Configuration Guide Configuring RSNA
CCMP
Counter CBC-MAC Protocol (CCMP) uses AES, which is safer than TKIP.
AKM
Authentication and Key Management (AKM) is an access authentication mode for users to access a WLAN.
Overview
Verify the security of a wireless link before an STA associates with a WLAN.
Perform authentication for an STA that accesses a WLAN.
Implement security protection for communication data of an STA that accesses a WLAN.
1.3.1 Link Verification
Link verification refers to 802.11 authentication, which is a low-level authentication mechanism. Link verification is performed
when an STA associates with an AP over 802.11, which is earlier than access authentication. Before accessing a WLAN, the
STA must be authenticated over 802.11. 802.11 authentication marks the beginning of the handshake process when an STA
accesses a WLAN and the first step for network connection.
The IEEE 802.11 standard defines two approaches to link authentication:
Open-system link authentication
Shared-key link authentication
Working Principle
Open-System Link Authentication
Open-system link authentication allows all users to access a WLAN. In this sense, no data protection is provided, which
means that no authentication is performed. In other words, if the authentication mode is set to open-system authentication,
all STAs that request authentication can pass the authentication.
Open-system link authentication comprises two steps:
Step 1: An STA requests authentication. The STA sends an authentication request that contains the ID (usually the MAC
address) of the STA.
Step 2: An AP returns the authentication result. The AP sends an authentication response that contains information
indicating whether the authentication succeeds or fails. If the authentication succeeds, the STA and AP pass the bidirectional
authentication.
Figure 1-4
To Next Page
Loading...
Need help?
General
