| Summary: | 碩士 === 國立中興大學 === 資訊科學系所 === 94 === In the current wireless network environment, Remote Access Dial-In User Service (RADIUS) protocol was mainly adopted to provide the services of Authentication, Authorization, and Accounting (AAA), which was proposed by IETF. With the support of RADIUS protocol, a secure environment for wireless users is provided while the usage of network resources can also be monitored and managed by system administrator. However, since not all wireless access points support the RADIUS protocol, it is difficult to build a universal wireless security environment. Furthermore, the accounting policy of RADIUS protocol takes into account the idle time of a wireless user whenever he is in the connection state, which is obviously unfair to the user. To overcome these deficiencies, in this paper, we propose a wireless network access management system which directs the processes of authentication, authorization, and accounting to back-end servers. In the system, by employing the approach similar to the webpage authentication, the wireless access point is not necessary for ensuring legal access but simply transfers the messages to the back-end authorization and authentication server. Consequently, the AAA features are satisfiably accomplished with a better accounting strategy. In Multi-homing environment, once a user has passed the authentication, he can freely choose an ISP or the system can determine an ISP depending upon the user’s request. Hence, a better connection quality can be reached. Specifically, the NetFlow protocol is applied to collect the wireless network usage for each user. Based on the collection, the time or the traffic each user actually utilizes is accounted for. Four accounting alternatives, which include time-prepaid, flow-prepaid, time-postpaid, and flow-postpaid, are proposed and demonstrated.
|
|---|
