Header
Home | Sitemap  
Sections
Syndication


Home : Wi-Fi Security : Using Kerberos, RADIUS, and LDAP for WLAN Authentication

Using Kerberos, RADIUS, and LDAP for WLAN Authentication

by


   

Using Kerberos, RADIUS, and LDAP for WLAN Authentication

While wireless networking applications benefit from location independence and freedom of mobility, they all have the same security challenge— authentication. When considering a security implementation, authentication is a key component of any security solution. Mutual authentication, where both the client and the server must authenticate with each other, is used to ensure that only authorized users are allowed on the network. Kerberos, Remote Authentication Dial-In User Service (RADIUS), and LDAP are popular and useful authentication solutions that meet this security challenge in WLANs.

Kerberos is designed to enable two parties to exchange private information across an otherwise insecure network. Kerberos provides mutual authentication between a client and a server, as well as between servers, before a network connection can be opened. It uses a technique that involves a shared secret, which works much like a password. This happens by assigning a unique key, called a ticket, to each user who logs on to the network. The ticket is then embedded in messages to identify the sender of the message.

RADIUS servers are robust, scalable servers that provide authentication, authorization, and accounting (AAA) functions and advanced policy and custom configuration management to control user access to wired and wireless networks. Radius and LDAP are often used together in WLAN applications.

The Lightweight Directory Access Protocol (LDAP) is an extensible, vendor-independent network protocol standard, an authentication system, and a directory service that is based on the X.500 Directory Services model. LDAP is an information repository as well as a protocol for querying and manipulating the data in an LDAP directory. LDAP is one of the most widely used authentication directories in modern networks. LDAP is based on the standards contained within the X.500 standard but is much simpler and supports TCP/IP, which is necessary for any type of Internet access. Many of today's WLAN security devices, such as Enterprise Wireless Gate-ways (EWGs), have native LDAP client support.


848 times read

Related news
» Kerberos
by admin posted on Aug 17,2007
» Wireless Domain Services for IEEE 802.1X Local Authentication Service and Fast Secure Roaming Support
by admin posted on Dec 10,2006


More Top News
Cisco Wireless Networking
arrow What is a WLAN?
arrow How does a Wireless LAN Work?
arrow WLAN Benefits
arrow WLAN Design Considerations
arrow Accounting for the Fresnel Zone and Earth Bulge
arrow Radio Frequency Interference
arrow Interference from Radio Transmitters
arrow Harmonics
arrow Application Considerations
arrow Structural Considerations
arrow Security Considerations
arrow Network Management Considerations
arrow WLAN Modes of Operation
arrow What is a Wireless-aware LAN?
arrow Wireless-aware LAN Benefits
arrow Wireless Domain Services for IEEE 802.1X Local Authentication Service and Fast Secure Roaming Support
arrow Rogue AP Detection and Locatio
arrow Interference Detection to Isolate and Locate Network Interference
arrow Simplified WLAN Deployment Processes with Assisted Site Surveys
arrow Streamlined WLAN Management and Operations Support
arrow Seamless Delivery of Enhanced Network Security Solutions
arrow Radio Frequency (RF) Basics
arrow Transmitting Radio Signals over EM Waves
arrow Rogue AP Detection and Locatio
arrow Anatomy of a Waveform
arrow Propagating a Strong Radio Signal
arrow Understanding Signal Power and S/N Ratio
arrow Attenuation
arrow Bouncing
arrow Who Uses Wireless Technology?
arrow Wireless Security Filtering
arrow Wireless Security WPA
Most Popular
Featured Author

RhiFaT

image
Wireless Resources   Privacy Policy
If you think you own the material being used without permission, contact rhifat[at]hotmail.com. material will be removed from the site.