상세정보
학술대회
Performance of an Efficient Performing Authentication to Obtain Access to Public Wireless LAN with a Cache Table
- 발행일
- 200606
- 출처
- International Conference on Communications (ICC) 2006, pp.2376-2381
- 협약과제
- 06MT2500, All-IP기반 통합 네트워크 서비스 제어 기술개발, 이병선
- 초록
- Currently, Wireless LAN(WLAN) service is widely deployed to provide high speed wireless Internet access through the mobile stations such as notebook and PDA. To provide enhanced security and user access control in the public WLAN area, WLAN access points should have the capability of IEEE 802.1x-based user authentication and authorization functionality. In this paper, we provide a brief understanding of IEEE 802.1x standards and related protocols like EAPOL(Extended Authentication Protocol Over LAN), EAP, RADIUS and describe how the IEEE 802.1x is designed and implemented in our embedded linux-based WLAN AP which is named i-WiNG.(Intelligent Wireless Internet Gateway). And we present an efficient authentication proxy for IEEE 802.1x systems based on the port-based access control mechanism. The proxy function of the AP is allowed to cache the supplicant's user ID and password during his first transaction with the server. For the next authentication procedure of the same supplicant, the proxy function of the AP handles the authentication transactions using its cache on behalf of the authentication server. Since the main authentication server handles only the first authentication transaction of each supplicant, the processing load of the server can be reduced. Also, the authentication transaction delay experienced by a supplicant can be decreased compared with the conventional IEEE 802.1x systems. Therefore, the data traffic related to the authentication that has occurred in the backbone network can be considerably reduced to improve the speed of data transmission to the user of the high speed wireless Internet service. Further, in case of a small-scale network, it is possible to save a cost for operating an authentication server using an authentication table. © 2006 IEEE.
- KSP 제안 키워드
- Access point, Authentication Server, Backbone Network, Data traffic, Data transmission, Enhanced security, High Speed, IEEE 802.1X, Internet Gateways(IGWs), Internet service, Processing load