A Cross-Domain Roaming System: Support and Integration of Heterogeneous Authentication Platforms on the Wireless LAN

Wen, Teu-Shun

27 August 2003

The flourishing development of internet moves the human technology into another new epoch and the rising of the wireless LAN presents the fact which people are freer and more convenient from the unlimited-space using the internet. More and more equipments can support the mobile device of WLAN. By reducing the cost and its good points of easy-building. Lots of hotspots, for instance, caf顦s, airports, train stations, schools and companies are widely deployed and positive to construct WLAN. How to provide people a simple, easy, and quality environment of WLAN becomes an important issue from the viewpoints of user. When WLAN had been discussed, it was only a simple LAN environment. Before it has been promoted by the manufacture, the mobility and security were not been measured and instituted. All the products from different suppliers and the promotion of wireless internet in school are difficult to be united. By the fact of this, in order to make the resource of internet more flexible and expandable and make internet can be used in wide-ranging and more convenient way, this article draw up a plan and structure of Cross-Domain Roaming System and security control. Besides, our system can support and integration of heterogeneous authentication platforms on the WLAN.

SSO

Roaming

IEEE802.1x

Radius

WEP

Improving Security In Embedded Systems With IEEE 802.1X

Karlsson, Marcus, Zaja, Oscar

January 2021

No description available.

EAP

IEEE802.1X

PEAP

TTLS

MSCHAPv2

GTC

TLS

MD5

Communication Systems

Kommunikationssystem

PERFORMANCE ANALYSIS OF RADIUS AND DIAMETER AUTHENTICATION SYSTEMS IN 802.1X BASED SECURED NETWORKS

Rahimi, Nadim

January 2022

There is increasing attention to the security challenges of IT-OT networks. Mitigating these challenges needs sophisticated methods to secure such networks, especially by securing access to the network. One valuable strategy that provides security to the network access level is Port-Based Authentication. Any authentication method within the IEEE 802.1x that can be adapted to current network complexity to minimize the attack surface related to the network access level is an area of interest. RADIUS has been a well-known leading protocol for a few decades while Diameter is newly developed from RADIUS as an unknown protocol; there is a lack of resources on the practical level. This thesis analyzes and evaluates RADIUS & Diameter protocols regarding authentication timeand their functionalities. The hardware used for the implementation phase consists of two Raspberry Pi as a server and supplicant, one IEEE 8021.x supporting switch (Ubiquity EdgeSwitch 24 Lite) and two Virtual Machinesalong with the software freeRADIUS & freeDiameter. Analyzing the fact for each protocol by literature study and the implementation result of this thesis, Diameter protocol requires more time to process the authentication than RADIUS. However, there were issues on the implementation that have affected the measurement of authentication time for Diameter. Based on the results, Diameter provides reliability, scalability, and more security than RADIUS. RADIUS shows a stable authentication time as promised. The RADIUS protocol is easy to implement and provides stable authentication, while Diameter still needs more software and documentation improvements.

IEEE802.1X

Port-Based Authentication

RADIUS

Diameter

EAP

NAS

AAA

Communication Systems

Kommunikationssystem