Title | ||
---|---|---|
Establishing A Session Database For Sdn Using 802.1x And Multiple Authentication Resources |
Abstract | ||
---|---|---|
Network control systems based on identities allow fine-grained access control for users. They require a network-wide session database containing information about active authenticated and authorized users. We propose an authentication and authorization (AA) module (AAM) as a controller application for software-defined networking to establish a network-wide session database and provide a prototypical implementation with OpenFlow. End systems issue authentication requests and the switch redirects them to the AAM. The AAM either relays them to a RADIUS server as in legacy 802.1X (pass-through mode) or processes them based on directly attached AA resources (authentication server mode). After successful authentication, the AAM authorizes the requesting user and maintains a network-wide session database of authenticated and authorized identities. As the AAM interfaces to end systems and AA resources through existing protocols, i.e., EAP and RADIUS, its use is compatible with current infrastructures. Through implementation as distributed network functions, the AAM can be scaled so that high rates of authentication requests can be supported. |
Year | Venue | Field |
---|---|---|
2017 | 2017 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC) | Control theory,Authentication,Authentication server,Computer science,Server,Authorization,Computer network,OpenFlow,Access control,Network control,Operating system,Database |
DocType | ISSN | Citations |
Conference | 1550-3607 | 1 |
PageRank | References | Authors |
0.36 | 8 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Frederik Hauser | 1 | 1 | 1.04 |
Mark Schmidt | 2 | 7 | 4.60 |
Michael Menth | 3 | 567 | 72.74 |