Flux rss
Reviews

802.1X/EAP

 

Introduction to 802.1X

The 802.1x standard is a security solution ratified by the IEEE in June 2001 which can authenticate (identify) a user who wants to access a network (whether wired or wireless). This is done through the use of an authentication server.

802.1x is based on the EAP protocol (Extensible Authentication Protocol), as defined by the IETF. This protocol is used for transporting user identification information.

EAP

The EAP protocol is centred around the use of an access controller called an authenticator, which either grants or denies a user access to the network. The user in this system is called a supplicant. The access controller is a basic firewall which acts as an intermediary between the user and an authentication server, and requires very few resources to function. For a wireless network, the access point acts as the authenticator.

The authentication server (sometimes called the NAS, for Network Authentication Service or Network Access Service) can approve the user's identity as transmitted by the network controller, and then grant the user access depending on his or her credentials. What's more, this type of server can store and keep track of information related to the users. In the case of a service provider, for example, these features allow the server to bill them based on how long they were connected or how much data they transferred.

The authentication server is most commonly a RADIUS server (Remote Authentication Dial-In User Service), a standard authentication server defined by RFC 2865 and 2866, but any other authentication service may be used instead.

The following is a summary of how a secure network using the 802.1x standard works:

  1. The access controller, having previously received a connection request from the user, sends an identification request;
  2. The user sends a response to the access controller, which routes the response to the authentication server;
  3. The authentication server sends a "challenge" to the access controller, which transmits it to the user. The challenge is a method of establishing identification. If the client cannot evaluate the challenge, the server tries another one, and so on;
  4. The user responds to the challenge. If the user's identity is correct, the authentication server sends approval to the access controller, which allows the user onto the network or part of the network, depending on the rights granted. If the user's identity could not be verified, the authentication server sends a refusal message, and the access controller denies the user access to the network.

Encryption key exchange

Besides authenticating users, the 802.1x standard provides users with a secure way to exchange encryption keys, in order to improve overall security.

Last update on Thursday October 16, 2008 02:43:15 PM.

This document entitled « 802.1X/EAP » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Results for 802.1X/EAP

Help MurocApi:802.1x Config-initialization fa I'm getting this code every time i I try to use the Inter Net MurocApi:802.1x Config-initialization failure en.kioskea.net/forum/affich-4758-help-murocapi-802-1x-config-initialization-fa
WiFi - Security The first thing to do when a wireless network is installed is to place the access points in reasonable locations depending on the desired area of coverage. However, it is not uncommon to find that the covered area ends up being larger than desired,... en.kioskea.net/wifi/wifisecu.php3
WiFi - 802.11i / WPA2 802.11i was ratified on 24 June 2004, in order to address security issues in WiFi networks. Like WPE, it relies on the TKIP encryption algorithm, but it also supports the much more secure AES (Advanced Encryption Standard). The Wi-Fi Alliance created... en.kioskea.net/wifi/wifi-wpa2.php3

Results for 802.1X/EAP

PCI ExpressPCI Express What is PCI Express? How does PCI Express work? Advantages of PCI Express PCI Express buses and their bandwidth What is PCI Express? PCI stands for Peripheral Component Interconnect. PCI Express has been launched by Intel... en.kioskea.net/faq/sujet-322-pci-express
More answers

Results for 802.1X/EAP

PCI-E 16 xs or 1xHello, Can anyone tell me how to verify that PCI-E bus is set to 16x and not 1x? Do you have any idea? Thanking you in advance. en.kioskea.net/forum/affich-13535-pci-e-16-xs-or-1x
Windows error code 8024200dHello, I tried to load update service pack 1 and got the following error code 8024200D. I can not find out what it means. Vista home , HP dv6235nr, T5200 @ 1.60 ghz en.kioskea.net/forum/affich-44941-windows-error-code-8024200d
NEED MOTHER BOARD SOFT WAREHello I formatted my windows xp2.I lost my mother board cd.And i'm not able to hear sound. I need some help regarding- how to download software, Plz help me.I'm so afaid. LBA:80293248 CODE:NAR61HAO MODEL:XT7 CFG NO:W119LP1 S/N PSX-512... en.kioskea.net/forum/affich-3748-need-mother-board-soft-ware
More answers

Results for 802.1X/EAP

Download SiS900 LAN DriverThe LOCATED pilot LAN supports the following chipsets: SiSM650, SiSM760, SiSM741, SiS655FX, SiS655, SiS651, SiS650GX, SiS648MX, SiS648FX, SiS648, SiS645DX, SiS650GL, ... en.kioskea.net/telecharger/telecharger-747-sis900-lan-driver
More answers

Results for 802.1X/EAP

WiFi - Introduction The IEEE 802.11 specification (ISO/IEC 8802-11) is an international standard describing the characteristics of a wireless local area network (WLAN). The name Wi-Fi (short for "Wireless Fidelity", sometimes incorrectly shortened to WiFi) corresponds... en.kioskea.net/wifi/wifiintro.php3
WiFi - modes of operation There are several kinds of hardware that may be used to implement a WiFi wireless network: Wireless adapters or network interface controllers (NICs for short) are network cards with the 802.11 standard which let a machine connect to a wireless... en.kioskea.net/wifi/wifimodes.php3
WPA - WiFi Protected Access WPA (WiFi protected Access) WiFi network security solution offered by the WiFi Alliance, in order to fill gaps in WEP. WPA is a "light" version of the 802.11i protocol, which relies on authentication protocols and a strong encryption algorithm:... en.kioskea.net/wifi/wifi-wpa.php3
More answers