Solved

IEEE 802.11 and IEEE 802.11i

Posted on 2011-03-11
10
506 Views
Last Modified: 2012-08-14
Hi
I am trying to understand the security of wireless networks and I am reading a book about that subject. The book said that IEEE 802.11i is an amendment to the IEEE 802.11 standard and that the 802.11i is more robust wireless LAN security protocol. The only problem I see is that people is still using the old protocol because some of the services provided by the new (802.11i) are

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

-- Once authenticated, the access point send a key to wireless station.

Although the 802.11i standard is not new (2004 I think) I have never seen a wireless router in the market that provides the above features. Users always share a single password and I do not know how authentication and data server are used here.

Is that protcol implemented and if yes where is it?

Please help
Thanks
Jean



0
Comment
Question by:jean11
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 13

Accepted Solution

by:
kdearing earned 125 total points
ID: 35108440
Yes, most wireless routers support that feature, the just don't call it that.
When setting up a wireless router's security you usually have the following options:
- none
- WEP
- WPA-PSK
- WPA-Enterprise
- WPA2-PSK
- WPA2-Enterprise

Ths ones marked as 'Enterprise' are 802.11i for remote server authorization (typically radius)
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 35109271
This explains it a little...

http://en.wikipedia.org/wiki/IEEE_802.11i-2004
0
 

Author Comment

by:jean11
ID: 35115556
Thanks for the reply.
I know that link but I want to make sure that what is in books are also implemented because I have never seen a wireless router that does the following features:

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

So you mean if we have a Linksys router for example, we can set the protocol to

WPA-Enterprise and WPA2-Enterprise then we will able to use different passwords in an organization/house? because it is using remote server authorization? correct?

Thanks

0
Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

 
LVL 13

Expert Comment

by:kdearing
ID: 35115681
Yes, that is correct.
One of the more common uses is to use a Windows Server domain controller as a radius server.
That way users can get on the wireless network using their domain credentials.
0
 

Author Comment

by:jean11
ID: 35115692
Thanks a lot.

But at home/coffe shops for example where is the authorization take place? at home people do not have  Windows Server domain controller.
So at home no use for this service? right?
or maybe the Internet Provider allow for this authorization service?

Please let me know.
Thanks
0
 
LVL 13

Assisted Solution

by:kdearing
kdearing earned 125 total points
ID: 35115778
What you are referring to is a "capture portal"
In small hotspots, this is software integrated into the router
In larger environments like a hotel this is typically an IP3 Networks appliance or similar that can be integrated into their property management system

For home and SOHO, the vast majority just use PSK (pre-shared key)
0
 

Author Comment

by:jean11
ID: 35117152
What about Extensible Authentication Protocol (EAP) and TKIP (Temporal Key Integrity Protocol)?
Are they included in the  802.11i standard?
Thanks
0
 
LVL 13

Assisted Solution

by:kdearing
kdearing earned 125 total points
ID: 35117186
This probably explains it better than I can:
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35349338
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question