Simulation platform and method based on IEEE802.1X security protocol of EAP

A technology of security protocol and simulation platform, applied in the field of simulation platform of IEEE802.1X security protocol, can solve the problem of no security authentication, single data receiving and forwarding function of wireless node, and seamlessly solve the problem of roaming access authentication. The effect of ensuring integrity and solving security authentication problems

Inactive Publication Date: 2009-02-04
XIDIAN UNIV
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0020] OPNET's original wireless nodes only have a single function of data receiving and forwarding, without the function of security authentication, and fundamentally cannot completely and seamlessly solve the authentication pro

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Simulation platform and method based on IEEE802.1X security protocol of EAP
  • Simulation platform and method based on IEEE802.1X security protocol of EAP
  • Simulation platform and method based on IEEE802.1X security protocol of EAP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0087] see figure 1 , the wireless node model consists of 6 process models, 6 data packet streams, and two statistical lines. Among them, the source and sink modules simulate the application layer, and the physical layer consists of the receiver wlan_port_rx0 and the transmitter wlan_port_tx0, which are responsible for receiving data packets sent by other nodes and sending data packets to other nodes. The two modules wlan_mac_intf and wireless_lan_mac simulate MAC media access The control layer; the wlan_mac_intf module is responsible for determining the target address; the wireless_lan_mac module is responsible for the fragmentation, encapsulation, queuing, and transmission of application layer data packets, and decapsulates, assembles, and transmits fragments received and forwarded by the physical layer to the application layer , while detecting collisions and forwarding packets.

[0088] The present invention improves the wireless_lan_mac module in the wireless node, adds ...

Embodiment 2

[0090] Overall composition is the same as embodiment 1, see image 3 .

[0091] The EAP authentication module is divided into two different roles: applicant and authenticator. In the applicant, implement the eap_supp module; in the authenticator, implement the eap_auth module; the two are connected to the network through their respective Backend background state machine and wireless_lan_mac module to realize mutual communication. OPNET's original wireless nodes do not distinguish between authenticators and applicants, see figure 1 composition. Wireless nodes can be regarded as both authenticators and applicants. There is only data communication between nodes, and there is no authentication process. See figure 2 .

[0092] In the simulation process, the present invention combines the authenticator and the authentication server into one, that is, the access point AP inside a basic service set BSS completes the function of the authentication server, and does not need to forw...

Embodiment 3

[0094] Overall composition is the same as embodiment 2, see image 3 .

[0095] The IEEE802.1X protocol is to solve the problem of Ethernet access authentication. It is not specially designed for WLAN, but it allows it to be used in a shared medium, so this protocol can be applied to IEEE802.11 WLAN that supports port-based network access control in the structure. The invention can obtain the equivalent model of IEEE802.1X finite state machine in OPNET through equivalent transformation, thereby ensuring the correctness of the established protocol model state machine in design. Confusion between model versions is avoided. We choose three state machines for equivalent transformation to complete the port control function in the authentication process, among which the Backend background state machine is mainly used for background authentication; the Port Timer port timer state machine is used for timeout control; the PAE port access entity module is used for port control.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a simulation platform based on the IEEE802.1X secure protocol of EAP as well as a method thereof, wherein, a wireless_lan_mac module in the original wireless node of OPNET is improved, and extended authentication modules are added including an EAP authentication module and a port control module, and the added parts and the wireless_lan_mac module are converged to add the function of security authentication successfully. The EAP authentication module is provided with an authenticator and an applicant communicating mutually to complete the security authentication, so the authentication process is presented completely, meanwhile, the complexity is not high and the simulation efficiency is rather good. The port control module is acquired through the equivalent transformation by a finite state machine of IEEE802.1X, the design correctness of a protocol model state machine is ensured, and the disorder among model versions is avoided. The invention realizes the simulation scene for roaming and re-authentication in different BSS of the wireless node, and solves the authentication problem of roaming access. The invention can ensure the integrity, non-repudiation and confidentiality of WLAN data, and can test other various realized wireless secure protocols and multimode access among various protocols on that basis.

Description

technical field [0001] The invention belongs to the field of simulation testing of wireless local area network (WLAN) security protocols, and relates to one of the security authentication protocols used in WLAN today—the EAP-based IEEE802.1X standard, specifically a simulation platform and method for the EAP-based IEEE802.1X security protocol . Background technique [0002] In recent years, WLAN has begun to dominate the local area network market. More and more organizations have found that WLAN is an indispensable assistant to traditional wired LANs. It can meet people's needs for mobility, layout changes, and self-organizing networks, and can cover areas where it is difficult to lay wired networks. With the rapid development of WLAN, various IEEE802.11x standards are constantly being updated, and new wireless network architectures and technologies are constantly being proposed, including WLAN security technologies. [0003] WLAN spreads through space through radio freque...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/08H04L12/28
Inventor 杨超朱振芳马建峰沈玉龙李兴华杨卫东郭伟高俊涛曾勇王超杨力马卓
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap