EPON Technology Team 12/6/2015 Key Management [802.1af - considerations] 2004. 5. 12 Jee-Sook Eun Electronics and Telecommunications Research Institute.

Slides:



Advertisements
Similar presentations
Authentication.
Advertisements

EPON Technology Team 2/9/2014 Key Management [802.1af - Issues] Jee-Sook Eun Electronics and Telecommunications Research Institute.
Encrypting Wireless Data with VPN Techniques
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Security in Wireless Networks Juan Camilo Quintero D
Doc.: Submission, Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Securing the Network.
Confidentiality using Symmetric Encryption traditionally symmetric encryption is used to provide message confidentiality consider typical scenario –workstations.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
802.1x EAP Authentication Protocols
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
WLAN Security:PEAP Sunanda Kandimalla. Intoduction The primary goals of any security setup for WLANs should include: 1. Access control and mutual authentication,
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Lecture 1 Overview: roadmap 1.1 What is computer network? the Internet? 1.2 Network edge  end systems, access networks, links 1.3 Network core  network.
Chapter 20: Network Security Business Data Communications, 4e.
IEEE Wireless LAN Standard
Networking Components By: Michael J. Hardrick. HUB  A low cost device that sends data from one computer to all others usually operating on Layer 1 of.
Method of identifying mobile devices Srinivas Tenneti.
LECTURE 9 CT1303 LAN. LAN DEVICES Network: Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and.
Network Security1 – Chapter 5 (B) – Using IEEE 802.1x Purpose: (a) port authentication (b) access control An IEEE standard
Wireless and Security CSCI 5857: Encoding and Encryption.
Business Data Communications, Stallings 1 Chapter 1: Introduction William Stallings Business Data Communications 6 th Edition.
DATA COMMUNICATION. Data Communication Data communication is the transmission of data from one location to the other. Data can be sent in two ways: directly.
Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router LAN Switching and Wireless – Chapter 7.
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
EAP Bluetooth Extension Draft-kim-eap-bluetooth-00 Hahnsang Kim (INRIA), Hossam Afifi (INT), Masato Hayashi (Hitachi)
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Computer Networks 15-1 Connecting Devices. Connecting Device We divide connecting devices into five different categories based on the layer in which they.
Virtual Private Network Benefits Classification Tunneling technique, PPTP, L2TP, IPSec Encryption Technology Key Management Technology Authentication Settings.
Doc.: IEEE /063 Submission May 2000 Y. Kuchiki, M. Ikeda Seiko Epson Corp. Slide 1 Yutaku Kuchiki, Masayuki Ikeda Seiko Epson Corporation May.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Mr C Johnston ICT Teacher G055 - Lecture 03 Local and Wide Area Networks.
Network Components By Kagan Strayer. Network Components This presentation will cover various network components and their functions. The components that.
Security in many layers  Application Layer –  Transport Layer - Secure Socket Layer  Network Layer – IPsec (VPN)  Link Layer – Wireless Communication.
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
Rehab AlFallaj.  Network:  Nodes: Service units: PC Interface processing Modules: it doesn’t generate data, but just it process it and do specific task.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Wireless Networking Chapter 12. Chapter Objectives Identify wireless networking Compare wireless and wired network Explain the different wireless standards.
Wireless Network Security CSIS 5857: Encoding and Encryption.
.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.
CST 312 Pablo Breuer.  First published public-key algorithm  A number of commercial products employ this key exchange technique  Purpose is to enable.
CHAPTER -II NETWORKING COMPONENTS CPIS 371 Computer Network 1 (Updated on 3/11/2013)
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
Security of the Internet of Things: perspectives and challenges
Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.
Port Based Network Access Control
ICT Unit 4: Network and the effects of using them
Assignment 3 Jacob Seiz. Hub A hub provides a central access point for a network. Through multiple I/O ports a hub can connect multiple Ethernet devices.
History and Implementation of the IEEE 802 Security Architecture
Jee sook, Eun May 2004 Presented in IEEE 802.1af - key management
Computer Network.
Networking Essentials
Install AD Certificate Services
Digitization complicates visibility Market demands have taken the network beyond your perimeter Threats are more numerous and complex Threats are using.
Presentation transcript:

EPON Technology Team 12/6/2015 Key Management [802.1af - considerations] Jee-Sook Eun Electronics and Telecommunications Research Institute

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 Authentication  Between Authentication server and Supplicant by means of EAP and EAPOL  802.1x must be supported in Access Point  Back-end function for EAP packet must be supported on all devices between Access point and Authentication server. secured network Access point (Authenticator) Authentication s erver Supplicant

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 Why we need an Authentication server?  Authentication should be need  Key exchange use public-key encryption  Why public-key encryption? In Symmetric key encryption, the number of key distributed in network is so numerous Easy to exchange key  But Authentication process is very complex and expensive Need 802.1x(authenticator, supplicant, authentication server) Need certificates for each devices, if we doesn’t generate it, we communicate with upper layer using management plane. This means that link security does not operate independently Need RSA function(Very complex Algorithm, and no verification so far)

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 We need an Authentication server necessarily?  Though we use Symmetric key encryption, the number of key distributed in network is not so numerous  In network? Right  But, no network. Only Two devices connected at one link need the symmetric key  And Master key must install such as a certificate used in public-key encryption as off-line  So, confirm of master key itself can be an authentication

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 Authentication server is one?  If there is only one authentication server in whole netw ork, all access points must have back-end function in o rder to relay EAP to authentication server  If there is one device which does not support back-end function in network?  In wireless LAN, mobility must be supported on device s. So, devices can be set on anywhere.  But, In wired LAN, mobility may be supported on devic es. Because if one device has set, it scarcely move. Th e subscriber may move, and IP security is enough. MA C security function is not on subscriber’s device such a s PC. That is, MAC security function usually operate on switch. Switch usually does not have mobility

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 There is multi hop to get authentication server?  If there is one authentication server managing several s upplicant, it is not assure that an authenticator place wit hin one hop distance  Although authentication server is in authenticator, it wou ld manage other supplicants  Otherwise, why authentication server is need?

EPON Technology Team EPON Technology Team ( 본 발표자료는 대외비임.) 12/6/2015 Authentication server is more?  If so, whenever device is changed to other access point, we must set authentication information within appropri ate authentication server. This is not different that we in stall symmetric key on new device if we use symmetric key encryption

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.