Application And Study For Port Based Network Access Control Protocol Based On IEEE802.1X

Continuous progress in Ethernet techniques has made it a prominent networktechnology, not only for building up LANs, MANS, and WANs, but also for accessingthose networks. As a result, there is an urgent need for accesscontrol in an Ethernetenvironment, and finally in 2001, the standard of 802.1Xwas defined by an IEEE 802working group. IEEE 802.1X is a port based accesscontrol protocol, which provides astandard mechanism and authorization methodfor users connected to Ethernet ports.The work presented in this dissertation reflects author's understanding of IEEE802.1X based authentication system, and an experimental implementationof this protocolin microcomputers interconnected by an Ethernet LAN is described.This dissertation first provides a comprehensive study of the IEEE 802.1X.Themotivation and basic idea of this standard is briefly reviewed, its mainfeatures andfunctional components are analyzed in some detail. With regard tosystem presentation,the author has abstracted an 802.1X based authenticationsystem as having two visions:the generalized one (in broad sense) and the user's vision (in narrow sense). A generalizedvision treats all the relevant componentsas a whole, therefore it comprises the functionsnecessarily been hosted in edge switches as well as those provided by the backstageauthentication server. Theuser's vision is one directly presented by edge switches, whilethe backstageserver is invisible to users. The two-vision view is helpful to appreciatetheworking principle and has guided the implementation described in this dissertation.According to the analysis of the system structure above, the thesis further discussedthe function mold of the authentication service software system, carrying out to carryon the detailed description to the system in a specific way.The dissertation discusses toexperiment test work of the system to the emulation that author develop finally,including the request for unit-test and gathering-test step,enumerated to the test result ofpart molds and get the conclusion at the last.