Presentation is loading. Please wait.

Presentation is loading. Please wait.

EDUROAM Michael Helm ESnet/LBL 26 Mar 2006. EduroamTAGPMA 27 Mar 20062 What Is Eduroam? The Roaming Scholar vs the Restricted Wireless Network –I am in.

Similar presentations


Presentation on theme: "EDUROAM Michael Helm ESnet/LBL 26 Mar 2006. EduroamTAGPMA 27 Mar 20062 What Is Eduroam? The Roaming Scholar vs the Restricted Wireless Network –I am in."— Presentation transcript:

1 EDUROAM Michael Helm ESnet/LBL 26 Mar 2006

2 EduroamTAGPMA 27 Mar 20062 What Is Eduroam? The Roaming Scholar vs the Restricted Wireless Network –I am in a strange place, and I need to log in to your network; you want me to do this, but how can you permit it? –Need locally-usable credentials to authorize network services –Typical application is wireless networking Evolution of approaches  802.11 -> 802.1x –Web-based authentication (eg Hotels) –Distributed VPNs

3 EduroamTAGPMA 27 Mar 20063 What Is Eduroam? (2) EU – Terena Mobility WG http://www.eduroam.org Hierarcy of RADIUS servers –RADIUS = RFC 2865 –Widely deployed in campuses & industry –Eduroam root at SURFnet in NL –EU NRENs have national roots &c –Non EU – AU, US*, maybe other Asia

4 EduroamTAGPMA 27 Mar 20064 Eduroam - current

5 EduroamTAGPMA 27 Mar 20065 Eduroam - Current

6 EduroamTAGPMA 27 Mar 20066 eduroam.us FWNA – I2 Determined basic specs –RADIUS hierarchy modeled after current European eduroam network –Requires use of 802.1x Experimental service in place –Top level servers at UTK, Merit –Connecting servers to Europe, Asia Finalizing “registration” system –Web-based service that will allow institutions to connect easily

7 EduroamTAGPMA 27 Mar 20067 802.1x, RADIUS and EAP Top-Level Server 1 RADIUS server at visited institution RADIUS server at home institution Userid store at home institution EAP client Access Point

8 EduroamTAGPMA 27 Mar 20068 802.1x, RADIUS and EAP 802.1x and RADIUS serve as transport mechanisms for EAP authentication 1x and RADIUS facilitate a conversation between two items controlled by the user and his organization: EAP client and campus RADIUS server

9 EduroamTAGPMA 27 Mar 20069 Top-level server interaction Top-Level Server 2 RADIUS configuration and routing data Top-level servers draw configs from a central store of data, based on registration Thus they remain in synch, but do not otherwise directly communicate Top-Level Server 1

10 EduroamTAGPMA 27 Mar 200610 Eduroam Development Many instances, but not yet ubiquitous City-State of CERN? EU eduroam success leads to eduroam- NG –Need to exchange attributes –Service discovery –Weaknesses of RADIUS in these areas + security concerns (Teaser for KW & PH slide decks)

11 EduroamTAGPMA 27 Mar 200611 Outlook Grid application? (Other networks?) PKI support –EAP clients –RADIUS router & ID Provider support Useful for our collaboration Acknowledgements: Most of the material in this deck is from Klaas Wierenga (at one remove) and Kevin Miller & Philippe Hanset (FWNA-I2)


Download ppt "EDUROAM Michael Helm ESnet/LBL 26 Mar 2006. EduroamTAGPMA 27 Mar 20062 What Is Eduroam? The Roaming Scholar vs the Restricted Wireless Network –I am in."

Similar presentations


Ads by Google