As the RADIUS protocol is a connectionless protocol it is low-level in terms of its functionality and cannot support the more complex unmet needs of WLANs and ISPS today (Wirbel, 2004). Conversely, Diameter supports the Transmission Control Protocol (TCP) and the Stream Control Transmission Protocol (SCTP) have the functionality necessary to provide connection-oriented controls over flow control and arbitrating packets across the network. This is one the most significant limitations of the RADIUS protocol that is leading to widespread adoption of the Diameter protocol.
Limited server failure check in due to the RADIUS protocol being based on a NAS-based architecture, silent discarding of packets (Karyotis, Papavassiliou, 2007), and inefficient server-fail-over due to the NAS-based architecture all have lead to broader acceptance and adoption of the Diameter protocol. From a security standpoint, it's been proven that the RADIUS protocol's reliance on NAS as the basis of its structure also allows for impersonation attacks as well, a serious security threat (Wirbel, 2004). There requirement of the RADIUS protocol for a mandatory shared secret also imposed significant burdens on the network administrators, and the lack of end-to-end security in the RADIUS protocol also are factors in the development of the Diameter protocol and its popularity over the RADIUS protocol.
The advantages of the Diameter protocol include the following. First there is better support of proxy management in larger WLAN configurations, including an improvement in the development of network hop-to-hop transport failure detection (Wangerien, 2006). There is also greater support for proxy server managing the retransmission of pending requests, using a specific parameter for the number of retries as well. The most fundamental changes in the Diameter protocol over the RADIUS protocol include support for both the TCP and SCTP protocols, transmission of lost packets, and support for packet re-routing and networking optimization through the TCP and SCTP protocols serving as the foundation of this network protocol. The Diameter protocol was also specifically designed to provide greater compatibility with the IPSEC protocol, prevalent in VPN configurations due to its more advanced support of wireless security. There is also support for more advanced and layered proxy server configuration strategies that were an unmet need of larger WLAN users with regard to the RADIUS protocol. Finally, the...
Diameter servers, compatible with both the TCP and SCTP protocols, also support a greater level of flexibility in creating scenarios were session termination authentication and re-authorization are completed independently of the session management functions.
The transition from the RADIUS protocol to the Diameter protocol has as it catalyst the greater flexibility and security the latter protocol provides, specifically over TCP and SCTP-based networks. The shortcomings of the RADIUS protocol are addressed in the design of the Diameter protocol, with specific attention paid to the need for higher levels of security and agility in defining network configurations. The implications for ISPs and those companies creating WLANs include greater support for wireless security configuration, and therefore greater flexibility and independence for their users in using their wireless and IEEE 802.11i devices on networks configured using the Diameter protocol.
Mitchell Ashley (2004, June). New practices in wireless security. Communications News, 41(6), 30-33. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 651290611).
Calculating Costs of Securing a Wireless Network. (2005, December). Baseline, 1(53), 1. Retrieved April 20, 2008, from ABI/INFORM Trade & Industry database. (Document ID: 948208371).
John Cox (2004, June). Vendors offer tools to control, secure WLANs. Network World, 21(23), 24. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 650087701).
Kevin Curran, Paul Canning. (2007, May). Wireless Handheld Devices Become Trusted Network Devices. Information Systems Security, 16(3), 134-146. Retrieved April 19, 2008, from ABI/INFORM Global database. (Document ID: 1317810291).
Paul McFedries (2004). Hacking Unplugged. IEEE Spectrum, 41(2), 80. Retrieved April 14, 2008, from ABI/INFORM Global database. (Document ID: 572855291).
George V Hulme (2002, September). Protect wireless LANs. InformationWeek,(905), 75. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 171914151).
Vasileios Karyotis, Symeon Papavassiliou. (2007). Risk-based attack strategies for mobile ad hoc networks under probabilistic attack modeling framework*. Computer Networks, 51(9), 2397. Retrieved April 21, 2008, from ABI/INFORM Global database. (Document ID: 1263867841).
Dave Molta (2002, December). WLAN security: Five simple truths. Network Computing, 13(25), 24. Retrieved April 19, 2008, from ABI/INFORM Global database. (Document ID: 254171121).
Dave Molta (2005, June). SECURE YOUR AIRSPACE. Network Computing, 16(12), 34-44. Retrieved April 15, 2008, from ABI/INFORM Global database. (Document ID: 867906931).
Dave Molta, Chris Kozup. (2004, March). WI-FI vs.…
Internet Protocols The internet is more than what it appears to many of its users. The World Wide Web is the standard and most popular method or protocol of acquiring information off the interconnectivity that the internet provides. The purpose of this essay is to define an internet protocols and give examples of several different types and the advantages and disadvantages they provide for myself and other users of this technology. HTTP
Internet Protocol Version 6 (IPv6) technology, one of the technologies listed on Gartner's 2004 Hype Cycle that has high visibility today because new IPv4 addresses are nearly exhausted. On the 2012 Hype Cycle, IPv6 is now listed in the "Trough of Disillusionment," yet the U.S. government is still directing that transition to this protocol continue: Name at least three advantages that government organizations will gain by transitioning to IPv6 technology
Fundamentally, proxy servers get SIP messages and redirect them to the next SIP server in the network. Proxy servers are able to provide operations like authentication, authorization, network access control, routing, reliable request transmission, and security. (ii) Redirect server: Gives the client with information regarding the nest hop or hops which the message must take and subsequently the client contacts the next hop server and UAS directly. (iii) Registrar
The address classes are the defined as a, B, C, D or E.This is however dependent on the initial bits. The total of number of addresses in IPv4 are 4 294-967-296. As for IPv6, the address is made up of 128 bit long pieces which are 16 bytes. The fundamental structure of IPv6 is 64 bits (network number) and 64 bits (host number). In most case the host portion
This system was problematic because of the number of students in the district and the time that it took to engage in this type of communication. In an effort to find a solution for the problem an Information Systems Manager was called in to assist the district (Milner, 2005). After abandoning an idea that called for the expansion of the traditional telephone system by placing new jacks in classrooms because
With the growth of VoIP, new requirements are brought forwarded, such as providing communication between a PC-based soft phone and a phone on PSTN. Such requirements strengthen the need for a standard for IP telephony. Same as other technologies, there are various standards proposed to be accepted by the industry. Two major standard bodies which govern the multimedia transmission over IP network are: International Telecommunications Union (ITU) Internet Engineering Task Force