Browse > Article
http://dx.doi.org/10.3745/KTCCS.2015.4.9.271

Implementation and Performance Analysis of Network Access Control Based on 802.1X for Effective Access Control on BYOD  

Lee, Min Choul (한밭대학교 컴퓨터공학과)
Kim, Jeongho (한밭대학교 컴퓨터공학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.4, no.9, 2015 , pp. 271-282 More about this Journal
Abstract
In the business environment BYOD(Bring Your Own Device) is used and being expanded continuously. According to a survey conducted by Cisco in 2012 on 600 companies, 95% of them are already permitting the use of BYOD in their work environments so that productivity of their employees has improved as a result. Gartner predicted that the use of BYOD will be caused new security threat. They also suggested to introduce NAC(Network Access Control) to resolve this threat, to separate network zone based on importance of their business, to establish the policy to consider user authority and device type, and to enforce the policy. The purpose of this paper is to design and implement the NAC for granular access control based on IEEE(Institute of Electrical and Electronics Engineers) 802.1X and DHCP(Dynamic Host Configuration Protocol) fingerprinting, and to analyze the performance on BYOD environment.
Keywords
BYOD; DHCP; Fingerprint; IEEE 802.1X; Network Access Control;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Eun Byol Koh, Joohyung Oh, and Chaete Im, "A Study on Security Threats and Dynamic Access Control Technology for BYOD, Smart-work Environment," IMECS 2014, Vol.II, pp.634-639, 2014.
2 Prashant Kumar Gajar, Arnab Ghosh, and Shashikant Rai, "Bring Your Own Ddevice (BYOD): Security Risks And Mitigating Strategies," JGRCS, Vol.4, No.4, pp.62-70, 2013.
3 Lawrence Orans and John Pescatore, "Strategic Road Map for Network Access Control," Gartner, 2011.
4 이정우 et al, "네트워크접근통제(NAC) 기술동향 파악 및 시험방법론 개발 최종 연구보고서", 한국정보통신기술협회, 2012.
5 ForeScout, "CounterACT: 802.1X and Network Access Control," [Internet], http://www.forescout.com/wp-content/media/FS-8021X_and_NAC_Tech_Note.pdf.
6 이민철, "네트워크 접근통제 시스템 구축", 에이콘출판, 2015.
7 Broadford Networks, "802.1X and NAC: Best Practices For Effective Network Access Control," Broadford Networks [Internet], http://www.cadinc.com/wp-content/uploads/2010/11/CAD_Bradford_Network_Access_Control_802.1X.pdf.
8 Jim Geier, "Implementing 802.1x Security Solutions for Wired and Wireless Networks," Wiley Publishing, Inc., 2008.
9 Edwin Lyle Brown, "802.1X Port-Based Authentication," Auerbach Publications, 2006.
10 Shin Shirahata, Yasuo Tsuchimoto, and Jun Murai, "New scheme for passive OS fingerprinting using DHCP message," IPSJ SIG Notes, Vol.18, pp.41-46, 2003.
11 David LaPorte and Eric Kollmann, Using DHCP for Passive OS Identification, Black Hat Japan 2007, [Internet], http://chatteronthewire.org/download/bh-japan-laportekollmann-v8.ppt.
12 Drik van der Walt, "FreeRadius Beginner's Guide," Packt Publishing, 2011.