.11 – Implications of MAC address changes on Wi-Fi backhaul network

• MAC addresses used also on backhaul to maintain user’s context across multiple APs– Keeping MAC address constant for the duration of a

session should mitigate AP association and backhauling issues

– Note: Need to clearly define what is a session, as it could be interpreted differently depending on the context

privecsg-14-0010-00-ecsg

15

IEEE 802.22 – FCC requirement to disclose WS user’s identity

• Apparently applicable to fixed device (i.e. base station), need to clarify further

• Could be only needed for the IETF PAWS protocol, in which case it is out-of-scope for IEEE 802

privecsg-14-0010-00-ecsg

16

IEEE 802.21 – Use of AAA in network trial

• Key generation binding with MAC address– Should maintain MAC address for duration of session

• Compile and share results from trial– Identify key statistics that should be gathered during trial

privecsg-14-0010-00-ecsg

17

IEEE 802.24 – Applicability of Privacy Recommendations to fixed devices

• Identifiers in IoT may not relate to an individual– Must clearly define which devices should take into account

which Privacy recommendations

– Other privacy considerations may still be relevant, such as packet size, packet sequence, etc.

privecsg-14-0010-00-ecsg

18

IETF-IEEE802 Exec Meeting – Coordination

• Trial setup (VPN, SSID, announcement, wiki page)

• Implications of MAC address randomization on IETF protocols (i.e. Higher layers)

• Recommended practices should take into account functionalities in other layers

• Threat model to be developed jointly by IETF and IEEE 802

privecsg-14-0010-00-ecsg

1919

Trial at IETF meeting• Trial setup @ IETF Venue

– Different SSID (e.g. ietf_Trial_RandMACadd), to be advertised– Separate VLAN, DHCP, Switching and AAA infrastructure– Use only 2.4 GHz infrastructure (b/g/n)– Different credentials needed to join this network

• Credentials and Wiki– Sign-in page (to keep track of # people, # devices, types of clients, etc.)– Require participants to use specific MACadd tools and setup a DHCP client name/ID per

user – to debug and find out potential issues• Client

– Should follow expected 802.1 rules for MAC address generation– Should keep track of MAC addresses being used – could help in case of collision or other

issues– Should setup DHCP client name

• DHCP server– Very small lease time for this VLAN– (Later on, a special rule could be added for MACs with local bit set)

privecsg-14-0010-00-ecsg

2020

Protocol Implications of MAC address changes

• Statistics to be collected– Network

• # associations in this SSID• DHCP logs (MAC, DHCP client ID, time/date)• DHCP pool size in time• Switch table size in time• AAA logs

– Client• MAC address usage log• DHCP client name/ID

– Other?

privecsg-14-0010-00-ecsg

2121

MAC address trial - client requirements

• Wiki page to register participating users• Define a set of supplicant clients which can:

– Generate a MAC address within the local domain, with the unicast bit set

– Maintain the CID (OUI) part of the original address intact– Keep a log of used MAC addresses (association/probe?)

• Ask users to setup DHCP client name/ID and register it in the Wiki page

privecsg-14-0010-00-ecsg

22

Business#3

• Technical presentations

privecsg-14-0010-00-ecsg

23

Business#4• Next steps

– Continue call for proposals to discuss technical topics(1) Threat Model for Privacy at Link Layer (2) Privacy Issues at Link Layer(3) Proposals regarding functionalities in IEEE 802 protocols to

improve Privacy(4) Proposals regarding measuring levels of Privacy on Internet

protocols(5) Implications of MAC address changes(6) Other…

– Discuss the need and scope of a recommended practices document applicable to IEEE 802 protocols

privecsg-14-0010-00-ecsg

24

Business#4

• Upcoming meetings– 22 October 2014 (10:00 AM ET), Teleconference– November 2-7, 2014, IEEE 802 Plenary meeting in San

Antonio, TX, USA• 2 Evening slots – Tuesday and Thursday• 802 EC plenary – Report SG’s update and request EC for renewal

– (other teleconferences TBD - if SG is renewed)– (March 8-13, 2015, IEEE 802 Plenary meeting in Berlin,

Germany - if SG is renewed)• AOB• Meeting adjourned at