| Summary: | 碩士 === 樹德科技大學 === 電腦與通訊研究所 === 92 === By the technology of Wireless Local Area Network (WLAN) was being developed rapidly, lots of schools and companies deploy WLAN. How to provide people a security environment of WLAN becomes an important issue from the viewpoints of users.
Therefore, many methods were proposed continually about WLAN security, such as the IEEE 802.1X standard which was ratified in July 2001 by IEEE. It is the latest standard of authentication mechanism on WLAN. By using the port-based access control, 802.1X can prevent unauthorized user from establishing network connections.
When the supplicant move across different zones, it is necessary to think about the problem of supplicant’s roaming among several APs. In the IEEE 802.11 standard, roaming is supported and defined as the Inter-Access Point Protocol standard, referred to as IEEE 802.11f. The IEEE 802.11f defines message exchanges between APs in order to provide a roaming mechanism.
Because 802.11f is still in the draft phase, it does not specify how to implement the supplicant authentication when roaming on WLAN. For the reason, we think that it will be more efficient if the number of times that the authentication server directly authenticates the supplicant can be decreased.
In this thesis, we use the authentication server to generate a ticket as a certificate for user authentication. When a supplicant roams to a new AP and the ticket is still valid, the AP will allow the supplicant to access network without being re-authenticated by the authentication server again.
|
|---|
