| With the more deployment and the better Understanding of the WLAN, Unfortunately, significant problems have been exposed. Because WLAN transmissions are not confined to a wire, there are genuine concerns that the data on a WLAN that is broadcast for all to hear is not private or secure. In any case, the use of the ESSID as a handle to permit or deny access is dangerous since it is advertised in clear text in its beacons; Some manufacturers provided another form of access control via access control lists based on the Ethernet MAC address of the client. Using MAC filters is considered to be very weak security because on many wireless cards it is possible to change the MAC address by reconfiguring the card.A number of security concerns have been raised. Several vendors have implemented solutions that provide extra security in ways that require that the STA and the AP are from the same vendor. The 802.11 TGi group is working on new ways to replace WEP with schemes such as replacing the RC4 with AES and adding sequence numbers to packets to prevent replay attacks. Because of its providing a network access point for an adversary (potentially beyond the physical security controls of the organization), Wireless networking, more than any other networking technology, needs an authentication and access control mechanism.In this dissertation, the author dissertates the 802.11 technologies and analyzes its security by the numbers. And Roaming on WLAN. The whole solutions to WLAN security—"A whole WLAN information security protection"is proposed. In the solution platform, the author proposes the WLAN secure authentication scheme—TEAP. With the advantages of EAP-TLS & EAP-MD5, TEAP includes station authentication, users authentication and information authentication etc, so it can mitigate those flaws.The main contributions in this dissertation are summarized as the following: A clear elucidation of WLAN technology, especially its security technology, is given. The more detailed description of 802.11 based WLAN authentication is made. A port based access control protocol 802.1x is presented. The author analyzes its main principle and security. A conclusion that the combination of 802.11b and 802.1x could not offer the adequate security for WLAN is given. A general theory of authentication is discussed in detail. The author analyzes the main authentication technology and its shortcomings in WLAN... |
PDF Full Text Request