Network access authentication infrastructure using EAP-TTLS on diameter EAP application

Yuki Atsuya, Souheil Ben Ayed, Fumio Teraoka

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In our universal AAA (Authentication, Authorization, and Accounting) infrastructure project, we have already developed the implementations of Diameter Base Protocol and Diameter EAP Application. As part of this project, we developed the first open-source of an EAP-TTLS server on Diameter EAP Application for network access control. EAP-TTLS is one of the authentication methods in EAP. EAP-TTLS has two phases. In phase 1, the user authenticates the EAP-TTLS server by the certificate of the EAP-TTLS server. In phase 2, the EAP-TTLS server authenticates the user by user's password transmitted through the secure tunnel established in phase 1. Our implementation supports several authentication methods in phase 2 such as PAP, CHAP, MS-CHAP, and MS-CHAPv2. It was made sure that the EAP-TTLS server worked correctly for several types of user terminals such as Windows, Linux, iPad, and Android. The evaluation results show that the processing time of the EAP-TTLS server is short enough for practical use.

Original languageEnglish
Title of host publicationAsian Internet Engineeering Conference, AINTEC 2011
Pages56-63
Number of pages8
DOIs
Publication statusPublished - 2011 Dec 1
Event7th Asian Internet Engineering Conference, AINTEC 2011 - Bangkok, Thailand
Duration: 2011 Nov 92011 Nov 11

Publication series

NameAsian Internet Engineeering Conference, AINTEC 2011

Other

Other7th Asian Internet Engineering Conference, AINTEC 2011
CountryThailand
CityBangkok
Period11/11/911/11/11

Keywords

  • AAA
  • Diameter
  • EAP
  • EAP-TTLS

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Network access authentication infrastructure using EAP-TTLS on diameter EAP application'. Together they form a unique fingerprint.

Cite this