110 likes | 127 Views
Motorola Israel project showcasing SDP Federation Authentication Center prototype. The team's system architecture and network authentication details, including EAP-MD5 state machine, protocols conversion, and authentication sequences are presented. The future steps involve DIAMETER server integration, Parlay interfaces implementation, and testing plan development.
E N D
Motorola Israel Project: Authentication Center for SDP Federation Prototype Presentation The Team: Alina Mirinzon Gabi Brontvin Raz Zieber Dadi Suissa
System Architecture Legend:
Prototype Network Authentication: • Authentication process – EAP-MD5 state machine & GUI • SDP Authentication server stub – (DIAMETER server) • Protocols conversion (RADIUS DIAMETER) • Xsupplicant (access request) • Sniffer
Prototype SDP Authentication : • Authentication process – part of state machine & GUI • SDP authentication server stub – (DIAMETER server) • Parlay interfaces implementation (partial) • Application (service request & GUI) • Service stub • RMI communication (server & client)
SDP Authentication Sequence Application Authentication Center Select Hash Algorithm Challenge Challenge Response Authenticate AC with Challenge Response Authentication AC succeed Handshake Challenge Challenge Response Authenticate Application with Challenge Response Authentication Application succeed
SDP Authentication Sequence SDP Authentication Servers Application Authentication Center Request IpAccess IpAccess Register to services Loop Authentication Process Authenticate each requested service Authentication answer for each requested service Final authentication answer SDP Services Provider Servers If (Final authentication answer = true) Use services
Network Authentication EAPOL Frame Format : Packet type field :
Network Authentication EAP Packet Format : EAP code types : EAP authentication types : The ID is one byte for matching requests and responses. Length is the byte count including the code, ID, length and data fields. The data field format varies depending on the code field. Types 3 and 4, Success and Failure are easy to describe: they have no data field (0 bytes). Types 1 and 2 share a format.
Next Steps… • DIAMETER server & client – establishment, configure & integration • Continue protocol conversion – according to DIAMETER server • Continue Parlay interfaces implementation • Certificate Authority development • Building repository • Testing plan documents • User manual • Final system delivery tests • Integration at costumer site
Authentication Center for SDP Federation Thank You !