Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Adding bandwidth specification to a AAA Sever
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS. (CCSlab)
2008 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Authentication, authorization, and accounting (AAA) are key elements in network security. In many networks, clients can use resources only after they have been authenticated by an authentication server and authorized to use these resources. In some cases the server will also maintain accounting records in order for an operator (a provider of resources) to charge the account/subscriber for using the service. There are four main AAA protocols being used today. Of these RADIUS is the mostly widely used.

This thesis starts with an introduction to AAA protocols, and then goes in the details of RADIUS. In order to perform a practical evaluation of how the AAA could be improved, FreeRADIUS was selected as the base code for this project; because this implementation is one of the most widely used RADIUS servers. A proposal for how to improve AAA performance is introduced and the implementation steps needed to realize these improvements are shown. Additionally, some experiments have been conducted to show both the correct functioning of the resulting implementation and to examine if there is a performance improvement. Following this some conclusions are drawn based upon a comparison with a traditional AAA server.

A key element of the change in AAA which is proposed is the use of a non-binary IEEE 802.1x process. This new non-binary solution introduces a new type of AAA server and requires the re-thinking of a number of traditional AAA design decisions. It is expected that this change will have a significant impact, but will require some time for exposure, implementation by others, and a more extensive evaluation that was possible during the period of this thesis project.

One of the most important conclusions drawn during this thesis is the difficulty of making a change in authentication and authorization, because of the large amount of interaction between both the various protocols and the standards which have been developed for these protocols. Thus one of the difficult aspects of the task is how to introduce a change in a protocol while maintaining backward compatibility for others who have not adopted this change -- without requiring the addition of a protocol version field.

A second important conclusion is that doing this implementation in three separate parts with different students being responsible for the different parts revealed just how complex the interaction of protocol design decisions are. While a working version of the entire set of changes proved to be impossible, it was observed that the different parts could be decoupled more than initially expected.

Place, publisher, year, edition, pages
2008. , 104 p.
Series
Trita-ICT-COS, ISSN 1653-6347 ; COS/CCS 2008-19
Keyword [en]
AAA, RADIUS, FreeRADIUS, authentication, non-binary authentication, IEEE 802.1x
National Category
Communication Systems
Identifiers
URN: urn:nbn:se:kth:diva-91684OAI: oai:DiVA.org:kth-91684DiVA: diva2:511017
Subject / course
Computer Communication
Educational program
Master of Science - Internetworking
Presentation
2008-09-11, Seminar room Grimeton, Isafjordsgatan 22, Kista, 13:00 (English)
Uppsok
Technology
Supervisors
Examiners
Available from: 2012-03-20 Created: 2012-03-19 Last updated: 2013-09-09Bibliographically approved

Open Access in DiVA

fulltext(713 kB)853 downloads
File information
File name FULLTEXT01.pdfFile size 713 kBChecksum SHA-512
0da1323a964db880e5b77fcb234d6b05afb0c5cb36c0d28bf9d96e403e186830f888265cda999c752ad2392deab82690e3649d72a71198e95795db8031a62141
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Zhou, Jia
By organisation
Communication Systems, CoS
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 853 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 153 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf