Paper Info
Title
Establishing A Session Database For Sdn Using 802.1x And Multiple Authentication Resources
Abstract
Network control systems based on identities allow fine-grained access control for users. They require a network-wide session database containing information about active authenticated and authorized users. We propose an authentication and authorization (AA) module (AAM) as a controller application for software-defined networking to establish a network-wide session database and provide a prototypical implementation with OpenFlow. End systems issue authentication requests and the switch redirects them to the AAM. The AAM either relays them to a RADIUS server as in legacy 802.1X (pass-through mode) or processes them based on directly attached AA resources (authentication server mode). After successful authentication, the AAM authorizes the requesting user and maintains a network-wide session database of authenticated and authorized identities. As the AAM interfaces to end systems and AA resources through existing protocols, i.e., EAP and RADIUS, its use is compatible with current infrastructures. Through implementation as distributed network functions, the AAM can be scaled so that high rates of authentication requests can be supported.
Year
Venue
Field
2017
2017 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC)
Control theory,Authentication,Authentication server,Computer science,Server,Authorization,Computer network,OpenFlow,Access control,Network control,Operating system,Database
DocType
ISSN
Citations 
Conference
1550-3607
1
PageRank 
References 
Authors
0.36
8
3
Name
Order
Citations
PageRank
Frederik Hauser111.04
Mark Schmidt274.60
Michael Menth356772.74