Figure 4.1 shows the overall functional architecture for the network access authentication
arrangement including the functions, functional entities, and interfaces betwixt functional access control. This interface does not hold any functions for securing between the ultimate and network after network access dominion government has completed.
An end-to-extremity interface connecting the Supplicant with the Account Authority. betwixt the Supplicant and the Account Authority through the Authenticator, for all that the Authenticator does no more than route the to the proper Account Authority in a formal breeding roughly similar to an overlay netting. This interface involves functions that acknowledge the Supplicant to provide credentials in a make safe fashion to the Account Authority proving seal and authorization for services, and allowing the Account Authority to respond to the Supplicant about the result of the authentication and authorization put a damper upon, including key provisioning if the Account Authority food session keys to the Supplicant soon. In addition, the Supplicant can checkered cloth the identity of the Account Authority. Functions in the interface also allow the Account Authority to sign the credentials through a programmatic interface.
This interface connects the Authenticator and Account Authority. Functions in this interface permit secure communication between the Authenticator and the Account Authority, including the get possession of tunneling and routing of N2 messages betwixt the Supplicant and the Account Authority. In adding, the interface includes functions that concede the Account Authority to indicate whether audience has been granted to the Supplicant and to preparation session keys on the Authenticator, if the Account Authority is responsible despite provisioning keys on the Authenticator.
Figure 4.1 shows the overall functional architecture for the network access authentication
theory including the functions, functional entities, and interfaces between functional access control. This interface does not embrace any functions for securing between the end and network after network access superintendence has completed.
Once network access authentication is complete, functions in this interface get possession of the on-going user databetween the final and the network. This is not function of the network access control connected view but is part of the palladium architecture. We show this interface between the Supplicant and the Authenticator, granting, strictly speaking, the interface itself is betwixt the terminal and access point that are not network access control functional entities. The extremity and access point internally call on the subject of Supplicant and Authenticator functions, respectively, to bring about out the security functions.
No comments:
Post a Comment