Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Adding bandwidth specification to a AAA Sever
KTH, Skolan för informations- och kommunikationsteknik (ICT), Kommunikationssystem, CoS. (CCSlab)
2008 (Engelska)Självständigt arbete på avancerad nivå (masterexamen), 20 poäng / 30 hpStudentuppsats (Examensarbete)
Abstract [en]

Authentication, authorization, and accounting (AAA) are key elements in network security. In many networks, clients can use resources only after they have been authenticated by an authentication server and authorized to use these resources. In some cases the server will also maintain accounting records in order for an operator (a provider of resources) to charge the account/subscriber for using the service. There are four main AAA protocols being used today. Of these RADIUS is the mostly widely used.

This thesis starts with an introduction to AAA protocols, and then goes in the details of RADIUS. In order to perform a practical evaluation of how the AAA could be improved, FreeRADIUS was selected as the base code for this project; because this implementation is one of the most widely used RADIUS servers. A proposal for how to improve AAA performance is introduced and the implementation steps needed to realize these improvements are shown. Additionally, some experiments have been conducted to show both the correct functioning of the resulting implementation and to examine if there is a performance improvement. Following this some conclusions are drawn based upon a comparison with a traditional AAA server.

A key element of the change in AAA which is proposed is the use of a non-binary IEEE 802.1x process. This new non-binary solution introduces a new type of AAA server and requires the re-thinking of a number of traditional AAA design decisions. It is expected that this change will have a significant impact, but will require some time for exposure, implementation by others, and a more extensive evaluation that was possible during the period of this thesis project.

One of the most important conclusions drawn during this thesis is the difficulty of making a change in authentication and authorization, because of the large amount of interaction between both the various protocols and the standards which have been developed for these protocols. Thus one of the difficult aspects of the task is how to introduce a change in a protocol while maintaining backward compatibility for others who have not adopted this change -- without requiring the addition of a protocol version field.

A second important conclusion is that doing this implementation in three separate parts with different students being responsible for the different parts revealed just how complex the interaction of protocol design decisions are. While a working version of the entire set of changes proved to be impossible, it was observed that the different parts could be decoupled more than initially expected.

Ort, förlag, år, upplaga, sidor
2008. , s. 104
Serie
Trita-ICT-COS, ISSN 1653-6347 ; COS/CCS 2008-19
Nyckelord [en]
AAA, RADIUS, FreeRADIUS, authentication, non-binary authentication, IEEE 802.1x
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
URN: urn:nbn:se:kth:diva-91684OAI: oai:DiVA.org:kth-91684DiVA, id: diva2:511017
Ämne / kurs
Datorkommunikation
Utbildningsprogram
Teknologie masterexamen - Internetteknik
Presentation
2008-09-11, Seminar room Grimeton, Isafjordsgatan 22, Kista, 13:00 (Engelska)
Uppsök
teknik
Handledare
Examinatorer
Tillgänglig från: 2012-03-20 Skapad: 2012-03-19 Senast uppdaterad: 2013-09-09Bibliografiskt granskad

Open Access i DiVA

fulltext(713 kB)1341 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 713 kBChecksumma SHA-512
0da1323a964db880e5b77fcb234d6b05afb0c5cb36c0d28bf9d96e403e186830f888265cda999c752ad2392deab82690e3649d72a71198e95795db8031a62141
Typ fulltextMimetyp application/pdf

Sök vidare i DiVA

Av författaren/redaktören
Zhou, Jia
Av organisationen
Kommunikationssystem, CoS
Kommunikationssystem

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 1341 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

urn-nbn

Altmetricpoäng

urn-nbn
Totalt: 175 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf