EBOOK - AAA and Network Security for Mobile Access (Madjid Nakhjiri & Mahsa Nakhjiri)
6 thg 6, 2018 | 14:51

EBOOK - AAA and Network Security for Mobile Access (Madjid Nakhjiri & Mahsa Nakhjiri)


EBOOK - An ninh mạng khi truy cập di động (Madjid Nakhjiri & Mahsa Nakhjiri) - 318 Trang.

The market for mobile computers and commmunication devices continues to grow, which means that every year there are more and more of them. This is creating numerous opportunities for network providers and operators of all sorts, because many of these devices derive their usefulness from their ability to get access to the Internet.

Recently, within the IETF, there has been a surge of interest in creating new protocols and protocol interfaces to better enable operators to take advantage of these opportunities. These new protocols, taken as a whole, bring about a new kind of operator operation known as “AAA services”, thus the title of the book. Madjid, one of the two authors of this book, is known to me as a regular in several IETF working groups, and his work is well represented within this book.

CONTENTS:

Chapter 1 The 3 “A”s: Authentication, Authorization, Accounting 1
1.1 Authentication Concepts 1
1.1.1 Client Authentication 2
1.1.2 Message Authentication 4
1.1.3 Mutual Authentication 5
1.1.4 Models for Authentication Messaging 6
1.1.4.1 Two-Party Authentication Model 6
1.1.4.2 Three-Party Authentication Model 6
1.1.5 AAA Protocols for Authentication Messaging 7
1.1.5.1 User–AAA Server 7
1.1.5.2 NAS–AAA Server Communications 7
1.1.5.3 Supplicant (User)–NAS Communications 8
1.2 Authorization 8
1.2.1 How is it Different from Authentication? 8
1.2.2 Administration Domain and Relationships with the User 9
1.2.3 Standardization of Authorization Procedures 10
1.2.3.1 Authorization Messaging 12
1.2.3.2 Policy Framework and Authorization 12
1.3 Accounting 13
1.3.1 Accounting Management Architecture 13
1.3.1.1 Accounting Across Administrative Domains 14
1.3.2 Models for Collection of Accounting Data 15
1.3.2.1 Polling Models for Accounting 15
1.3.2.2 Event-Driven Models for Accounting 15
1.3.3 Accounting Security 17
1.3.4 Accounting Reliability 17
1.3.4.1 Interim Accounting 18
1.3.4.2 Transport Protocols 18
1.3.4.3 Fail-Over Mechanisms 18
1.3.5 Prepaid Service: Authorization and Accounting in Harmony 19
1.4 Generic AAA Architecture 19
1.4.1 Requirements on AAA Protocols Running on NAS 21
1.5 Conclusions and Further Resources 23
1.6 References 23
Chapter 2 Authentication 25
2.1 Examples of Authentication Mechanisms 25
2.1.1 User Authentication Mechanisms 26
2.1.1.1 Basic PPP User Authentication Mechanisms 27
2.1.1.2 Shortcoming of PPP Authentication Methods 29
2.1.1.3 Extensible Authentication Protocol (EAP) as Extension to PPP 30
2.1.1.4 SIM-Based Authentication 30
2.1.2 Example of Device Authentication Mechanisms 31
2.1.2.1 Public Key Certificate-Based Authentication 32
2.1.2.2 Basics of Certificate-Based Authentication 32
2.1.3 Examples of Message Authentication Mechanisms 33
2.1.3.1 HMAC-MD5 34
2.2 Classes of Authentication Mechanisms 36
2.2.1 Generic Authentication Mechanisms 41
2.2.1.1 Extensible Authentication Protocol (EAP) 41
2.2.1.2 EAP Messaging 42
2.3 Further Resources 44
2.4 References 45
Chapter 3 Key Management Methods 47
3.1 Key Management Taxonomy 47
3.1.1 Key Management Terminology 47
3.1.2 Types of Cryptographic Algorithms 49
3.1.3 Key Management Functions 50
3.1.4 Key Establishment Methods 51
3.1.4.1 Key Transport 51
3.1.4.2 Key Agreement 52
3.1.4.3 Manual Key Establishment 53
3.2 Management of Symmetric Keys 54
3.2.1 EAP Key Management Methods 54
3.2.2 Diffie–Hellman Key Agreement for Symmetric Key Generation 58
3.2.2.1 Problems with Diffie–Hellman 60
3.2.3 Internet Key Exchange for Symmetric Key Agreement 61
3.2.4 Kerberos and Single Sign On 62
3.2.4.1 Kerberos Issues 65
3.2.5 Kerberized Internet Negotiation of Keys (KINK) 66
3.3 Management of Public Keys and PKIs 67
3.4 Further Resources 68
3.5 References 69
Chapter 4 Internet Security and Key Exchange Basics 71
...

LINK DOWNLOAD


EBOOK - An ninh mạng khi truy cập di động (Madjid Nakhjiri & Mahsa Nakhjiri) - 318 Trang.

The market for mobile computers and commmunication devices continues to grow, which means that every year there are more and more of them. This is creating numerous opportunities for network providers and operators of all sorts, because many of these devices derive their usefulness from their ability to get access to the Internet.

Recently, within the IETF, there has been a surge of interest in creating new protocols and protocol interfaces to better enable operators to take advantage of these opportunities. These new protocols, taken as a whole, bring about a new kind of operator operation known as “AAA services”, thus the title of the book. Madjid, one of the two authors of this book, is known to me as a regular in several IETF working groups, and his work is well represented within this book.

CONTENTS:

Chapter 1 The 3 “A”s: Authentication, Authorization, Accounting 1
1.1 Authentication Concepts 1
1.1.1 Client Authentication 2
1.1.2 Message Authentication 4
1.1.3 Mutual Authentication 5
1.1.4 Models for Authentication Messaging 6
1.1.4.1 Two-Party Authentication Model 6
1.1.4.2 Three-Party Authentication Model 6
1.1.5 AAA Protocols for Authentication Messaging 7
1.1.5.1 User–AAA Server 7
1.1.5.2 NAS–AAA Server Communications 7
1.1.5.3 Supplicant (User)–NAS Communications 8
1.2 Authorization 8
1.2.1 How is it Different from Authentication? 8
1.2.2 Administration Domain and Relationships with the User 9
1.2.3 Standardization of Authorization Procedures 10
1.2.3.1 Authorization Messaging 12
1.2.3.2 Policy Framework and Authorization 12
1.3 Accounting 13
1.3.1 Accounting Management Architecture 13
1.3.1.1 Accounting Across Administrative Domains 14
1.3.2 Models for Collection of Accounting Data 15
1.3.2.1 Polling Models for Accounting 15
1.3.2.2 Event-Driven Models for Accounting 15
1.3.3 Accounting Security 17
1.3.4 Accounting Reliability 17
1.3.4.1 Interim Accounting 18
1.3.4.2 Transport Protocols 18
1.3.4.3 Fail-Over Mechanisms 18
1.3.5 Prepaid Service: Authorization and Accounting in Harmony 19
1.4 Generic AAA Architecture 19
1.4.1 Requirements on AAA Protocols Running on NAS 21
1.5 Conclusions and Further Resources 23
1.6 References 23
Chapter 2 Authentication 25
2.1 Examples of Authentication Mechanisms 25
2.1.1 User Authentication Mechanisms 26
2.1.1.1 Basic PPP User Authentication Mechanisms 27
2.1.1.2 Shortcoming of PPP Authentication Methods 29
2.1.1.3 Extensible Authentication Protocol (EAP) as Extension to PPP 30
2.1.1.4 SIM-Based Authentication 30
2.1.2 Example of Device Authentication Mechanisms 31
2.1.2.1 Public Key Certificate-Based Authentication 32
2.1.2.2 Basics of Certificate-Based Authentication 32
2.1.3 Examples of Message Authentication Mechanisms 33
2.1.3.1 HMAC-MD5 34
2.2 Classes of Authentication Mechanisms 36
2.2.1 Generic Authentication Mechanisms 41
2.2.1.1 Extensible Authentication Protocol (EAP) 41
2.2.1.2 EAP Messaging 42
2.3 Further Resources 44
2.4 References 45
Chapter 3 Key Management Methods 47
3.1 Key Management Taxonomy 47
3.1.1 Key Management Terminology 47
3.1.2 Types of Cryptographic Algorithms 49
3.1.3 Key Management Functions 50
3.1.4 Key Establishment Methods 51
3.1.4.1 Key Transport 51
3.1.4.2 Key Agreement 52
3.1.4.3 Manual Key Establishment 53
3.2 Management of Symmetric Keys 54
3.2.1 EAP Key Management Methods 54
3.2.2 Diffie–Hellman Key Agreement for Symmetric Key Generation 58
3.2.2.1 Problems with Diffie–Hellman 60
3.2.3 Internet Key Exchange for Symmetric Key Agreement 61
3.2.4 Kerberos and Single Sign On 62
3.2.4.1 Kerberos Issues 65
3.2.5 Kerberized Internet Negotiation of Keys (KINK) 66
3.3 Management of Public Keys and PKIs 67
3.4 Further Resources 68
3.5 References 69
Chapter 4 Internet Security and Key Exchange Basics 71
...

LINK DOWNLOAD

M_tả
M_tả

Chuyên mục:

Không có nhận xét nào: