netman 2008-4-13 19:35
IEEE Std 802.1X™- 2004(Revision of IEEE Std 802.1X-2001)
【资料成文时间】:13 December 2004
【语言】:English
【页数】: 179
【何人(公司)所著】:IEEE
【文件格式】: PDF
【文件原名】: Port-Based Network Access Control
【摘要或目录】:
Contents
1. Overview............................................................................................................................................. 1
1.1 Scope........................................................................................................................................... 1
1.2 Purpose........................................................................................................................................ 1
2. References........................................................................................................................................... 3
3. Definitions........................................................................................................................................... 6
3.1 Terms defined in this standard..................................................................................................... 6
3.2 Terms defined in IEEE Std 802.1D ............................................................................................. 7
3.3 Terms defined in The Authoritative Dictionary of IEEE Standards Terms [B5] ........................ 7
4. Acronyms and abbreviations................................................................................................................ 8
5. Conformance....................................................................................................................................... 9
5.1 Requirements ............................................................................................................................... 9
5.2 Options........................................................................................................................................ 9
6. Principles of Port Access Control operation...................................................................................... 11
6.1 Purpose of Port Access Control operation ................................................................................. 11
6.2 Scope of Port Access Control operation .................................................................................... 11
6.3 Systems, Ports, and system roles ............................................................................................... 12
6.4 Controlled and uncontrolled access ........................................................................................... 12
6.5 Reception and transmission control ........................................................................................... 17
6.6 Port Access Entity (PAE)........................................................................................................... 18
6.7 Coupling two IEEE 802.1X authentications.............................................................................. 20
6.8 Use of Port Access Control with IEEE Std 802.3...................................................................... 21
7. EAP encapsulation over LANs (EAPOL).......................................................................................... 23
7.1 Transmission and representation of octets................................................................................. 23
7.2 EAPOL MPDU format for use with IEEE 802.3/Ethernet ........................................................ 23
7.3 EAPOL MPDU format for use with IEEE 802.2 Logical Link Control (LLC) ........................ 24
7.4 Tagging EAPOL MPDUs .......................................................................................................... 24
7.5 EAPOL MPDU field and parameter definitions........................................................................ 24
7.6 Key Descriptor format ............................................................................................................... 27
7.7 EAP packet format—informative .............................................................................................. 30
7.8 EAPOL addressing..................................................................................................................... 31
7.9 Use of EAPOL in shared media LANs ...................................................................................... 32
8. Port Access Control Protocol............................................................................................................. 33
8.1 Introduction to protocol operation ............................................................................................. 33
8.2 EAPOL state machines .............................................................................................................. 41
9. Management of Port Access Control ................................................................................................. 72
9.1 Management functions............................................................................................................... 72
Copyright © 2004 IEEE. All rights reserved.
vii
9.2 Managed objects ........................................................................................................................ 73
9.3 Data types.................................................................................................................................. 74
9.4 Authenticator PAE managed objects ......................................................................................... 74
9.5 Supplicant PAE managed objects .............................................................................................. 81
9.6 System managed objects ............................................................................................................ 85
10. Management protocol ........................................................................................................................ 87
10.1 Introduction............................................................................................................................... 87
10.2 The Internet-Standard Management Framework ....................................................................... 87
10.3 Security considerations .............................................................................................................. 87
10.4 Structure of the MIB .................................................................................................................. 87
10.5 Relationship to other MIBs........................................................................................................ 91
10.6 Definitions for Port Access Control MIB.................................................................................. 92
Annex A (normative) PICS Proforma.......................................................................................................... 128
Annex B (informative) Scenarios for the use of Port-Based Network Access Control............................... 136
Annex C (informative) Design considerations and background material for Port-Based Network
Access Control ........................................................................................................................... 140
Annex D (informative) IEEE 802.1X RADIUS Usage Guidelines............................................................. 147
Annex E (informative) PAE state machine interface with higher layers: EAP and AAA........................... 165
Annex F (informative) Bibliography ........................................................................................................... 169