The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Protokol Pengesahan Boleh Diperluas (EAP) ialah rangka kerja pengesahan yang menyokong pelbagai mekanisme pengesahan [38] antara rakan sebaya dan pelayan pengesahan dalam rangkaian komunikasi data. EAP digunakan sebagai alat berguna untuk membolehkan pengesahan pengguna dan pengedaran kunci sesi. Terdapat banyak kaedah EAP yang telah dibangunkan oleh SDO global seperti IETF, IEEE, ITU-T dan 3GPP. Dalam makalah ini, kami menganalisis kaedah EAP yang paling banyak digunakan mulai daripada EAP-TLS [27] hingga EAP-PSK [25]. Di samping itu, kami memperoleh keperluan keselamatan kaedah EAP yang dipenuhi, menilai kaedah EAP biasa dari segi keperluan keselamatan dan membincangkan ciri kaedah EAP sedia ada yang digunakan secara meluas. Di samping itu, kami mengenal pasti dua kes penggunaan biasa untuk kaedah EAP. Akhir sekali, aktiviti penyeragaman global terkini dalam bidang ini dikaji semula.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Heung Youl YOUM, "Extensible Authentication Protocol Overview and Its Applications" in IEICE TRANSACTIONS on Information,
vol. E92-D, no. 5, pp. 766-776, May 2009, doi: 10.1587/transinf.E92.D.766.
Abstract: The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS [27] to the EAP-PSK [25]. In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E92.D.766/_p
Salinan
@ARTICLE{e92-d_5_766,
author={Heung Youl YOUM, },
journal={IEICE TRANSACTIONS on Information},
title={Extensible Authentication Protocol Overview and Its Applications},
year={2009},
volume={E92-D},
number={5},
pages={766-776},
abstract={The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS [27] to the EAP-PSK [25]. In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed.},
keywords={},
doi={10.1587/transinf.E92.D.766},
ISSN={1745-1361},
month={May},}
Salinan
TY - JOUR
TI - Extensible Authentication Protocol Overview and Its Applications
T2 - IEICE TRANSACTIONS on Information
SP - 766
EP - 776
AU - Heung Youl YOUM
PY - 2009
DO - 10.1587/transinf.E92.D.766
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E92-D
IS - 5
JA - IEICE TRANSACTIONS on Information
Y1 - May 2009
AB - The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS [27] to the EAP-PSK [25]. In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed.
ER -