Inventor(s)

NIRANJAN M MFollow

Abstract

The EoGRE tunnelling protocol is used as an aggregation method for aggregating data flows of different users with similar service requirements in the same tunnel. EoGRE tunnels are used in the SP Wi-Fi deployments and 5G deployments. In 5G deployments, especially in the context of network slicing, EoGRE is used between CPE and Tunnel Gateway (TGW) to reduce the signalling traffic. In Wi-Fi deployments, Wireless LAN Controllers (WLCs) or Access Points (APs) establishes the EoGRE tunnel with the Tunnel Gateway (TGW). Tunnel end points TGW and CPE of EoGRE need to know whether the peer device is trustworthy or not before sending data over tunnel. If any one of the devices is compromised i.e., it is no longer a trusted entity, which could create harm to the network (in-turn to the user data traffic) by allowing "malicious CPE to connect to the valid TGW" or "valid CPE connecting to malicious TGW". Currently EoGRE does not include any capabilities to exchange trust and integrity measurement information between TGW and CPE to prove the peer was not tampered. The techniques presented herein applies exchanging trust and integrity measurement information between TGW and CPE in EoGRE messages to provide Proof of Integrity and trust to the EoGRE tunnel. This holds good even for GRE and EoIP protocols. Additionally, this method applicable for other tunnelling protocols such as PPTP, PPPoE and L2TP as well.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

COinS