ePrints.FRI - University of Ljubljana, Faculty of Computer and Information Science

Dynamic assignment of eduroam users to separate virtual lans

Marko Dolničar (2013) Dynamic assignment of eduroam users to separate virtual lans. EngD thesis.

[img]
Preview
PDF
Download (1123Kb)

    Abstract

    The aim of the diploma thesis was to thoroughly study the eduroam network, which is, with its authentication and authorisation mechanisms, considered a secure service. However, the network lacks mechanisms to protect the logged-in users from malicious users on the same network. Security vulnerability as a result of insecure protocols of eduroam may result in any malicious user being able to access other users' confidential information. After having set up a test network identical to eduroam, we successfully tested it with some attacks on the Data Link layer. Finally, we provide a solution to enhance security, by separating the users into individual sub networks using VLANs and consequently preventing the attacks on Data Link layer.

    Item Type: Thesis (EngD thesis)
    Keywords: eduroam, security, FreeRADIUS, VLAN, switch, access point, MITM, ARP poisoning
    Number of Pages: 45
    Language of Content: Slovenian
    Mentor / Comentors:
    Name and SurnameIDFunction
    doc. dr. Mojca Ciglarič256Mentor
    Link to COBISS: http://www.cobiss.si/scripts/cobiss?command=search&base=50070&select=(ID=10360148)
    Institution: University of Ljubljana
    Department: Faculty of Computer and Information Science
    Item ID: 2293
    Date Deposited: 03 Dec 2013 12:43
    Last Modified: 13 Jan 2014 13:37
    URI: http://eprints.fri.uni-lj.si/id/eprint/2293

    Actions (login required)

    View Item