Free Essay

Project 1

In: Computers and Technology

Submitted By sgemperle
Words 4252
Pages 18
|Project |IEEE 802.16 Broadband Wireless Access Working Group |
|Title |Nonce based TEK Update for Handover |
|Date Submitted |2008-01-21 |
|Source(s) |Stavros Tzavidas |Voice: +1-847-632-4313 |
| | |E-mail: stavros.tzavidas@motorola.com |
| |Motorola Inc. | |
| | | |
| |1501 W. Shure Dr. | |
| |Arlington Heights IL 60004 | |
| | | |
|Re: |IEEE 802.16 Working Group Letter Ballot Recirc #26a |
|Abstract |This contribution identifies several problems with the currently existing procedures for updating Traffic Encryption Keys (TEKs) during HO. |
| |More specifically, we identify a security vulnerability when TEKs are shared between the Serving and the Target BS, and we also identify |
| |problems with TEK update through RNG-RSP in the case of fully optimized HHO. We propose a solution that mitigates both problems by updating |
| |TEKs through the exchange of nonces prior to HO. |
|Purpose |Accept the proposed specification changes on IEEE P802.16Rev2/D2 |
|Notice |This document does not represent the agreed views of the IEEE 802.16 Working Group or any of its subgroups. It represents only the views of |
| |the participants listed in the “Source(s)” field above. It is offered as a basis for discussion. It is not binding on the contributor(s), who|
| |reserve(s) the right to add, amend or withdraw material contained herein. |
|Release |The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications |
| |thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may |
| |include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE|
| |Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE 802.16. |
|Patent Policy |The contributor is familiar with the IEEE-SA Patent Policy and Procedures: |
| | and . |
| |Further information is located at and . |
Nonce based TEK Update for Handover
Motorola

Introduction – Problem Description

Several methods exist in the standard [IEEE802.16-Rev2/D2] for updating Traffic Encryption Keys during Hard Handover (HHO). When low HHO delay is desired, as is commonly the case, .the two available solutions are TEK sharing and TEK update through SA-TEK-Update TLV in RNG-RSP. Unfortunately, both methods are problematic as we explain in the following.

TEK Sharing (Bit #1=1 and Bit #2=1 in HO Process Optimization TLV)
The standard allows the Serving BS (S-BS) and the Target BS (T-BS) to share TEKs. This approach suffers from the following problems: • When TEKs are shared between S-BS and T-BS the standard offers no method of correctly and securely coordinating the PN space (PN: packet number, described in section “7.5.1.2.2 Packet number PN”) associated with each TEK. This problem has apparently been overlooked in the standard and opens up the possibility of replay attacks. • TEK sharing introduces security dependencies between BSs. If TEKs are compromised in one BS, then the MS becomes vulnerable even if it has moved to a different BS. This stands in contrast with the way the rest of the keys in a Security Association are managed, where significant efforts have been made to ensure key independence between BSs (keys derived from AK, which is different for each BS).

TEK update via RNG-RSP (Bit #1=1 and Bit#2=0 in HO Process Optimization TLV)
When a TEK update is desired during HHO, the preferred method is through SA-TEK-Update TLV in the RNG-RSP MAC Management Message sent by T-BS to MS. This method is depicted in Fig. 1 below and is considered preferred because the alternative of performing SA-TEK-3-way handshake significantly increases HHO delay.
[pic]
Figure 1: Current TEK Update procedure for fully optimized HHO

When TEKs are updated through RNG-RSP, as depicted in Fig. 1, the MS cannot receive/send encrypted traffic before it receives and processes RNG-RSP from T-BS. This creates several problems: • Increased delay: the MS must wait for RNG-RSP and also must process the received TEKs before it can resume data • Increased overhead: during HO radio (RF) conditions are worse and TEK updates cost more in terms of over-the-air (OTA) resources. This problem is further aggravated by the large size of each TEK (128 bits).

Note that in both descriptions above, we concentrate on TEK updates for unicast SAs.

The proposed solution is described in the next section, while the required text changes are presented in the last section of this contribution.

Proposed Solution

We propose a method which allows TEKs to be updated during HHO without the security vulnerabilities of TEK sharing, nor the delay and overhead of TEK update through RNG-RSP.

The method is described in the following with reference to Fig. 2. in the following page.

According to the proposed TEK update algorithm, at some suitable point (defined in the following) and while the MS is still connected to the S-BS, MS and S-BS exchange a pair of nonces (termed “HO nonces”) to be used for the next HO.

A “nonce” is a random number generated using a reliable random or pseudo-random generator. Note that the PKMv2 security protocol in the standard already requires the MS and BS to implement reliable random number generators, for generating 64-bit nonces known as “MS_Random” and “BS_Random”. The nonces needed for the proposed solution (“MS HO nonce” and “BS HO nonce” in Fig. 2) can be generated using the mechanism that already exists for MS/BS_Random. If nonces longer than 64 bits are desired, each “nonce” can be easily formed by combining two MS/BS_Randoms, generated using the existing random number generators.

The MS sends to S-BS an N bit nonce. The S-BS also generates an equal length N bit nonce of its own and sends it to the MS in response. Both sides store the exchanged nonces until the next HO. No keys are derived during this nonce-exchange.

It should be emphasized that the described nonce exchange does not need to happen during HO preparation. It can instead happen long before a HO is needed. In fact, when exchanging nonces, MS and S-BS do not need to have any specific T-BS in mind (notice that no T-BS BS-ID is used as input to the nonce generation). The nonce exchange procedure simply applies to the next HO, whenever (and if) it happens, and regardless of the potential target(s) of this HO.

The timing of the HO nonce exchange can be arranged in a number of ways. One option is to allow the MS to choose an appropriate time. For example the MS can choose to perform the HO-nonce exchange when it deems that the RF conditions are good and the nonce exchange would not be costly in terms of overhead. Alternatively, the timing of the HO-nonce exchange can be regulated by the S-BS using the (already existing) mechanism of triggers (conditions), advertised by the S-BS in DCD. For example one condition can be “Initiate HO-nonce exchange when S-BS CINR > X threshold”. When the HO-nonce exchange happens at good radio conditions the overhead it creates is minimal compared to exchanges that happen right before or right after an HO.

When a HO is later initiated (according to criteria that are outside the scope of this contribution) the S-BS sends the agreed upon nonces (MS nonce and BS nonce) to the T-BS as part of the HO preparation backbone messages. When multiple target BSs are prepared, the S-BS sends the same nonces to all candidate T-BSs. MS and BS nonces can be sent over the backbone in the open and do not need to be encrypted, since (as will be apparent in the following) knowledge of nonces is not sufficient to derive the keys.

[pic]

Figure 2: Proposed TEK Update procedure (BS-initiated HO shown)

The MS and the T-BS(s) derive the new set of TEKs (termed “old TEK” and “new TEK”) for each SA as follows (the actions below are performed by both sides independently):

– Form two temporary nonces, combining bits from BS-HO-nonce and MS-HO-nonce: – “temp-nonce-1” = (first N/2 bits of MS-HO-nonce | first N/2 bits of BS-HO-nonce) – “temp-nonce-2” = (last N/2 bits of MS-HO-nonce | last N/2 bits of BS-HO-nonce) – – Encrypt old and new nonces with KEK: – old_TEK_temp = AESKEK(temp-nonce-1| SA_ID) – new_TEK_temp = AESKEK(temp-nonce-2 | SA_ID) – – Derive Old_TEK and New_TEK as follows: – Old_TEK ← truncate(old_TEK_temp, length of TEK) – New_TEK ← truncate(new_TEK_temp, length of TEK)

As can be seen from the calculation rules presented above, the input to both calculations is a combination of both MS and BS HO nonces to ensure that both sides contribute bits to both keys.

In general, for the calculation of TEKs we could have used a function of the form TEK = f(KEK, nonce, SA_ID). Here we choose f(KEK, nonce, SA_ID) = AESKEK(nonce, SA_ID) in order to minimize the changes needed to implement the proposed solution, with respect to current implementations of the standard. Indeed, the changes required for implementing the proposed solution are minimal, since the BS and MS already derive KEK, and already implement enryption using KEK.

The nonces exchanged during the HO-nonce phase, should be long enough so that probability of repeating a nonce during the lifetime of the AK is sufficiently small. In order to calculate the required nonce length, assume a highly mobile user who performs an HO every 5 sec, has max allowed AK (PMK) lifetime of 70 days and stays active during the whole lifetime of its AK (clearly an exaggerated scenario!). We can expect that such a user will perform 1,209,600 HOs during the lifetime of its AK, and clearly all TEK updates will be due to HOs (no TEK lifetime will ever expire). It can be shown that if N > 88 bits, then Prob( repeating a nonce after 1,209,600 trials) < 2.33E-15. Based on this calculation, 128 bit nonces should be sufficient.

Finally, for completeness of the solution, two additional scenarios need to be addressed: 1. When multiple T-BSs are prepared during the HO-preparation phase, the following rules apply: a. During HO preparation the same nonces are sent to all T-BSs b. If S-BS includes only a single T-BS in BSHO-REQ/RSP the MS assumes it can use the nonces only at that T-BS c. If S-BS includes multiple T-BSs in BSHO-REQ/RSP, it does not need to add extra information for each since the same nonces are used in all T-BSs. MS assumes it can use the nonces in all possible T-BSs. Note that this does not mean that the same TEKs will be derived in all possible T-BSs, because the AK and KEK are different in each T-BS. d. To prevent replay attacks in ping-pong situations, the HO-nonces should expire when the resource retain timer expires during a HO. While the nonces have not expired (i) Nonces are valid and can be re-used at a different BS and (ii) Both MS and T-BSs remember packet numbers used in data packets sent/received to/from each visited T-BS 2. When MS goes to an unprepared T-BS: a. This situation should be fairly uncommon and should be treated as an error scenario. b. In this case MS cannot assume that T-BS has knowledge of the HO nonces, and as a fall-back mechanism, we use the current TEK update algorithm (i.e. the MS expects the T-BS to send TEK updates in RNG-RSP)

The proposed solution reduces the overhead caused by TEK updates during HO, while maintaining system security. It also reduces HHO delay, since it reduces the processing time of RNG-RSP (removes TEK processing time). Finally, when the proposed solution is adopted, RNG-REQ/RSP are no longer needed for secure TEK updates during HO. This, combined with other proposals currently in progress, can eventually significantly reduce HHO delay by allowing the complete removal of RNG-REQ/RSP MAC management messages during HO.

Proposed Text Changes

Insert the following subsection right after section “11.8.4.6 Maximum number of supported security associations”

11.8.4.7 TEK derivation scheme support

This field specifies support for HO-nonce based TEK derivation scheme for handover (section 7.2.2.2.6.1).

|Type |Length |Value |Scope |
|25.5 |1 |0 = The HO-nonce based TEK derivation scheme for handover is not |SBC-REQ / SBC-RSP |
| | |supported | |
| | |1 = The HO-nonce based TEK derivation scheme for handover is supported | |

Insert the following subsection right after section “7.2.2.2.6 Traffic encryption key (TEK)”

7.2.2.2.6.1 Nonce-based Traffic encryption key (TEK) derivation for handover
When the MS and BS indicate that they both implement the HO-nonce based TEK update mechanism (see section 11.8.4.7 “TEK derivation scheme support” capability encoding) TEKs can be updated during a HO using the HO-nonce exchange procedure and the HO-nonce based TEK update procedures described in the following sub-sections.

7.2.2.2.6.1.1 HO-nonce exchange procedure
The MS initiates the HO-nonce exchange procedure by sending PKMv2 HO-nonce Request MAC management message to the serving BS. The HO-nonce attribute in the HO-nonce Request MAC management message contains a random number chosen by the MS, referred to as MS-HO-nonce. The SAID attribute in the HO-nonce Request MAC management message specifies the SA for which this procedure is performed. The serving BS upon receipt of the HO-nonce Request MAC management message saves the value of the HO-nonce attribute contained in the HO-nonce Request message and replies with a PKMv2 HO-nonce Reply MAC management message. The HO-nonce attribute of the HO-nonce Reply MAC Management message contains a random number chosen by the serving BS, which is referred to as BS-HO-nonce, and is different and chosen independently from the MS-HO-nonce.

The procedure above shall be referred to as “HO-nonce exchange”. After the end of the HO-nonce exchange the MS and the serving BS store both the exchanged HO-nonces (MS-HO-nonce and BS-HO-nonce) as part of the context of the SA specified in HO-nonce Request message.

7.2.2.2.6.1.2 HO-nonce based TEK update procedure
When the MS has performed the HO-nonce exchange procedure with the serving BS prior to a handover, then the serving BS can send the HO-nonces (MS-HO-nonce and BS-HO-nonce) to all candidate target BSs via the backbone network. During HO, the TEKs of the SAs for which the HO-nonce exchange procedure has been performed can then be updated using the procedure described in this section.

In the following “Old_TEK” refers to the older generation of keying material and “New_TEK” refers to the newer generation of keying material associated with the specific SA. The AES encryption algorithm is used as an example. For SAs employing a different ciphersuite the AES algorithm should be replaced with the encryption algorithm used by the SA for encrypting TEKs during the normal TEK update procedure.

The actions below are performed independently by the MS and by all candidate target BSs that are in possession of the MS-HO-nonce and BS-HO-nonce.

– Form two temporary nonces, combining bits from BS-HO-nonce and MS-HO-nonce: – “temp-nonce-1” = (first N/2 bits of MS-HO-nonce | first N/2 bits of BS-HO-nonce) – “temp-nonce-2” = (last N/2 bits of MS-HO-nonce | last N/2 bits of BS-HO-nonce) – Encrypt old and new nonces with KEK: – old_TEK_temp = AESKEK(temp-nonce-1| SA_ID) – new_TEK_temp = AESKEK(temp-nonce-2 | SA_ID) – Derive Old_TEK and New_TEK as follows: – Old_TEK ← truncate(old_TEK_temp, length of TEK) – New_TEK ← truncate(new_TEK_temp, length of TEK)

During HO execution, the T-BS can use Bit #14 in HO Process Optimization TLV encoding in RNG-RSP MAC management message to indicate to the MS if the procedure specified in this section should be used for updating TEKs.

Modify table “552—RNG-RSP message encodings” in section “11.6 RNG-RSP management message encodings” as indicated

Table 552 — RNG-RSP message encodings
|Name |Type (1byte) |Length |Value (variable length) |PHY scope |
| | | | | |



| | | | | |
|HO Process Optimization |21 |2 |For each Bit location, a value of ‘0’ indicates the associated |All |
| | | |re-entry management messages shall be required, a | |
| | | |value of ‘1’ indicates the re-entry management message | |
| | | |should be omitted. | |
| | | |Bit #0: Omit SBC-REQ management messages during | |
| | | |current re-entry processing | |
| | | |(Bit #1, Bit #2) = (0,0): Perform re-authentication and… | |
| | | |… | |
| | | |(Bit #1, Bit #2) = (1, 1): In this case the value of Bit #14 should be examined. | |
| | | |There are two cases. Case B is recommended: | |
| | | |Case A – (Bit #14 = 0) Re-authentication and SA-TEK | |
| | | |3-way handshake is not performed. The RNG-RSP | |
| | | |message does not include SA-TEK-Update TLV nor | |
| | | |SA Challenge Tuple TLV. All the TEKs received from | |
| | | |the serving BS are reused. | |
| | | |Case B – (Bit #14 = 1) Re-authentication and SA-TEK | |
| | | |3-way handshake is not performed. The RNG-RSP | |
| | | |message does not include SA-TEK-Update TLV nor | |
| | | |SA Challenge Tuple TLV. TEKs are updated using the HO nonce method | |
| | | | | |
| | | |Bit #3: Omit Network Address Acquisition management | |
| | | |messages during current reentry processing | |
| | | |… | |
| | | |Bit #13: If this bit is set to 1, MS shall trigger a higher | |
| | | |layer protocol required to refresh its traffic IP address | |
| | | |(e.g. DHCP Discover [IETF RFC 2131] or Mobile | |
| | | |IPv4 re-registration [IETF RFC 3344]). | |
| | | |#14–15: Reserved | |
| | | |Bit #14: Perform HO-nonce based TEK update. This bit shall be ignored unless (Bit | |
| | | |#1, Bit #2) = (1, 1) | |
| | | |#15: Reserved | |
| | | | | |

Modify section “6.3.22.2.8.1.6.6 Security settings” as indicated

6.3.22.2.8.1.6.6 Security settings
MS context with Serving BS: Maintained with resource retain timer,
MS context with Target BS: Context is handled per bit#1 and bit#2 settings.

Bit #1=0 AND bit#2=0:Perform re-authentication and SA-TEK 3-way handshake. BS shall not include SATEK-
Update TLV in the SA-TEK-Response message. In addition, the RNG-RSP message does not include
SA-TEK-Update TLV or SA Challenge Tuple TLV.

Bit #1=0 AND bit#2=1:Not used. MS shall silently ignore RNG-RSP message.

Bit #1=1 AND bit#2=0: One of two options is allowed:
Option 1: SA-TEK-Update TLV is included in the RNG-RSP message and updates the TEKS for all the
SAs. In this way SA-TEK 3-way handshake shall not occur. SA Challenge Tuple TLV shall not be included in the RNG-RSP message.
Option 2: SA-TEK-Update TLV is included in a SA-TEK-Response message. In this case, SATEK 3-way handshake is performed with SA Challenge Tuple TLV included in the RNG-RSP message.

Bit #1=1 AND bit#2=1:Re-authentication and SA-TEK 3-way handshake is not performed. The RNG-RSP message does not include SA-TEK-Update TLV nor SA Challenge Tuple TLV. There are two options, depending on the value of Bit #14.
Option 1: Bit #14=0: All the TEKs received from the serving BS are reused.
Option 2: Bit #14=1: The TEKs are updated using the HO-nonce method (section 7.2.2.2.6.1)
All PMK timers are maintained.



Modify “Table 48 PKM Message Codes” in section “6.3.2.3.9 Privacy key management (PKM) messages (PKM-REQ/PKM-RSP)” as indicated

|32 |MIH Acknowledge |PKM-RSP |
|33 |MIH Comeback Response |PKM-RSP |
|34–255 |Reserved |— |
|34 |PKMv2 HO-nonce Request |PKM-REQ |
|35 |PKMv2 HO-nonce Reply |PKM-RSP |
|36–255 |Reserved |— |

Insert the following subsection in section 6.3.2.3.9

6.3.2.3.9.32 PKMv2 HO-nonce Request message

An MS sends a PKMv2 HO-nonce Request message to the BS to provide the BS with a nonce, which is to be used in the next HO, for deriving the TEKs associated with a particular SA. This procedure is to be used only for unicast SAs.

Code: 34

Attributes are shown in Table 76a.

Table 76a—PKMv2 HO-nonce Request message attributes

|Attribute |Contents |
|Key Sequence Number |AK Sequence Number |
|SAID |Security Association Identifier |
|Nonce |A random number generated in an MS |
|HO nonce |An attribute containing the nonce chosen by the MS for TEK derivation during the |
| |next HO. The contents of this attribute shall be referred to as “MS-HO-nonce” |
|HMAC/CMAC Digest |Message digest calculated using AK |

The HMAC/CMAC Digest attribute shall be the final attribute in the message’s attribute list.

Inclusion of the HMAC/CMAC Digest attribute allows the MS and BS to authenticate the PKMv2 Key- Request message. The HMAC/CMAC Digest attribute’s authentication key is derived from the AK.

Insert the following subsection in section 6.3.2.3.9

6.3.2.3.9.33 PKMv2 HO-nonce Reply message

The BS responds to an MS’s PKMv2 HO-nonce Request message with a PKMv2 HO-nonce Reply message.

Code: 35

Attributes are shown in Table 76b.

Table 76b—PKMv2 HO-nonce Reply message attributes

|Attribute |Contents |
|Key Sequence Number |AK Sequence Number |
|SAID |Security Association Identifier |
|Nonce |A same random number included in the PKMv2 Key-Request message. |
|HO nonce |An attribute containing the nonce chosen by the BS for TEK derivation during the |
| |next HO. The contents of this attribute shall be referred to as “BS-HO-nonce”. |
| |This is not the same nonce as what was included in the PKMv2 HO-nonce Request |
| |message. |
|HMAC/CMAC Digest |Message digest calculated using AK |

The HMAC/CMAC Digest attribute shall be the final attribute in the message’s attribute list.

Inclusion of the HMAC/CMAC Digest attribute allows the MS and BS to authenticate the PKMv2 Key- Reply message. The HMAC/CMAC Digest attribute’s authentication key is derived from the AK.

Modify “Table 556 – PKM attribute types” in section 11.9 “PKM-REQ/RSP management message encodings” as indicated

|27 |PKM Configuration Settings |
|28-34 |Reserved |
|35 |Encrypted pre-PAK |
|36-255 |Reserved |
|36 |HO nonce |
|37–255 |Reserved |

Insert the following subsection in section 11.9

11.9.39 HO-nonce attribute

The HO-nonce attribute contains a quantity used for updating TEKs during HO. When this attribute is contained in PKMv2 HO-nonce Request message, it contains a random quantity generated by the MS. When contained in PKMv2 HO-nonce Reply message, it contains a random quantity generated by the BS. As always, values for nonces should be generated using reliable random or pseudo-random generators.

|Type |Length |Value (string) |
|36 |16 |Randomly generated value |

Modify table “Table 546—Trigger; Type/function/action description“ as indicated

Table 546 — Trigger; Type/function/action description
|Name |Length |Value |
| | | |



| | | |
|Action |3 (LSB) |Action performed upon reaching trigger condition: |
| | |0x0: Reserved |
| | |0x1: Respond on trigger with MOB_SCN-REP after the end of each scanning interval |
| | |0x2: Respond on trigger with MOB_MSHO-REQ |
| | |0x3: MS shall start neighbor BS scanning process by sending MOB_SCN-REQ, by initiating|
| | |Autonomous eighbor cell scanning (see 8.4.13.1.3) or both. |
| | |0x4–0x7: Reserved |
| | |0x4: MS shall initiate HO-nonce exchange procedure (see 7.2.2.2.6.1) |
| | |0x5–0x7: Reserved |
| | |NOTE—0x3 is not applicable when neighbor BS metrics are defined (i.e., only Function |
| | |values 0x5 or 0x6 are applicable) |

References

[IEEE802.16-Rev2/D2] IEEE Computer Society and IEEE Microwave Theory and Techniques Society, “DRAFT Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Broadband Wireless Access Systems”, P802.16Rev2/D2 (December 2007) Revision of IEEE Std 802.16-2004 and consolidates material from IEEE Std 802.16e-2005, IEEE Std 802.16-2004/Cor1-2005, IEEE Std 802.16f-2005 and IEEE Std802.16g-2007 .
-----------------------
MS switch from S-BS to T-BS

T-BS

S- BS

MS

HO-RSP

HO-REQ

new TEKs (and other updates)

UL data

DL data

UL_MAP (data allocation)

RNG_RSP

>?abcxy{‚Ž™?¥¦¶¹º»½¾ÀÁÌÜÝÞëìíþÿ ! 1 : ; W X Y ] c – ¡ j k s
}
ª
«
â ã ü÷ïüäïÞï÷üÙÔÙÔ÷ü÷Ô÷Ô÷Ï÷üËüÇËüÇËü˽ü¹üµËü½«ü§ü£Ÿ£üË’‰’h=9h&"ù0JDjh=9h&"ù0JDU[pic]h‘W'hµ7‘hohUpCUL_MAP (Fast Ranging IE)

RNG_REQ

MOB_BSHO_REQ / RSP

MOB_HO_IND

MOB_HO_IND

MOB_BSHO_REQ

HO-REQ
MS HO nonce, BS HO nonce

HO-RSP

T-BS

MS and T-BS are in possession all info necessary to derive the new TEKs



MS switch from S-BS to T-BS

DCD (Broadcast)
Initiate HO-nonce exchange when CINR > 7.9 dB

KEY-REQ
MS nonce to be used at next HO is “MS HO nonce”

MS

S-BS

KEY-REPLY
MS nonce
BS nonce to be used at next HO is “BS HO nonce”

Store MS nonce. Choose BS nonce

CINR>7.9 dB? Choose MS nonce and send it to S-BS

Both sides store MS nonce and BS nonce. Do NOT derive any keys yet



HO needed? Contact T-BS(s)

HO-nonce exchange

Handover

-----------------------
1

Similar Documents

Premium Essay

Project Part 1

...Project Part 1 I am the project manager for Global Communications, a multinational company that installs communication systems using a wide variety of communication technologies, ranging from stringing wire to fiber optics. While the corporate offices of Global Communications are located in the U.S., there are other divisions operating in the UK, Russia, Germany, France, Italy, China, India, Japan, Egypt, Mexico, and Argentina. The composition of project teams in Global Communications varies depending upon the project. However, a typical project team comprises a hardware engineer, a software engineer, a testing engineer, a network administrator, human resources for training, administrative support personnel, and computer programmers. A typical project involves drafting and design, procurement, and transportation and logistics. Recently, the Ministry of Communication of a small country in the Caribbean has approached Global Communications. The country has had a communication hardware failure that caused a breakdown of its entire communication system. My task as a project manager is to put together a project team that will ascertain the extent of the damage and recommend a course of action for the country to follow. I will begin this project by identifying the critical success factors (CSFs) necessary for the success of the project. Virtual teams are more complex because they cross boundaries related to time, distance, and organization (Duarte & Snyder, p. 9)...

Words: 585 - Pages: 3

Premium Essay

Pm592 Project 1

...the only regional shelter in the Greater Cleveland area that provide resume writing, dress for success, interview techniques, computer classes, life skills training workshops, parenting classes, employment and educational resources, information and referrals to off-site services, job preparation, drug counseling, financial counseling, communication skills building, and personal and child welfare information. The overall cost for this project is $3.0 million. Most of our funding will come in the form of government grants. I have secure 2.6 million from the County, State, Federal and private fund. In order to get this project up and running and to expand our business we need to secure a building and have this project up and running in 48 weeks. CSTLO need to shift their operations to meet consumer’s demands. We will be doing the right thing by restructuring the way we do business and we will be taking actions and making decisions about the future that will put our organization on a path to long-term viability. Table of Contents Project Description 4 WBS 5 Cost Estimate 6 Advanced Cost Estimating Technique 6 Cost Assumptions 7 Financial Analysis 7 Schedule 9 Conclusion 10 References 11 Appendices 12 Appendix A – WBS 12 Appendix B – Cost Assumptions 13 Appendix C – Resource Sheet 14 Appendix D – Gantt chart 15...

Words: 2608 - Pages: 11

Premium Essay

Oresund Bridge Project 1

...Course project 1 contains my responses to the nine questions related to the Oresund Bridge project. I have answered them to the best of my ability. 1. What process would you use for identifying project risks for a second Oresund Bridge project? What risks would you raise for each alternative? For such an extremely large project like this to identify project risks, I would start with the basic premise of a conducting a SWOT analysis which allows for identifying Strengths, Weaknesses, Opportunities, and Threats. Once SWOT analysis is completed, I would move forward to defining control of the project to indicate the following variances such as cost, schedule, scope and quality. Furthermore, bring in Subject Matter Experts (SME) to provide their input for mitigation strategy. Lastly, other risks to be raised for each alternative is to develop a risk management plan, project planning outputs, risk categories, historical information. By using these deliverables under the PMBOK risk processes called Risk identification. 2. What process would you use for categorizing project risks for a second Oresund Bridge project? How would you actually categorize them? I would use the qualitative risk analysis process for categorizing project risks because from a high level standpoint it allows me to evaluate each risk and designate the severity of the impact of the project and estimate the probability of the risk occurring in terms of high, medium and low. For categorizing project risks,...

Words: 1038 - Pages: 5

Premium Essay

Project Management Assignment 1

...PROJECT MANAGEMENT: PERSPECTIVE, PLANNING AND IMPLEMENTATION CASE STUDY REPORTS: 1. Team Problems 2. An Electronics Company CONTENTS Section Description Page 1 team problems 1 1.1 executive summary 1 1.2 INTRODUCTION 1 1.3 PROBLEM ANALYSIS 2 1.4 HANDLING CONFLICT 3 1.4.1 Avoiding or Withdrawing 3 1.4.2 Competing or Forcing 3 1.4.3 Accommodating or Smoothing 4 1.4.4 Compromising 4 1.4.5 Collaborating, Confronting, or Problem Solving 4 1.5 PROBLEM SOLVING 4 1.6 PREVENTING CONFLICT 5 1.7 CONCLUSION 6 team problems \ 1 executive summary A case study was presented involving a problem within a project team responsible for designing hardware and software systems. Symptoms of the problem were marked by a delay in the project schedule causing the team to be set back by a month. The working environment had also been adversely affected by the conflict. The case study made mention of the fact that the Project Manager had an open-door policy and conducted weekly project team meetings. In spite of this fact, the Project Manager was unaware of the setback to the schedule although he was conscious of the fact that one of the Project Team Leaders was under a due amount of stress as a...

Words: 1499 - Pages: 6

Premium Essay

Assessment 1 - Project Management

...Assessment 1 – Presentation Instructions: You have been assigned to set update the website for Windsor Institute. It is not required to have skills of developing websites however it is required that you may do some research or discuss with your trainer to identify tasks involved in such projects or processes. You may also visit the current Windsor website (www.windsor-ic.com.au) to identify organisational vision/strategy and needs for the update. You need to demonstrate (present) your ability to identify the strategic and operational needs of the IT project and develop a project plan including scheduling and project control plans like quality and risk management plan. During this demonstration (presentation) you also need to determine project approach or project phases. Duration: Trainer will set the duration of the assessment. Evidence required: Tasks Evidence Submission Task At least 25- 30 presentation slides on the topics listed below. Use screen shots for the plans and the charts to fit them in one slide. Presentation in front of the class and the trainer. Also in printing Your tasks: Prepare some (20-22) presentation slides to present the following items to your trainer:             Windsor’s strategic and operational needs for the project Project operational environment Laws/legislation might need to be considered for the project (e.g. Privacy law, Web content accessibility etc.) Project approach or...

Words: 582 - Pages: 3

Premium Essay

Pm592 Course Project 1

...Project Proposal: Local Grind To Investors Investing PM592 – Summer 2011 Executive Summary When you think of coffee in the Northwest, most people know there is Starbucks and small coffee shops. Coffee shops have become a familiar feature of American communities, not only for the purchase of a morning cup of coffee and snacks, but for mid-day and evening as well. With the introduction of fancy espresso-based coffee and drinks, people are spending between $3 and $6 for their cappuccino, mocha latte, vanilla ice blended drink, or other flavored drink that may be coffee based. Privately owned coffee houses have been on the increase for over 20 years because they are relatively recession proof. Leading companies, such as Starbucks and Peet’s, are located in almost every major city in the US. Small unique coffee shops like the Local Grind are able to compete with these larger chains; they are able to develop competitive advantages by catering to the specific demographics of their location and by personalizing their services to cater local needs. Our goal is to provide quality coffee related services and products by capitalizing on an untapped demographic that has many potential un-serviced customer. To accomplish our goals, we are requesting $100,000 from your company, as an initial investment to set up operations. We plan to invest an additional 20% from our own resources, up front, for the start up operational costs. Local Grind is scheduled to open for business...

Words: 2591 - Pages: 11

Premium Essay

Project Management Week 1 Personal

...TUGAS PERSONAL 1 (Minggu 1/ Sesi 1) IAN GUMILANG (1801491195) PART I 1. B. Time, cost, and quality and/or scope 2. 3. C. Meeting at least 75 percent of specification requirements 4. A. The project manager 5. A. Flexibility in the project’s end date PART II 1. Attributes that a project manager should have are : a. Show their worth b. Understand business strategy c. Overcome hurdles d. Improve team performance Yes an individual can be trained to become project manager, a. Make sure that they are suitably qualified and have the right character in the first place, if not get them trained up or get rid of them (It may sound harsh, but not everyone is capable or wants to be a PM, however some may just be attracted by the salary). If you don't get rid of the inappropriate people, they will soon drag your other PMs down - asking them questions, causing havoc that others need to clean up or loosing you business. b. On the job training is the best, but don't throw your best potential in the deep end, make sure you start them off with smaller projects with mentors and coaches. c. Make sure they have a personal development plan, you have some money to continually train them or provide them training opportunities - e.g a PM Library of good texts is a good and cheap starting point. d. Make sure that they share their good and bad experiences with each other - lunch and learns is another good example - you provide the free lunch, they learn...

Words: 440 - Pages: 2

Premium Essay

Information Security Project 1

...Project: Information Security Project 1 Name: Ashiqul Abir Class: NT2580 Date: 02/28/2013 Information security best practice project: The information security best project was housed within the Oxford University computer emergency response team. The project sought build on the knowledge, commentary and information gathered during the 2009 self-assessment exercise. One of the main objectives of the project was to develop an information security toolkit, which includes the policies, guidelines, documentation and education and awareness programmers. Information security: In a devolved environment, such as a collegiate university, it is imperative that policy should not go into retail about how those objectives should be met. It also defines the scope of the policy and identifies roles and responsibilities for security. Information security toolkit: The example polies can be tailored to suit the individual needs of your department, college or hall. The toolkit focuses on some areas like, IT management Operations Network Management Physical Security Building on the 2009 self-Assessment: The 2009 Self-Assessment exercise asked unit within the collegiate university to assess their current approach to IT operations, management and security against recommended best practice guidelines. The information gathered helped the advisory group to understand where further attention, resource, and best practice...

Words: 280 - Pages: 2

Free Essay

Project Management Assign 1

...Research and read an article on recent recipients of the project management institute’s project of the year award (2013 PMI winners – Adelaide Desalination Project). Summarize how the project manager or team exhibited exceptional and ethical project management practices. Discuss the role of the project manager or team, the organizational setting, the recipient’s approach to project integration management, and obstacles that had the potential of adversely impacting the triple constraints Ugbe Maurice Ugbe Stratford University (Falls Church, Virginia) Abstract The Adelaide Desalination Project involves the construction of a 100 GL per annum desalination plant, including the seawater intake and outfall tunnels and structures, and associated infrastructure including the transfer pipeline, power supply works and interconnection and upgrade works at Happy Valley Water Treatment Plant. Research and read an article on recent recipients of the project management institute’s project of the year award (2013 PMI winners – Adelaide Desalination Project). Summarize how the project manager or team exhibited exceptional and ethical project management practices. Discuss the role of the project manager or team, the organizational setting, the recipient’s approach to project integration management, and obstacles that had the potential of adversely impacting the triple constraints. Introduction Traditionally, South Australia has always relied on the River Murray...

Words: 1109 - Pages: 5

Premium Essay

Pm592 Course Project 1

...PM 592 Project Cost and Schedule Control Executive Summary After reviewing the project costs, schedules, and earned values I have realized that there are some concerns with the schedule and costs. I have found that there are some tasks that have put the project behind schedule and over budget. After reviewing the project closely and making the adjustments by requesting and adding additional percentage for resources to the builder, plumber, electrician, hvac, and the ferris wheel supplier it will bring the project back on track and under budget. Which if you review the revised schedule you will find that the new schedule will still allow the theme park to open on time and within budget. Schedule 1 [pic] Performance Analysis Based on the Earned Value Management I have found that there are a couple stages behind schedule and once complete will end up over budget. Phase 1.5 Joists and Roof Deck is currently at 76% completion and is behind schedule, according to the charts once this is complete will end up finishing late and over budget. The responsibility of this task is on the Builder. Phase 1.7 Rough Carpentry is currently at 65% completion and also is behind schedule, this phase also will end up finishing late and over budget. Once again this task responsibility is on the Builder. Phase 1.11 Elevator is currently at 76% completion and also is behind schedule, this phase also will end up finishing late and over budget. Once again this task responsibility is on...

Words: 970 - Pages: 4

Premium Essay

Project Prposal Week 1

...Project Proposal Fred Kelly Jr CMGT 410 March 2, 2015 Charles Selin University of Phoenix Turbo Tech, Inc. | To: | Management, all corporate team members and employees of all departments | From: | Fred Kelly Jr | CC: | Managers of each branch location | Date: | 3/2/2015 | Re: | New Companywide Compliance System and Policies | Comments: | Due to the nature of an expanding company, a new corporation-wide compliance system is needed for Turbo Tech, Inc. In an extension to the new conformity system, new compliance policies will be introduced. Every manager will be required to train properly to complete their jobs as well as ensure their underlings perform properly. This training will be coordinated and undertaken as part of the Turbo project. Project Stakeholders The Turbo project affects a multitude of individuals both directly and indirectly. The main participants of this program include all of the managers at each branch district across the country. The supervisors are affected precisely since they will be attending the training sessions. Each of the employees at the branch locations across the company will not be immediately affected by the Turbo project. The training the managers receive will be passed on to each of their respective employees. The CEO of Turbo Tech, Inc. will not be immediately affected by this project. The CEO requires feedback to evaluate training sessions and, therefore, is an important factor to...

Words: 626 - Pages: 3

Premium Essay

Risk Management Project Part 1 Task 1

...Tony Stark Risk Management Project Part 1 Task 1 Introduction A risk management plan is important for any business or organization regardless of the business’s or organization’s size. In the case of the Defense Logistics Information Service (DLIS), a risk management plan is critical in making sure the data that DLIS handles is protected. Loss or stolen information from DLIS can affect military assets. A plan needs to be made to be able to follow procedures in the event of an incident and to help mitigate data loss. Risk Management Outline 1.0 Introduction 2.1 Purpose and Objectives 2.0 Identify Threats 3.2 Attacks from the Internet 3.3 Hardware or software failures 3.4 Loss of Internet connectivity 3.5 Nature 3.0 Identify Vulnerabilities 4.6 Lack of firewall 4.7 Lack of intrusion detection 4.8 Lack of antivirus software 4.9 Lack of server updates 4.10 Lack of antivirus updates 4.0 Assign Responsibilities 5.0 Identify the cost of an outage 6.0 Provide recommendations 7.0 Identify the cost of recommendations 8.0 Provide a cost-benefit analysis (CBA) 9.0 Document accepted recommendations 10.0 Track implementation 11.0 Create POAM Scope The Scope of this risk management plan is the existing hardware and software currently in place. This is to include the current personnel, contractors, and vendors. The scope will have to be redefined if...

Words: 612 - Pages: 3

Premium Essay

Chapter 1: Modern Project Management

...Chapter 1: Modern Project Management 1. Define a project. What are five characteristics that help differentiate projects from other functions carried out in the daily operations of the organization? A project is a complex, no routine, off-time effort limited by time, budget, resources, and performance specifications designed to meet customer needs • An established objective • A defined life span with a beginning and an end • Involvement of several departments • Doing something unique • Time, cost , and performance requirements • To serve customers’ needs 2. Compression of the product life cycle, Global competition, Knowledge explosion, corporate downsizing, increased customer focus, and small projects represent big problems are all environmental factors. 3. It is important to strategic planning and the project manager because with a project there is so much going on between so many different people so the manager has to be able to implement a plan and have people follow it. This is the only way a project can run smoothly and with the least amount of problems. If the manager is able to get the best success with good project implementation. 4. The technical side of the coin represents the science side of project management while the sociocultural side of the coin represents the art of managing a project. In order for a manger to be successful they must be a master of both sides of the coin. While some managers tend to focus on the technical side rather than the...

Words: 326 - Pages: 2

Premium Essay

Mgt2 It Project Management Task 1

...Task 1 – Part A GenRays Matrix Template Project Management Knowledge Areas Recommended Tool(s) Project Charter, Facilitation Technique Project Integration Management Interviews, Product Analysis Project Scope Management Justification for Tool The project charter will be used for this knowledge management area because it defines the HRIS projects purpose, objectives, requirements, risks, and budget, which is important for this top-down, overall view of the project. The Facilitation Technique will also be used because it not only facilitates the development of the project charter, but will help the project team members accomplish their tasks through brainstorming, problem solving, meeting management, and conflict resolution. Interviews with GenRays senior leaders, department heads, and staff will be used for this knowledge management area to determine what the most beneficial aspects of an HRIS system are to the company. The results of the interviews will be used to help identify and define the features and functions of the project’s deliverables. Product Analysis will also be used to help determine which vendor’s pre-packaged HRIS system best meets the company’s needs, by analyzing the HRIS requirements, the product breakdown, the systems required, and the value of the product, and comparing to the offerings and information provided by the potential vendors that have already been identified. Decomposition, Expert Judgment, Gantt Chart Decomposition will be used for Project...

Words: 14782 - Pages: 60

Premium Essay

Project Planning 1 Seitz Corp

...Project Planning 1 Seitz Corp Scott T. Walker Keller Graduate School PM586: Project Management Professor Gary Gross Introduction In January 2008 the board of directors of SEITZ Corporation authorized the expenditure of $2,750,000 to construct a new plant in Huntsville Alabama that was to be completed and delivering product by 2010. Janis Clark was selected to be the project manager. Janice was given access to several key resources within the company including functional elements of the corporations Midwest plant and headquarters. She was also assigned key individuals Steve Pokorski, the Vice President of Operations, and Joe Downs, the Director of Plant Engineering. It must also be noted the Steve and Joe had submitted alternate proposals that were rejected. Clark immediately called her team together and set forth with plans to kick off the project. They first started by establishing and organizations structure and placing internal and external requisitions for employees with technical skills. Based on the posturing of Clark and her team there appeared to be some arrogance in their attitude in regard to promotion and location of the project. A preliminary list of task was established; a preliminary product line was established. Also expectations for an early completion of the plant were set in place. And it appeared all activities were set in place or in motion. Janice and her team were just about to schedule their kick off meeting...

Words: 993 - Pages: 4