1 / 21

IEEE 802

IEEE 802. IEEE802 family Working group IEEE802.1 Connecting to IEEE802.1x network. CONTENT. Family of IEEE standards dealing with local area networks (LAN) and metropolitan area networks (MAN) Work is done in working groups More on URL: http://www.ieee802.org/

lowe
Download Presentation

IEEE 802

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IEEE 802

  2. IEEE802 family Workinggroup IEEE802.1 Connecting to IEEE802.1xnetwork CONTENT

  3. Familyof IEEE standardsdealing with local area networks(LAN)and metropolitan area networks(MAN) • Work is done in workinggroups • More on URL: http://www.ieee802.org/ • challange: Go to thewebsiteandreviewthecontents. IEEE 802

  4. Basicarchitecture: • bottom: mediaaccessControl(MAC) • top: logicallinklayer(LLC) • Seperateaccessto themediumandaddressing -> transfer offrames IEEE 802 ARCHITECTURE

  5. uniform frameaddressingspace (local) networkhas to knowhow to correctlysendframes TRANSPORT AND TOPOLOGY IEEE 802

  6. IEEE 802.1 Bridging (networking) and Network Management IEEE 802.2 Logical Link Control – LLC IEEE 802.3 Ethernet IEEE 802.4 Token bus IEEE 802.5 Defines the MAC layer for a Token Ring IEEE 802.6 MANs IEEE 802.7 Broadband LAN using Coaxial Cable IEEE 802.8 Fiber Optic TAG IEEE 802.9 Integrated Services LAN IEEE 802.10 Interoperable LAN Security IEEE 802 FAMILY

  7. IEEE 802.11 Wireless LAN (WLAN) & Mesh (Wi-Fi certification) IEEE 802.12 demand priority IEEE 802.13 Used for 100BASE-X Ethernet IEEE 802.14 Cable modems IEEE 802.15 Wireless PAN (Bluetooth, ...) IEEE 802.16 Broadband Wireless Access (WiMAX certification) IEEE 802.17 Resilient packet ring IEEE 802.18 Radio Regulatory TAG IEEE 802.19 Coexistence TAG IEEE 802.20 Mobile Broadband Wireless Access IEEE 802.21 Media Independent Handoff IEEE 802.22 Wireless Regional Area Network IEEE 802.23 Emergency Services Working Group (march 2010) IEEE 802 FAMILY

  8. Bridging (networking) and Network Management • Connectingbetweensub-networks • Networkmanagement (forexample: smallestspanningtree) • Networksecurity • Working on top of LLC • More on URL: http://www.ieee802.org/1/ • challange: Go to the website and review the contents. IEEE 802.1 – BRIDGING AND network MANAGEMENT

  9. 802.1b: LAN/MAN management (removed) 802.1d: bridges on MAC layer 802.1e – 802.1g: removed 802.1h: Ethernet MAC bridges 802.1q: virtual LAN (VLAN) 802.1x: networkaccesscontrol (Port Based Network Access Control) IEEE 802.1 workinggroup

  10. 802.1ab: stations, accesscontrolofthemediumandconectivitysearching 802.1ae: security on MAC layer 802.1ar: safeunitidentification 802.1as: time synchronizationandtime-sensitiveaplications in networkswithbridges 802.1ax: linkaggregation 802.1ba: avdio/video systemswithbridges IEEE 802.1 Workinggroup

  11. Networkaccess is a service, thatenablesusageofotherservices • Webaccess, ... • more on URL http://www.ieee802.org/1/pages/802.1x-2004.html • challange: Go to the website and review the contents. NetworkconNectionmanagement (IEEE 802.1x)

  12. Network access is a service, that enables usage of other services • Webaccess, ... • Usageof a servicecanbefree or controled • Forcontroledusageofserviceweneed to: • Findout, who is a potentialuser; and • ifhehaspremissionforusageofservice. • authenticationandauthorisation (loggingalsosomewhere) • task: somehowinsert AAA intoestablishmentofconecting to network NetworkconNectionmanagement (IEEE 802.1x)

  13. There are threebuildingblocks: • supplicant • authenticator • authenticationserver • supplicantsigns in to authenticator, thatcheckshisidentityon authenticationserverandifhe is authorisedforaccess to thenetwork • task: embend EAP on datalinklayer • challange: How(!) authenticatorreallyenablesaccess to networkforsupplicant? IEEE 802.1x arhitektura RADIUS EAP • authenticationserver • supplicant • authenticator

  14. standard IEEE 802.1xdefines EAP on datalinklayer – EAP over LAN -> EAPOL • Later EAPOL wasalso used in otherworkgroups IEEE 802.1x: • 802.1ae: security on MAC layer • 802.1ar: safeidentificationofunits • EAPOL is defined so thathiscontent is sentdirectly in Ethernetframeswithcontentsbadge0x888E: • Preamble (7-bytes) Start Frame Delimiter (1-byte) • Dest. MAC Address (6-bytes) Source MAC Address (6-bytes) • Length / Type (2-bytes) • MAC Client Data (0-n bytes) • Pad(0-p bytes) Frame Check Sequence (4-bytes) IEEE 802.1x EAPOL

  15. Defined in RFC 3748 Supportfordifferentauthenticationprotocols steppingprotocol EAP – FOR REFreshment

  16. inicialization: whenavtenticator (usualyalsoswitch, WLAN accesspointetc.) detectsnewsupplicant, heenableshimonly IEEE 802.1xcomunication • Fromhere on EAP protocolstarts IEEE 802.1x – HOW DOES IT operate RADIUS EAP • authenticationserver • supplicant • authenticator

  17. invitation: authenticator (periodicaly) sendsinvitation to supplicant, to introducehimself • Supplicantintroduceshimself to authenticator, whichsendsintroduction to avtenticationserver (RADIUS) • Avtenticator is nowjustan in betweenserverforavtenticationserver –avtenticationserver is the one thatactualyperformstheauthentication • trust!! betweenauthenticatorandautenticationserver • challange: How to program thattrust? IEEE 802.1x – HOW DOES IT operate (continued) RADIUS EAP • authenticationserver • supplicant • authenticator

  18. negotiation: is performedbetweensupplicantandauthenticatorin accordancewith EAP protocol • whichauthenticacionprotocol, • challangeandresponse, ... IEEE 802.1x – HOW DOES IT operate (continued) RADIUS EAP • authenticationserver • supplicant • authenticator

  19. authentication: supplicantauthenticationalone authenticator, whenserverauthenticatessupplicant, hegranteshimaccess to thelocalnetwork IEEE 802.1x – HOW DOES IT operate (continued) RADIUS EAP • authenticationserver • supplicant • authenticator

  20. federationsauthenticationservers, whotrusteachother • userofwicheverservercanauthenticatehimself at wicheverauthenticator in federation • Challange: Where is nowasimetriccriptography, that EDUROAM uses in protocolforauthentication? Forauthenticationofwho do weuse it? Answer in the forum forextrapoints. EDUROAM

  21. Thankyouforyourattention and goodluck!

More Related