| With the great development of wireless technology in recent years, its security has been more and more focused on. The research of this dissertation has emphasized on the security system of PWLAN, which bases on IEEE802.11 technology. In this paper, theory and technique of authentication have been studied to enhance the security of IEEE802.11. The security architecture, authentication mechanism and components of PWLAN have been designed and realized by means of software.Firstly, a brief analysis that the existing security techniques in IEEE802.11 are unsatisfied has been given. And the secure solution of PWLAN - IEEE802.1X protocol is pointed out. IEEE802.1X is a port-based network access control protocol, which makes use of the physical access characteristics of IEEE802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port. This standard does not specify the nature of the authentication information that is exchanged. It has strongly expanded capability and according to the different concrete environments, it can provide different authentication means to protect the network.Secondly, the RADIUS protocol is discussed, which provides authentication, authorization and accounting, and is recommended by IEEE802.1X as a backend authentication protocol. Combined with IEEE802.1X, the implementation of some related RADIUS attributes are summarized. Based on the well-developed Public Key Infrastructure (PKI), EAP-TLS is a solution of the PWLAN required to have an enhanced level of security and to support network authentication, which provides a mutual and more secure authentication means. And the authentication process and its implementation means are explained. Then the Nation Standard - WAPI is introduced, and is compared with international standards in security aspect.Finally, the design and implementation of PWLAN security system are presented. Particularly, the realization of authenticator, backend authentication server and EAP-TLS authentication process is considered significantly. With EAP-TLS authentication method, users who hold valid certificates, can pass authentication and gain authorization. So EAP-TLS authentication enhances the security of PWLAN, and is very suitable for people to make security sensitive transactions.
|
PDF Full Text Request