Abstract
Network connectivity has undergone a significant change since the appearance and increasing deployment of IEEE 802.11 technology. Wireless links are inherently insecure and, in order to secure them, the IEEE 802.11i amendment has defined the security mechanisms to be used. The solution described in IEEE 802.11i is applicable, in theory, to both infrastructure and ad-hoc networks. Nevertheless, the great deployment of wireless access points and the potential economical benefits derived from it impelled the standardization bodies to provide a security solution for IEEE 802.11 access links. Therefore, IEEE 802.11i has been designed as an infrastructure-oriented solution, and some of the design decisions are not the most appropriate for its use in peer-to-peer communications, showing several limitations to secure ad-hoc networks. We have found the same drawbacks when trying to adapt the IEEE 802.1X model for providing end-to-end security at the link layer between Ethernet peers. We have identified the shortcomings of the standardized solution for its application in securing peer-to-peer communications, and we propose some modifications to the IEEE 802.1X model that help to overcome those limitations. These modifications have been implemented and functionally tested for establishing secure communications between end stations in Ethernet networks.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
IEEE-SA Standards Board, IEEE 802.1XTM. IEEE Standard for Local and metropolitan area networks – Port-Based Network Access Control (2004)
IEEE-SA Standards Board, IEEE 802.11TM. IEEE Standards for Information Technology – Telecommunications and Information Exchange between Systems – Local and Metropolitan Area Network – Specific Requirements – Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications (1999)
IEEE-SA Standards Board, IEEE 802.11iTM. IEEE Standard for Information Technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications – Amendment 6: Medium Access Control (MAC) Security Enhancements (2004)
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP). IETF RFC 3748 (2004)
Chen, J., Wang, Y.: Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience. IEEE Communications Magazine 43(12), 26–32 (2005)
Borisov, N., Goldberg, I., Wagner, D.: Intercepting Mobile Communications: The Insecurity of 802.11. In: MobiCom 2001: Proceedings of the 7th annual international conference on Mobile computing and networking, pp. 180–189 (2001)
Chen, J., Jiang, M., Liu, Y.: Wireless LAN security and IEEE 802.11i. IEEE Wireless Communications 12(1), 27–36 (2005)
http://europa.eu.int/information_society/eeurope/2005/all_about/action_plan/index_en.htm
Dubrawsky, I.: SAFE Enterprise Layer 2 Addendum. Cisco Systems Whitepaper (2004), http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/sfblu_wp.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sáiz, P., Matías, J., Jacob, E., Bustamante, J., Astarloa, A. (2006). Adaptation of IEEE 802.1X for Secure Session Establishment Between Ethernet Peers. In: Bagchi, A., Atluri, V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11961635_15
Download citation
DOI: https://doi.org/10.1007/11961635_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68962-1
Online ISBN: 978-3-540-68963-8
eBook Packages: Computer ScienceComputer Science (R0)