Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Литература / StdNetwork.pdf
Скачиваний:
53
Добавлен:
16.04.2013
Размер:
1.12 Mб
Скачать

IEEE Standard for

Local and metropolitan area networks—

Port-Based Network Access Control

1. Overview

1.1 Scope

IEEE 802Ò Local Area Networks (or LANs; see 3.4 in IEEE Std 802.1D, 1998 Edition) are often deployed in environments that permit unauthorized devices to be physically attached to the LAN infrastructure, or permit unauthorized users to attempt to access the LAN through equipment already attached. Examples of such environments include corporate LANs that provide LAN connectivity in areas of a building that are accessible to the general public, and LANs that are deployed by one organization in order to offer connectivity services to other organizations (for example, as may occur in a business park or a serviced office building). In such environments, it is desirable to restrict access to the services offered by the LAN to those users and devices that are permitted to make use of those services.

Port-based network access control makes use of the physical access characteristics of IEEE 802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point-to-point connection characteristics, and of preventing access to that port in cases in which the authentication and authorization process fails. A port in this context is a single point of attachment to the LAN infrastructure. Examples of ports in which the use of authentication can be desirable include the Ports of MAC Bridges (as specified in IEEE 802.1D), the ports used to attach servers or routers to the LAN infrastructure, and associations between stations and access points in IEEE 802.11 Wireless LANs.

1.2 Purpose

For the purpose of providing compatible authentication and authorization mechanisms for devices interconnected by IEEE 802 LANs, this standard specifies a general method for the provision of port-based network access control. To this end, it

a)Describes the architectural framework within which the authentication, and consequent actions, take place

b)Defines the principles of operation of the access control mechanisms

c)Defines the different levels of access control that are supported, and the behavior of the port with respect to the transmission and reception of frames at each level of access control

Copyright © 2001 IEEE. All rights reserved.

1

Соседние файлы в папке Литература