Title :
Analysis, Implementation and Extensions of RADIUS Protocol
Author_Institution :
Coll. of Comput. Sci. & Technol., Xi´´an Univ. of Sci. & Technol., Xi´´an
Abstract :
RADIUS (remote authentication dial in user service) is an authentication, authorization and accounting protocol being widely used in network environments. However, it has a set of vulnerabilities that are either caused by the protocol, or caused by poor implementation and exacerbated by the protocol. First the overview of RADIUS protocol including basic operation of RADIUS protocol is studied. Then analysis part of RADIUS focuses on security issues, transport issues and implementation issues. In addition, how to minimize or resolve various issues of the RADIUS protocol using deployment best practices and extension are discussed.
Keywords :
authorisation; cryptographic protocols; message authentication; AAA; RADIUS protocol; authentication authorization-and-accounting protocol; cryptography; remote authentication dial-in-user service; security issue; transport issue; Access protocols; Authentication; Authorization; Best practices; Computer science; Cryptography; Information security; Network servers; Protection; Random number generation; RADIUS; extension; implementation; security;
Conference_Titel :
Networking and Digital Society, 2009. ICNDS '09. International Conference on
Conference_Location :
Guiyang, Guizhou
Print_ISBN :
978-0-7695-3635-4
DOI :
10.1109/ICNDS.2009.44
