Diameter vs Radius Protocols Implications Term Paper
- Length: 7 pages
- Sources: 12
- Subject: Education - Computers
- Type: Term Paper
- Paper: #62569245
Excerpt from Term Paper :
As the RADIUS protocol is a connectionless protocol it is low-level in terms of its functionality and cannot support the more complex unmet needs of WLANs and ISPS today (Wirbel, 2004). Conversely, Diameter supports the Transmission Control Protocol (TCP) and the Stream Control Transmission Protocol (SCTP) have the functionality necessary to provide connection-oriented controls over flow control and arbitrating packets across the network. This is one the most significant limitations of the RADIUS protocol that is leading to widespread adoption of the Diameter protocol.
Limited server failure check in due to the RADIUS protocol being based on a NAS-based architecture, silent discarding of packets (Karyotis, Papavassiliou, 2007), and inefficient server-fail-over due to the NAS-based architecture all have lead to broader acceptance and adoption of the Diameter protocol. From a security standpoint, it's been proven that the RADIUS protocol's reliance on NAS as the basis of its structure also allows for impersonation attacks as well, a serious security threat (Wirbel, 2004). There requirement of the RADIUS protocol for a mandatory shared secret also imposed significant burdens on the network administrators, and the lack of end-to-end security in the RADIUS protocol also are factors in the development of the Diameter protocol and its popularity over the RADIUS protocol.
The advantages of the Diameter protocol include the following. First there is better support of proxy management in larger WLAN configurations, including an improvement in the development of network hop-to-hop transport failure detection (Wangerien, 2006). There is also greater support for proxy server managing the retransmission of pending requests, using a specific parameter for the number of retries as well. The most fundamental changes in the Diameter protocol over the RADIUS protocol include support for both the TCP and SCTP protocols, transmission of lost packets, and support for packet re-routing and networking optimization through the TCP and SCTP protocols serving as the foundation of this network protocol. The Diameter protocol was also specifically designed to provide greater compatibility with the IPSEC protocol, prevalent in VPN configurations due to its more advanced support of wireless security. There is also support for more advanced and layered proxy server configuration strategies that were an unmet need of larger WLAN users with regard to the RADIUS protocol. Finally, the Diameter protocol is more adept at session management and more effective accounting and analytics as its functional definition completes the preliminary steps the RADIUS protocol took to separate connection from accounting functions. Diameter servers, compatible with both the TCP and SCTP protocols, also support a greater level of flexibility in creating scenarios were session termination authentication and re-authorization are completed independently of the session management functions.
The transition from the RADIUS protocol to the Diameter protocol has as it catalyst the greater flexibility and security the latter protocol provides, specifically over TCP and SCTP-based networks. The shortcomings of the RADIUS protocol are addressed in the design of the Diameter protocol, with specific attention paid to the need for higher levels of security and agility in defining network configurations. The implications for ISPs and those companies creating WLANs include greater support for wireless security configuration, and therefore greater flexibility and independence for their users in using their wireless and IEEE 802.11i devices on networks configured using the Diameter protocol.
Mitchell Ashley (2004, June). New practices in wireless security. Communications News, 41(6), 30-33. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 651290611).
Calculating Costs of Securing a Wireless Network. (2005, December). Baseline, 1(53), 1. Retrieved April 20, 2008, from ABI/INFORM Trade & Industry database. (Document ID: 948208371).
John Cox (2004, June). Vendors offer tools to control, secure WLANs. Network World, 21(23), 24. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 650087701).
Kevin Curran, Paul Canning. (2007, May). Wireless Handheld Devices Become Trusted Network Devices. Information Systems Security, 16(3), 134-146. Retrieved April 19, 2008, from ABI/INFORM Global database. (Document ID: 1317810291).
Paul McFedries (2004). Hacking Unplugged. IEEE Spectrum, 41(2), 80. Retrieved April 14, 2008, from ABI/INFORM Global database. (Document ID: 572855291).
George V Hulme (2002, September). Protect wireless LANs. InformationWeek,(905), 75. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 171914151).
Vasileios Karyotis, Symeon Papavassiliou. (2007). Risk-based attack strategies for mobile ad hoc networks under probabilistic attack modeling framework*. Computer Networks, 51(9), 2397. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 1263867841).
Dave Molta (2002, December). WLAN security: Five simple truths. Network Computing, 13(25), 24. Retrieved April 19, 2008, from ABI/INFORM Global database. (Document ID: 254171121).
Dave Molta (2005, June). SECURE YOUR AIRSPACE. Network Computing, 16(12), 34-44. Retrieved April 15, 2008, from ABI/INFORM Global database. (Document ID: 867906931).
Dave Molta, Chris Kozup. (2004, March). WI-FI vs.…