Authentication is an important part of the authentication authorization and accounting (AAA) schemes and the extensible authentication protocol (EAP) is a universally accepted framework for authentication commonly used in wireless networks and point-to-point protocol (PPP) connections. The main focus of this chapter is the technical details to examine how EAP is integrated into the architecture of next generation networks (NGN), such as in worldwide interoperability for microwave access (WiMAX), which is defined in the IEEE 802.16d and IEEE 802.16e standards and in current wireless protocols, such as IEEE 802.11i. This focus includes an overview of the integration of EAP with IEEE 802.1x, remote authentication dial in user service (RADIUS), DIAMETER, and pair-wise master key version (2PKv2).
Key Terms in this Chapter
DIAMETER: DIAMETER is an authentication, authorization, and accounting (AAA) protocol, an updated version of RADIUS.
AP: Access point (or wireless access point) is a device that connects wireless devices (i.e., mobile users [MUs], laptops, etc.) together. APs are usually connected to another device called wireless controller (WC). A wireless network is usually comprised of a WC and a few APs, servicing MUs.
EAP: Extensible authentication protocol is a universally famous authentication protocol accepted framework for authentication. Its integration with other security schemes usually produces strong frameworks for various wireless and wired applications.
DHCP: Dynamic host configuration protocol is a protocol that automatically manages (temporarily assign and release) IP addresses to devices on the network (wireless and wired).
TLS: Transport layer security is used mostly in client/server applications, which require endpoint authentication and communications privacy, particularly over the Internet. This is mostly done using cryptographic measures.
PKM: Privacy key management is a private key scheme used with EAP and TLS for providing end-to-end security schemes for wireless technologies.
PEAP: Protected EAP is a security method which transmits authentication information, including passwords. PEAP can be used in variety of scenarios including wireless and wired topologies.
RADIUS: Remote authentication dial in user service is an AAA protocol that works in a client/server application scenario. RADIUS oversees the authentication and authorization scheme of the session established between two entities. It is further updated by DIAMETER.
MD5: Message-digest algorithm 5 is a 128-bit hash function, which is a widely used cryptographic element. MD5 has shown some weaknesses; therefore it is not counted a robust scheme nowadays.
WiMAX: WiMAX stands for worldwide interoperability for microwave access, which has been defined by the WiMAX Forum, formed in 2001. WiMAX is also known as IEEE 802.16 standard, officially titled WirelessMAN and is an alternative to DSL (802.16d) and cellular access (802.16e).