Open system authentication is the default authentication
service and is used by a station to indicate its intent to associate with an Access Point.
802.11 open system authentication at the MAC level is used with upper layer 802.1X EAP
authentication. 802.11 shared key authentication provides the ability to verify that the AP
and the station share the same WEP key before 802.11 association. A challenge-response
protocol is used, and vulnerabilities have been identified. Shared key authentication is not
included in the Wi-Fi interoperability requirements and is not recommended for use.
RADIUS-based MAC authentication is a technique supported by most infrastructure
equipment. The MAC addresses of valid 802.11 devices are provisioned into the AP or
MC, and only traffic from these MAC addresses is allowed through the AP or MC.
Authentication is tied to the hardware that is used and not to the identity of the user.
Software does exist to change the MAC address of a wireless device, and thus MAC-based
authentication provides a only a very minimal level of access control to wireless networks.
7.6 Evolution, Standards, and Industry Efforts
The future growth of 802.
Pages:
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402