| WLAN (Wireless Local Area Network) is widely applied in fields of economy, life and scientific research for its more convenient, flexible and efficient in network construction and mobility than wired network.But the exposed security problems has increasingly stood out and aroused people's widely interest because of the opening of radio transmission. If security problems can't be well addressed, further development and application of WLAN will be bound to be limited.To improve WLAN security, this thesis analyzes and generalizes different security problems of IEEE 802.11 WLAN and gives responding resolvents. There are two ways to ensure the security of WLAN, enhancing the technology of authentication and improving the encryption. The thesis mainly discusses technologies of WLAN security from the angle of enhancing the IEEE 802.11 access authentication and deeply studies two key techniques—Authentication and Key Management. It analyzes IEEE 802.1x port-based access control protocol, EAP (extensible authentication protocol), EAP/RADIUS protocol and dynamic key management protocol. Then it puts forward a secure access system solution for WLAN which is based on IEEE 802.1x authentication framework and provides mutual authentication grounded on digital certificates via EAP-TLS authentication. In addition, it adopts dynamic key management protocol to derive session keys during traffics, consequently realizing secure authentication, key management and authentication data encryption etc. And then, it designs and realizes authentication and key management modules in HostAP which acts as the authenticator system in the solution. Finally, it builds up a testing system according to Xsupplicant Client and FreeRADIUS Authentication Server and gives related tests to validate the architecture. Results show the solution offered in the thesis can efficiently enhance the safty of data communication in WLAN. And the research provides practical experiences for further studying and realizing China Security Standards. |
PDF Full Text Request