RadSec
   HOME

TheInfoList



Click Here for Items Related To - RadSec
OR:
RadSec on:   [Wikipedia]   [Google]   [Amazon]

RadSec is a protocol for transporting
RADIUS In classical geometry, a radius ( : radii) of a circle or sphere is any of the line segments from its center to its perimeter, and in more modern usage, it is also their length. The name comes from the latin ''radius'', meaning ray but also the ...
datagram A datagram is a basic transfer unit associated with a packet-switched network. Datagrams are typically structured in header and payload sections. Datagrams provide a connectionless communication service across a packet-switched network. The del ...
s over
TCP TCP may refer to: Science and technology * Transformer coupled plasma * Tool Center Point, see Robot end effector Computing * Transmission Control Protocol, a fundamental Internet standard * Telephony control protocol, a Bluetooth communication s ...
and
TLS TLS may refer to: Computing * Transport Layer Security, a cryptographic protocol for secure computer network communication * Thread level speculation, an optimisation on multiprocessor CPUs * Thread-local storage, a mechanism for allocating vari ...
. The RADIUS protocol is a widely deployed authentication and authorization
protocol Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...
. The supplementary RADIUS Accounting specification also provides accounting mechanisms, thus delivering a full
AAA protocol AAA refers to Authentication (to identify), Authorization (to give permission) and Accounting (to log an audit trail). It is a framework used to control and track access within a computer network. Common network protocols providing this functi ...
solution. However, RADIUS is experiencing two major shortcomings as time passes since its initial design: its dependency on the unreliable transport protocol UDP and the lack of security for large parts of its packet payload. Specifically, for the latter, RADIUS security is based on the MD5 algorithm, which has been proven to be insecure. The main focus of RadSec is to provide a means to secure the communication between RADIUS/TCP peers on the
transport layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-end ...
. The most important use of RadSec lies in roaming environments where RADIUS packets need to be transferred through different administrative domains and untrusted, potentially hostile networks. An example for a world-wide roaming environment that uses RadSec to secure communication is
eduroam eduroam (''edu''cation ''roam''ing) is an international Wi-Fi internet access roaming service for users in research, higher education and further education. It provides researchers, teachers, and students network access when visiting an institu ...
. The "RADIUS Extensions" working group of the
Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements and a ...
(IETF) specified RadSec in .


References

{{reflist Internet protocols Application layer protocols Computer access control protocols