Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Center for SDP Federation

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Authentication Center for SDP Federation"— Presentation transcript:

1 Authentication Center for SDP Federation
Motorola Israel Project: Authentication Center for SDP Federation Prototype Presentation The Team: Alina Mirinzon Gabi Brontvin Raz Zieber Dadi Suissa

2 System Architecture Legend:

3 Prototype Network Authentication: Authentication process –
EAP-MD5 state machine & GUI SDP Authentication server stub – (DIAMETER server) Protocols conversion (RADIUS DIAMETER) Xsupplicant (access request) Sniffer

4 Prototype SDP Authentication : Authentication process –
part of state machine & GUI SDP authentication server stub – (DIAMETER server) Parlay interfaces implementation (partial) Application (service request & GUI) Service stub RMI communication (server & client)

5 SDP Authentication Sequence
Application Authentication Center Select Hash Algorithm Challenge Challenge Response Authenticate AC with Challenge Response Authentication AC succeed Handshake Challenge Challenge Response Authenticate Application with Challenge Response Authentication Application succeed

6 SDP Authentication Sequence
Servers Application Authentication Center Request IpAccess IpAccess Register to services Loop Authentication Process Authenticate each requested service Authentication answer for each requested service Final authentication answer SDP Services Provider Servers If (Final authentication answer = true) Use services

7 Network Authentication

8 Network Authentication
EAPOL Frame Format : Packet type field : EAP Packet 1 EAPOL Start 2 EAPOL Logoff 3 EAPOL Key 4 EAPOL Encapsulated ASF Alert

9 Network Authentication
EAP Packet Format : EAP code types : EAP authentication types : 1 Request 2 Response 3 Success 4 Fail 1 Identity 2 Notification 3 Nak (response only) 4 MD5-Challenge 5 One-Time Password 6 Generic Token Card The ID is one byte for matching requests and responses. Length is the byte count including the code, ID, length and data fields. The data field format varies depending on the code field. Types 3 and 4, Success and Failure are easy to describe: they have no data field (0 bytes). Types 1 and 2 share a format.

10 Next Steps… DIAMETER server & client –
establishment, configure & integration Continue protocol conversion – according to DIAMETER server Continue Parlay interfaces implementation Certificate Authority development Building repository Testing plan documents User manual Final system delivery tests Integration at costumer site

11 Authentication Center for SDP Federation
Thank You !

Download ppt "Authentication Center for SDP Federation"

Similar presentations

Authentication.

Authentication.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.

PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 12 Point-to-Point Access: PPP.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 12 Point-to-Point Access: PPP.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 4 Point to Point Protocol (PPP)
What is EAP EAP stands for Extensible Authentication Protocol. Offers a basic framework for authentication. Many different authentication protocols can.

What is EAP EAP stands for Extensible Authentication Protocol. Offers a basic framework for authentication. Many different authentication protocols can.
CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)

CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
WLAN Security Examining EAP and 802.1x. 802.1x works at Layer 2 to authentication and authorize devices on wireless access points.

WLAN Security Examining EAP and 802.1x x works at Layer 2 to authentication and authorize devices on wireless access points.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Ariel Eizenberg arielez@cs.huji.ac.il PPP Security Features Ariel Eizenberg arielez@cs.huji.ac.il.

Ariel Eizenberg PPP Security Features Ariel Eizenberg
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Authentication Center for SDP Federation Motorola Israel Project: ADD The Team: Alina Mirinzon Gabi Brontvin Raz Zieber Dadi Suissa.

Authentication Center for SDP Federation Motorola Israel Project: ADD The Team: Alina Mirinzon Gabi Brontvin Raz Zieber Dadi Suissa.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.

Chapter 5 Secure LAN Switching.  MAC Address Flooding Causing CAM Overflow and Subsequent DOS and Traffic Analysis Attacks.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Point to Point Protocol Operation. Point to Point Protocol Protocol Layers of PPP –Physical Layer –Data Link Layer – HDLC derivative –Other protocols.

Point to Point Protocol Operation. Point to Point Protocol Protocol Layers of PPP –Physical Layer –Data Link Layer – HDLC derivative –Other protocols.

Similar presentations

Ads by Google