ABSTRACT
IEEE 802.1X for authentication using extensible authentication protocol (EAP) and an authentication server: IEEE 802.1X specification specifies a port-based network admission control for device authentications using EAP and an authentication server. EAP provides some common methods to negotiate a desired authentication mechanism. There are many EAP methods, e.g., EAP-TLS (transport layer security), EAP-SIM (GSM subscriber identity module), EAP-AKA (UMTS authentication and key agreement), PEAP (protected extensible authentication protocol), LEAP (lightweight extensible authentication protocol), EAP-TTLS (tunneled transport
layer security), etc. An IEEE 802.11 access point (AP) serving as a network access server (NAS) with the IEEE 802.1x capability can invoke EAP to provide a secure authentication mechanism and negotiate a secure pairwise master key (PMK) between a station and the AP. The PMK is used for sessions under temporal key integrity protocol (TKIP) or advanced encryption standard (AES) encryption.
