Sciweavers

SPW
2004
Springer

Authentication Components: Engineering Experiences and Guidelines

14 years 4 months ago
Authentication Components: Engineering Experiences and Guidelines
abstract February 6, 2004 Security protocols typically employ an authentication phase followed by a protected data exchange. In some cases, such TLS, these two phases are tightly integrated, while in other cases, such as EAP (Extensible Authentication Protocol) and Kerberos, they are separate and often implemented in different endpoints. However, careless application of this separation has lead to several vulnerabilities. In this paper we discuss reasons why this separation is often useful, what mistakes have been made, and what these mistakes have in common. We then describe some approaches how these problems could be avoided, especially focusing on EAP in wireless LANs. We also present some engineering observations that should be taken into account when designing reusable authentication components in the future.
Pasi Eronen, Jari Arkko
Added 02 Jul 2010
Updated 02 Jul 2010
Type Conference
Year 2004
Where SPW
Authors Pasi Eronen, Jari Arkko
Comments (0)