Research On Security Authentication And Network Management Of Pwlan

In order to communicate from anywhere and at anytime, communication networks are transforming from wired/fixed to wireless/mobile ones. What's more, the demand of broad-banded wireless access has gone beyond the capacity of the cell networks. Wireless local area network (WLAN), as a combined product of the network and the wireless communication technology, has attracted continual attention for its convenience, flexibility and cheapness. Nowadays, one application model of WLAN is that built personally or by companies themselves, the other is that built by mobile operators to provide continuous access to public wireless LAN (PWLAN) hot-spot connections. Concerning the openness of the WLAN, the security has become one of the most important obstacles for achieving market improvements. As one part of the research work on security architecture for PWLAN, which is funded by Hi-Tech Research and Development Program of China, this dissertation focuses on the technology of authentication and network management. In part I, we introduce the standard, architecture of WLAN, the security technology of IEEE 802.11x (e.g., service set identifier, MAC filtering, encryption and authentication) and the secure architecture of PWLAN. In part II, we present one kind of novel Lissajous chaotic stream cipher cryptography after analyzing the random number generation mechanism in detail. The Lissajous chaotic sequences have various excellent characteristics on cryptography because the proposed map shares superior properties with the well known chaotic maps. Thus, the high security and practicability of Lissajous chaotic stream cipher can be pursued. In part III, we go further with the technology of extensible authentication protocol (EAP) based on 802.1x. We not only realize several EAP authentication methods such as EAP_MD5, EAP_TLS, EAP_TTLS, EAP_PEAP, EAP_LEAP, but also combine Web with EAP authentication methods by extending the logic port of authentication. In such way, one can construct secure LAN by access points (AP) with or without robust security networks (RSN) characteristics. In part IV, according to the WLAN specification (v2.0) of China Unicom, we realize security management station for AP and access controller (AC) based on simple network management protocol (SNMPv1, v2, v3) through local and Web ways, which can support RFC 1213 MIB, 802.11 MIB, 802.1d MIB, 802.1x MIB and private MIB.