We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byCesar Whitt
Modified over 3 years ago
EAP Channel Bindings TF-MNM Lyon, February 16, 2011 Alan DeKok FreeRADIUS
TF-MNM Lyon 2 AAA The problem AAA
TF-MNM Lyon 3 Its all lies NAS can lie to end user $0.02 per minute (really $0.10) Visited provider can lie to home server They used 10 hours (really 10 min)
TF-MNM Lyon 4 Solution Tell everyone what everyone else said In a secure fashion
TF-MNM Lyon 5 AAA The Solution AAA The NAS told me X I told the user X
TF-MNM Lyon 6 How it works Define a TLV in EAP to transport data Likely RADIUS RADIUS inside of EAP inside of TTLS inside of EAP inside of RADIUS Its a bit of a miracle that it works at all
TF-MNM Lyon 7 Security Exchange information after user has been authenticated Using keys derived from the EAP session Ensures authenticity and integrity of the data
TF-MNM Lyon 8 Benefits Increases the usefulness of roaming I dont know who the NAS is, but hes asking to charge the user $0.02/min, and the user has agreed.
TF-MNM Lyon 9 Questions?
Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.
Chapter 16 AAA. AAA Components AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.
Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
Paraphrasing (summarising). Why? Group question: What is paraphrasing? In pairs, discuss: Why and when is it useful to paraphrase?
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
Doc.: IEEE /303 Submission May 2001 Simon Blake-Wilson, CerticomSlide 1 EAP-TLS Alternative for Security Simon Blake-Wilson Certicom.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
Michal Procházka, Jan Oppolzer CESNET.
19 May 2003 © The JNT Association Terena Technical Advisory Council Terena Mobility Task Force
Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.
1 sip-aaa-req.PPT/ 16 Jul 2002 / John Loughney SIP-AAA Requirements John Loughney Gonzalo Camarillo IETF 54.
PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.
Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
What is gossip? When people spread rumors about another person it is called gossip. Gossip is talking about something that is not your problem.
© 2017 SlidePlayer.com Inc. All rights reserved.