| 802.1X is widely used in the end nodes access control in LANs. Reauthentication is introduced to 802.1X to time out authorization state, frenquent reauthentications can provide high security while bring unstable bandwith occupation, computing cost and time delay. To solve the problem, this thesis makes research on the admission control techonolgy of end nodes in 802.1X to provide service quality for authentication service.This thesis establishes the Quality of Authentication Service (QoAS) model based on queuing theory and deduces the parameter formula of QoAS, after that, the thesis analyzes the influencing process on QoAS of parameters and educe the theoretical basis that the admission control can provide QoAS. The formula obtained in the thesis can be extended to any fixed form authentication protocol.This thesis proposed two admission control method based on the formular. The reauthentication initialization method based on sliding windows reduces the computing cost of Authenticator and rationalize the reauthentication initialization to provide QoAS and still maintain the same authentication period. The combining authentication method compresses the redundancy data and decreases the transmission quantity and occupied bandwidth without loss of authentication information.This thesis design an admission control system based on 802.1X. In the implementation of the authorized end node table, a new dynamic matrix generation algorithm was proposed, which can dynamic generation matrix nodes while the node number is dramatically changing, and make the length to width ratio stable. This algorithm can reduce the time complexity of table operation. At last, it is proved that the admission control system can provide QoAS by simulation while in severely resource-tensioned situation. |
PDF Full Text Request