跳到主要內容

臺灣博碩士論文加值系統

(3.235.56.11) 您好!臺灣時間:2021/08/04 08:55
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:王裕平
研究生(外文):Yu-Ping Wang
論文名稱:WIRE1x之設計與實作
論文名稱(外文):Design and Implementation of WIRE1x
指導教授:陳志成陳志成引用關係
指導教授(外文):Jyh-Cheng Chen
學位類別:碩士
校院名稱:國立清華大學
系所名稱:通訊工程研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2004
畢業學年度:92
語文別:英文
論文頁數:48
中文關鍵詞:認証無線區域網路漫遊安全性
外文關鍵詞:WIRE1xIEEE 802.1xAAAEAPSecurityWireless LAN
相關次數:
  • 被引用被引用:0
  • 點閱點閱:149
  • 評分評分:
  • 下載下載:9
  • 收藏至我的研究室書目清單書目收藏:0
近幾年來,由於IEEE 802.11標準的制定,以及許多的廠商投入無線網路產品的研發與大量生產製造,使得無線區域網路建置的區域越來越廣泛,使用率也越來越普及,然而在實際應用時,卻產生了一些急待解決的問題。首先,無線區域網路安全性與否的問題,己深受大家的關注與廣泛的討論,其中,如何選擇一套正確且彈性的認証機制,以利未來大規模的建置與漫遊整合,更是最重要的一環,以上這些問題的解決,必能加快無線區域網路的蓬勃發展。

在清華大學校園中,資訊系和計算機與通訊中心決定採用國際標準的認証機制IEEE 802.1x,作為校內無線網路的認証機制。要使用此標準,使用者的電腦中,必須要有支援supplicant的功能。不過,由於大多數的使用者使用微軟視窗作業系統,但是在微軟視窗作業系統上,並沒有提供一套完整的supplicant,為了配合學校的決策,並讓所有微軟視窗作業系統的使用者都能通過認證並且使用無線網路,我們開始著手WIRE1x的開發。在本論文中,將詳細地介紹WIRE1x之設計與實作,並分享我們實作supplicant的經驗給有興趣了解實際程式運作的讀者。目前,WIRE1x也己經實際應用於清華大學校園內的無線網路認證系統。

WIRE1x是由WIRE Lab.開發的一套IEEE 802.1x client (supplicant)開放原始碼的軟體,可以在網頁http://wire.cs.nthu.edu.tw/wire1x/index.html免費的下載使用。WIRE1x於2003年6月發表,目前己有將近10000人次瀏覽,並且有將近2350人次下載執行檔。
This thesis presents the design and implementation of WIRE1x. The motivation and contribution are also introduced. The WIRE1x is an open source implementation of IEEE 802.1x client (supplicant) developed by the Wireless Internet Research & Engineering (WIRE) Laboratory.
The IEEE 802.1x standard defines a port-based network access control to authenticate and authorize devices interconnected by various IEEE 802 LANs. IEEE 802.11i also
incorporates 802.1x as its authentication solution for 802.11 wireless LANs. The motivation for the development of WIRE1x is that many users are eager for a free software of 802.1x client to work with various versions of MSWindows. The WIRE1x has been practically used on the wireless LANs deployed at the National Tsing Hua University. This thesis illustrates all components ofWIRE1x exhaustively to let readers to comprehend the source code easily.
1. Introduction.....1
1.1. Motivation and Contribution
1.2. Organization of the Thesis
2. Background and Related Work.....4
2.1. Background
2.1.1. Overview of IEEE 802.1x
2.1.2. Overview of PPP Extensible Authentication Protocol (EAP)
2.1.3. Overview of some AAA Servers
2.2. Wireless LAN Security
2.3. Wireless LAN Authentication
2.4. Other Implementations of IEEE 802.1x client
3. Design and Implementation of WIRE1x.....24
3.1. Introduction
3.2. Supplicant PAE State Machine
3.3. Open Source Libraries
3.3.1. WinPcap
3.3.2. Libnet
3.3.3. OpenSSL
3.4. EAP Authentication Methods
3.4.1. EAP-MD5
3.4.2. EAP-TLS
3.4.3. EAP-TTLS
3.4.4. EAP-PEAP
3.5. WIRE1x User’s Guide
3.5.1. How To Install
3.5.2. How To Use
4. Real World Application.....40
4.1. Intra-Realm Handoff
4.2. Authenticationatvisitednetwork
5. Summary.....44
Bibliorgaphy.....45
[1] IEEE Std 802.11i/D4.1, “Wireless medium access control (MAC) and physical layer (PHY) specifications: medium access control (MAC) security enhancements,” July
2003.
[2] IEEE Std 802.1X-2001, “IEEE standard for local and metropolitan area networks, port based network access control,” Oct. 2001.
[3] “Open1x.” http://www.open1x.org/.
[4] “freeRADIUS.” http://www.freeradius.org/.
[5] “WinPcap.” http://winpcap.polito.it/.
[6] “Libnet.” http://libnet.sourceforge.net/.
[7] “OpenSSL.” http://www.openssl.org/.
[8] L. Blunk and J. Vollbrecht, “PPP extensible authentication protocol (EAP).” IETF RFC 2284, Mar. 1998.
[9] C. Rigney, S.Willens, A. Rubens, andW. Simpson, “Remote authentication dial in user service (RADIUS).” IETF RFC 2865, June 2000.
[10] R. Rivest, “The MD5 message-digest algorithm.” IETF RFC 1321, Apr. 1992.
[11] B. Aboba and D. Simon, “PPP EAP TLS authentication protocol.” IETF RFC 2716, Oct. 1999.
[12] P. Funk and S. Blake-Wilson, “EAP tunneled TLS authentication protocol (EAPTTLS).”
draft-ietf-pppext-eap-tls-02.txt, Feb. 2002.
[13] H. Andersson, S. Josefsson, G. Zorn, D. Simon, and A. Palekar, “Protected EAP protocol (PEAP).” draft-josefsson-pppext-eap-tls-eap-02.txt, Feb. 2002.
[14] “Lightweight extensible authentication protocol - LEAP.” http://www.cisco.com/.
[15] P. R. Calhoun, J. Arkko, E. Guttman, G. Zorn, and J. Loughney, “Diameter base protocol.”
draft-ietf-aaa-diameter-12.txt, Aug. 2002.
[16] B. Aboba and J. Wood, “Authentication, Authorization and Accounting (AAA) Transport
Profile.” draft-ietf-aaa-transport-12.txt, Jan. 2003.
[17] B. Aboba, G. Zorn, and D. Mitton, “RADIUS and IPv6.” IETF RFC 3162, Aug. 2001.
[18] S. Kent and R. Atkinson, “Security Architecture for the Internet Protocol.” IETF RFC
2401, Nov. 1998.
[19] B. Aboba, J. Arkko, and D. Harrington, “Introduction to Accounting Management.”
IETF RFC 2975, Oct. 2000.
[20] R. Stewart, Q. Xie, K. Morneault, C. Sharp, H. Schwarzbauer, T. Taylor, I. Rytina,
M. Kalla, L. Zhang, and V. Paxson, “Stream Control Transmission Protocol.” IETF
RFC 2960, Oct. 2000.
[21] M. S. Chiba, G. Dommety, M. Eklund, D. Mitton, and B. Aboba, “Dynamic Authorization
Extensions to Remote Authentication Dial In User Service (RADIUS).” draftchiba-
radius-dynamic-authorization-20.txt, May 2003.
[22] P. R. Calhoun, S. Farrell, and W. Bulley, “Diameter CMS Security Application.” draftietf-
aaa-diameter-cms-sec-04.txt, Mar. 2002.
[23] D. Mitton, M. St.Johns, S. Barkley, D. Nelson, B. Patil, M. Stevens, and B.Wolff, “Authentication,
Authorization, and Accounting: Protocol evaluation.” IETF RFC 3127,
June 2001.
[24] T. Hiller and G. Zorn, “Diameter extensible authentication protocol (eap) application.”
draft-ietf-aaa-eap-00.txt, Dec. 2002.
[25] B. Aboba, P. Calhoun, S. Glass, T. Hiller, P. McCann, H. Shiino, P. Walsh, G. Zorn,
G. Dommety, C. Perkins, B. Patil, D. Mitton, S. Manning, M. Beadles, S. Sivalingham,
A. Hameed,M.Munson, S. Jacobs, B. Lim, B. Hirschman, R. Hsu, H. Koo, M. Lipford,
E. Campbell, Y. Xu, S. Baba, and E. Jaques, “Criteria for evaluating aaa protocols for
network access.” IETF RFC 2989, Nov. 2000.
[26] P. R. Calhoun, W. Bulley, A. C. Rubens, J. Haag, G. Zorn, and D. Spence, “Diameter
NASREQ application.” IETF Internet Draft,
[27] P. R. Calhoun, T. Johansson, and C. E. Perkins, “Diameter Mobile IP application.”
IETF Internet Draft,
[28] T. Dierks and C. Allen, “The TLS Protocol.” IETF RFC 2246, Jan. 1999.
[29] S. Kent and R. Atkinson, “IP Authentication Header.” IETF RFC 2402, Nov. 1998.
[30] S. Kent and R. Atkinson, “IP Encapsulating Security Payload (ESP).” IETF RFC 2406,
Nov. 1998.
[31] D. Harkins and D. Carrel, “The Internet Key Exchange (IKE).” IETF RFC 2409, Nov.
1998.
[32] J.-C. Chen, M.-C. Jiang, and Y.-W. Liu, “Wireless LAN security and IEEE 802.11i,”
IEEE Wireless Communications, 2004. To appear.
[33] S. Kent, B. Corp, and R. Atkinson, “Security Architecture for the Internet Protocol.”
IETF RFC 2401, Nov. 1998.
[34] “The InteropNet Labs (iLabs).” http://www.ilabs.interop.net/WLANSec/About Uslv03.
pdf.
[35] “The InteropNet Labs (iLabs).” http://www.ilabs.interop.net/WLAN Sec 2002
Spring/ni 2002 las about us.pdf.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top