Research And Implementation Of The 802.1X Protocol

Continuous progress in Ethernet techniques has made it a prominent network technology, not only for building up LANs, MANs, and WANs, but also for accessing those networks. As a result, there is an urgent need for access control in an Ethernet environment, and finally in 2001, the standard of 802.1X was defined by an IEEE 802 working group. IEEE 802.1X is a port based access control protocol, which provides a standard mechanism and authorization method for users connected to Ethernet ports.The work presented in this dissertation reflects author's understanding of IEEE 802.1X based authentication system, and an experimental implementation of this protocol in microcomputers interconnected by an Ethernet LAN, is described. The intention behind this activity is that such experience gained in the experimental implementation might be useful for future migration to homemade Ethernet switches.This dissertation first provides a comprehensive study of the IEEE 802. 1X. The motivation and basic idea of this standard is briefly reviewed; its main features and functional components are analyzed in some detail. With regard to system presentation, the author has abstracted an 802.1X based authentication system as having two visions: the generalized one (in broad sense) and the user's vision (in narrow sense). A generalized vision treats all the relevant components as a whole, therefore it comprises the functions necessarily been hosted in edge switches as well as those provided by the backstage authentication server. The user's vision is one directly presented by edge switches, while the backstage server is invisible to users. The two-vision view is helpful to appreciate the working principle and has guided the implementation described in this dissertation.Another contribution to system representation involves clarification of the function of the Authenticator system, i.e. as a server agent at the client side and as a client agent at the server side.Major part of this dissertation involves implementation issues: the systemarchitecture design, detailed module design and programming, and system testing, which has shown the implementation is operable and to some extent conforms to the standard.