The Network Access Identifier

DeKok, Alan

doi:10.17487/rfc7542

Cited by 21 publications

(21 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, common constructions such as "user@example.com" (e.g., the Network Access Identifier from [RFC7542]) are allowed as usernames under this specification, as they were under [RFC4013].…”

Section: Definitionmentioning

confidence: 99%

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords

Saint-Andre¹,

Melnikov²

2017

View full text Add to dashboard Cite

Section: Definitionmentioning

confidence: 99%

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords

Saint-Andre¹,

Melnikov²

2017

View full text Add to dashboard Cite

“…2) The user's identity is forwarded to the RADIUS authentication server of the user's IdP through several RADIUS proxies in the federation network. The destination of the next-hop RADIUS proxy is determined by the realm [10] included in the user's identity. 3) If the RADIUS authentication server has received the authentication request including the user's identity, the server sends its server certificate back to the user's terminal.…”

Section: Overview Of Wlan Roaming Systemsmentioning

confidence: 99%

Easy-to-Deploy Wireless Mesh Network System with User Authentication and WLAN Roaming Features

Niizuma

Goto

2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYWireless LAN (WLAN) roaming systems, such as eduroam, enable the mutual use of WLAN facilities among multiple organizations. As a consequence of the strong demand for WLAN roaming, it is utilized not only at universities and schools but also at the venues of large events such as concerts, conferences, and sports events. Moreover, it has also been reported that WLAN roaming is useful in areas afflicted by natural disasters. This paper presents a novel WLAN roaming system over Wireless Mesh Networks (WMNs) that is useful for the use cases shown above. The proposed system is based on two methods as follows: 1) Automatic authentication path generation method decreases the WLAN roaming system deployment costs including the wiring cost and configuration cost. Although the wiring cost can be reduced by using WMN technologies, some additional configurations are still required if we want to deploy a secure user authentication mechanism (e.g. IEEE 802.1X) on WLAN systems. In the proposed system, the Access Points (APs) can act as authenticators automatically using RadSec instead of RADIUS. Therefore, the network administrators can deploy 802.1X-based authentication systems over WMNs without additional configurations on-site. 2) Local authentication method makes the system deployable in times of natural disasters, in particular when the upper network is unavailable or some authentication servers or proxies are down. In the local authentication method, users and APs can be authenticated at the WMN by locally verifying the digital certificates as the authentication credentials.

show abstract

“…The RADIUS client, acting as an RP, transmits a SAML request element within a RADIUS Access-Request message. This message MUST include a single instance of the RADIUS User-Name attribute whose value MUST conform to the Network Access Identifier [RFC7542] scheme. The RP MUST NOT include more than one SAML request element.…”

Section: Operationmentioning

confidence: 99%

“…Indicates that the content of the element is in the form of a Network Access Identifier (NAI) using the syntax described by [RFC7542]. Indicates that the subject is the system entity (either the user or machine) authenticated by a previously transmitted RADIUS Access-Accept message, as identified by the value of that RADIUS message's State attribute.…”

Section: Metadata Considerationsmentioning

confidence: 99%

A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for the Security Assertion Markup Language (SAML)

Pérez-Méndez¹,

Hartman²,

Howlett³

2016

View full text Add to dashboard Cite

This document describes the use of the Security Assertion Markup Language (SAML) with RADIUS in the context of the Application Bridging for Federated Access Beyond web (ABFAB) architecture. It defines two RADIUS attributes, a SAML binding, a SAML name identifier format, two SAML profiles, and two SAML confirmation methods. The RADIUS attributes permit encapsulation of SAML Assertions and protocol messages within RADIUS, allowing SAML entities to communicate using the binding. The two profiles describe the application of this binding for ABFAB authentication and assertion

show abstract

The Network Access Identifier

Cited by 21 publications

References 12 publications

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords

Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords

Easy-to-Deploy Wireless Mesh Network System with User Authentication and WLAN Roaming Features

A RADIUS Attribute, Binding, Profiles, Name Identifier Format, and Confirmation Methods for the Security Assertion Markup Language (SAML)

Contact Info

Product

Resources

About