Title :
Thinking outside the box: extending 802.1x authentication to remote "splitter" ports by combining physical and data link layer techniques
Author :
Saha, Arun ; Molle, Mart
Author_Institution :
Dept. of Comput. Sci. & Eng., California Univ., Riverside, CA, USA
Abstract :
We present a novel switched full-duplex LAN architecture which can greatly simplify the cabling requirements in areas that must support high port densities and/or are subject to frequent changes. Instead of providing a separate cable to connect each host to a dedicated port on a monolithic switch behind the wall, we emulate the shared bus topology from the early days of Ethernet by daisy-chaining a series of small network-powered "slave" bridge modules called Ethernet Splitters from a single port on the "master" switch. Our partitioned switch architecture enforces network privacy throughout the entire splitter chain, so no host can view any traffic belonging to another host. The splitters also authenticate the point of origin for every frame, independent of the value contained in its source address field thus providing the same level of security as a monolithic switch under the 802.1x port based access control protocol.
Keywords :
access protocols; local area networks; message authentication; telecommunication links; telecommunication switching; telecommunication traffic; 802.1x authentication; Ethernet splitters; access control protocol; data link layer techniques; high port densities; monolithic switch; novel switched full-duplex LAN architecture; remote splitter ports; shared bus topology; Access control; Authentication; Bridges; Communication system traffic control; Ethernet networks; Local area networks; Master-slave; Network topology; Privacy; Switches;
Conference_Titel :
Local Computer Networks, 2003. LCN '03. Proceedings. 28th Annual IEEE International Conference on
Print_ISBN :
0-7695-2037-5
DOI :
10.1109/LCN.2003.1243158
