Research On Authentication Gateway Based On RADIUS Attributes

The authentication gateway is a combination of network security technology and gateway, which provides better security of network access.AAA are the abbreviate of the Authentication、Authorization and Accounting, standing for an efficient user management technology for internet service provider. RADIUS is a widely used implementation of AAA protocol, however, even though it has been studied for years, the way of the RADIUS actually hasn’t yet come to a standardization. They simply use the RADIUS client for authentication in the gateway at present. To fulfill the comprehensive capabilities in user management, this paper suggests a unique RADIUS client model based on the study of the expansion of the standard RADIUS authorization attributes to adapt to modern network management.This new model combines expanded attributes with powerful Linux packet filtering technology at the network gateway. With the use of.the new model, once the user authenticated, he is granted access to other resources on the network without the need for another authentication process. Thus it makes possible to achieve a centralized authentication and resource allocation gateway based on RADIUS attributes.In addition, to enhance the security of user password transmission between the Supplicant and NAS, making it a safe and reliable authentication gateway system, this paper works out a way of OTP technology during the web authentication. Functional and load test shows, the system could reach a high availability requirements.