Implementation of network access control by using authentication, authorization and accounting protocols
Article Sidebar
Main Article Content
This paper presents the design and implementation of a network access control system which provides the Authentication, Authorization and Accounting (AAA) service using GNU Licensed Software, employing the standard protocols IEEE 802.1x and RADIUS, based on a Public Key Infrastructure (PKI), a centralized directory service, which stores the security policies assigned to each user, and a MySQL database, where the authentication events of the AAA service are registered, all of this was tested in a production corporate environment with 300 workstations. On the system, it was achieved: three authentication methods by using EAP-TLS, PEAP and EAP TTLS; secure management of information, in a central database, about users that can access the network and the privileges that each of them own; use of digital certificates to prove the identity of a user or network device running any of the popular operating systems. Also has been configured a RADIUS Server to use two points of policy information, one of them is the OpenLDAP directory server, the other is the Active Directory from Microsoft. This enables a scalable network access control, without demanding a high budget.
- Luis E. Bolivar, Fabio G. Guerrero, Oscar Polanco, Design and implementation of IPv6 network for efficient transition from IPv4 , Ingeniería y Competitividad: Vol. 14 No. 2 (2012): Ingeniería y Competitividad
Authors grant the journal and Universidad del Valle the economic rights over accepted manuscripts, but may make any reuse they deem appropriate for professional, educational, academic or scientific reasons, in accordance with the terms of the license granted by the journal to all its articles.
Articles will be published under the Creative Commons 4.0 BY-NC-SA licence (Attribution-NonCommercial-ShareAlike).