Authentication, Authorization and Accouting in OLSR (AAA)
<kumar.vijai <at> wipro.com>
2009-11-03 03:26:40 GMT
Thanks Henning for comments........
I have one more question.... Suppose a particular node is in network and
discovered the neighbors using OLSR TC and hello messages.
Now without using the crypto keys any node cannot get the message or
data correctly.. Am I right?
Then If we use X-supplicant (open source which use EAP massages over
Ethernet or radius) and/or Radius (open source) then the user can be
authenticated and registered before starting communication using TLS
certificates. We used this TLS (Transport Layer Security) mechanism in
mobile IP. Is it fesiable with OLSR?
Regards
vijai
-----Original Message-----
From: Henning Rogge [mailto:hrogge <at> googlemail.com]
Sent: Monday, November 02, 2009 3:01 PM
To: olsr-users <at> lists.olsr.org
Cc: Vijai Kumar (WT01 - Joint CEO Office)
Subject: Re: [Olsr-users] Olsr-users Digest, Vol 28, Issue 20
Am Freitag 30 Oktober 2009 05:34:09 schrieb kumar.vijai <at> wipro.com:
> Hi Henning/Markus,
>
> - Do we have any AAA mechansim in OLSR 6 release or planning to
include?
There will be a 0.6.0 release of OLSR, but it will contain no AAA. This
is out of scope for the routing daemon I think.
> - I checked the scure plugin which is using MD5. Can I know that for
> what purpose we can use the existing secure plugin.
The secure plugin does a authentification based on a shared group secret
for the routing messages.
> - We have started working for some defence project for MANET so I
> would like to get help that what are the existing olsr plugin and
> features we can use for the project and what added features could be
> easy to implement with olsr 6 release.
It depends what kind of security do you need. Do you just have to keep
out attackers which do NOT get a copy of your crypto keys ? Then just
encrypt everything on link-layer with a common group key.
Do you want to have security even against attackers who are already
inside your network (for example who have stolen a device) ? Then you
need some additional stuff like authenticated routing messages (not the
secure plugin, because it's based on a shared GROUP secret), IPsec and
some other mechanisms.
Henning Rogge
Please do not print this email unless it is absolutely necessary.
The information contained in this electronic message and any attachments to this message are intended for
the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged
information. If you are not the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any
attachments for the presence of viruses. The company accepts no liability for any damage caused by any
virus transmitted by this email.
www.wipro.com
--
--
Olsr-users mailing list
Olsr-users <at> lists.olsr.org
http://lists.olsr.org/mailman/listinfo/olsr-users
RSS Feed