802.1x-based Wireless Lan User Access Control Method The Design And Realization

WLAN is widely deployed in economy, life and research places for its convenience and efficiency. WLAN is changing the traditional ways of working and studying and make it available to achieve high quality services of voice, data and image any time at any place. But the presenting security problems might become the development obstacle of WLAN because of the opening of radio transmission. This paper is based on the wireless self-organized network technology and analyzes the security control mechanism of wireless station's access to WLAN. It demonstrates that the authentication and encryption mechanism specified by IEEE 802.11 standard doesn't provide enough security guarantee to WLAN. And one-way authentication, WEP and statistical key derivation induce kinds of attacks to WLAN. This paper proposes the user security management system scheme based on port access control standard IEEE 802. 1x. It adopts EAP-TLS to provide dynamic key derivation and mutual authentication with digital credentials between wireless station and network. The logical port is defined in this paper to support the control of authentication and service communication by client. The authentication of roaming client is considered in this paper to make sure the legal user can move between WLANs. This paper also describes the platform of the user security management system with RADIUS authentication server.This paper discusses the WLAN national security standard WAPI and the transitional draft of IEEE 802.11i – WPA.