- Hot search：
IEEE Std 802.1X-2020 pdf free download
IEEE Std 802.1X-2020 pdf free download.IEEE Standard for Local and Metropolitan Area Networks Port-Based Network Access Control.
All three roles are necessary to an EAP authentication exchange. The Authenticator and an Authentication Server can be co-located within the same system. allowing that system to perform the authentication function without the need ft)r communication with an external server. However most port-based network access control applications use a separate Authentication Server, to allow centralized administration of authorized parties and their credentials for Authenticators throughout a network. Protocol exchanges between the Authenticator PAE and the Authentication Server (if the server is not co-located with the Authenticator PAE) can be conducted via one or more of the system’s Controlled or Uncontrolled Ports.
NOTE 2—Communication between Authenticator and Authentication Server is outside the scope of this standard, hut typically uses an authentication protocol carried over appropriate higher layer protocols; e.g., EAP in RADIUS. Hence, the Authentication Server can be located outside of the confines of the LAN that supports the protocol exchanges between Supplicant and Authenticator, and the communication to the server need not be subject to the authentication state of the systems concerned. If a Controlled Port is used to achieve communication with the Authentication Server, protocol exchanges can only take place if the Controlled Port is in the authorized state.
The asymmetry in some port-based network access control applications defines appropriate system roles, for example a mobile personal computer that attaches to a network is a Supplicant and the port that supports its attachment an Authenticator. Other applications. e.g. securing the connection between two bridges in the core of a network, lack this natural asymmetry, A system may implement and enable both Authenticator and Supplicant state machines to support such applications, with the attendant possibility that two separate authentication exchanges will complete. The PAE uses MKA (sec 6.3.2) to ensure that communicating peers agree on the use of authentication results: each of the cryptographic keys that it uses (and the authorization data bound to that key) is derived from the result of a single exchange. By itself EAP (supported by PACP) lacks the capability to agree that the results of a particular exchange arc to be used, or indeed to confirm that the communicating peers both believe the same exchange has completed, and should not be used without MKA in applications where a single port requires simultaneous Authenticator and Supplicant functionality. However, if MACsec is not used further keys arc not required, so communication can and should proceed if either the Supplicant or the Authenticator authenticates successfully and MKA is not available.IEEE Std 802.1X-2020 pdf free download.
All resources on this website are from the Internet. It is only for personal study and research. No one is allowed to use it for any commercial purpose. If you need, please buy the genuine standard. If there is any infringement of your copyright, please contact the webmaster in time, and I will correct it immediately.
- Maybe you like
- Latest Updates
- ISO 287-2009 pdf free download
- ISO 527-5-2009 pdf free download
- ISO 659-2009 pdf free download
- ISO 660-2009 pdf free download
- ISO 712-2009 pdf free download
- ISO 725-2009 pdf free download
- ISO 730-2009 pdf free download
- ISO 927-2009 pdf free download
- ISO 2041-2009 pdf free download
- ISO 3040-2009 pdf free download
- ISO 3506-2-2009 pdf free download
- ISO 3506-3-2009 pdf free download