1 / 11

Authentication Center for SDP Federation

Motorola Israel project showcasing SDP Federation Authentication Center prototype. The team's system architecture and network authentication details, including EAP-MD5 state machine, protocols conversion, and authentication sequences are presented. The future steps involve DIAMETER server integration, Parlay interfaces implementation, and testing plan development.

dansby
Download Presentation

Authentication Center for SDP Federation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Motorola Israel Project: Authentication Center for SDP Federation Prototype Presentation The Team: Alina Mirinzon Gabi Brontvin Raz Zieber Dadi Suissa

  2. System Architecture Legend:

  3. Prototype Network Authentication: • Authentication process – EAP-MD5 state machine & GUI • SDP Authentication server stub – (DIAMETER server) • Protocols conversion (RADIUS DIAMETER) • Xsupplicant (access request) • Sniffer

  4. Prototype SDP Authentication : • Authentication process – part of state machine & GUI • SDP authentication server stub – (DIAMETER server) • Parlay interfaces implementation (partial) • Application (service request & GUI) • Service stub • RMI communication (server & client)

  5. SDP Authentication Sequence Application Authentication Center Select Hash Algorithm Challenge Challenge Response Authenticate AC with Challenge Response Authentication AC succeed Handshake Challenge Challenge Response Authenticate Application with Challenge Response Authentication Application succeed

  6. SDP Authentication Sequence SDP Authentication Servers Application Authentication Center Request IpAccess IpAccess Register to services Loop Authentication Process Authenticate each requested service Authentication answer for each requested service Final authentication answer SDP Services Provider Servers If (Final authentication answer = true) Use services

  7. Network Authentication

  8. Network Authentication EAPOL Frame Format : Packet type field :

  9. Network Authentication EAP Packet Format : EAP code types : EAP authentication types : The ID is one byte for matching requests and responses. Length is the byte count including the code, ID, length and data fields. The data field format varies depending on the code field. Types 3 and 4, Success and Failure are easy to describe: they have no data field (0 bytes). Types 1 and 2 share a format.

  10. Next Steps… • DIAMETER server & client – establishment, configure & integration • Continue protocol conversion – according to DIAMETER server • Continue Parlay interfaces implementation • Certificate Authority development • Building repository • Testing plan documents • User manual • Final system delivery tests • Integration at costumer site

  11. Authentication Center for SDP Federation Thank You !

More Related