Networking / Beginners

EAP Entities

Entities are the network components that use EAP to meet their authentication and key management needs in a wireless network. Notice the close semblance and verbiage to the components in the RADIUS world or the IEEE 802.1X world. The entities in any EAP scheme may include any of the following components:

  • Peer The device or the user that wants to access the protected network resources. In a wireless network environment, the peer is often the wireless STA, the entity that responds to the authenticator. In the IEEE-802.1X world, this component is also known as the supplicant.
  • Authenticator The gatekeeper entity that initiates the EAP authentication conversation with the back-end components. In a wireless network environment, this could be a wireless access point (WAP). In the RADIUS world, it is called the network access server (NAS).
  • Backend authentication server The authenticator relies on the back-end authentication server to provide authentication services. This component executes EAP methods or grammar on behalf of the authenticator.
  • EAP server The component that terminates the EAP conversation with the peer component. This component or functionality is often discretely packaged with the back-end authentication component. When combined in this way, the service they provide is similar to the service provided by the access server in the RADIUS world.

The back-end authentication server and the EAP server possess the final knowledge of who should have access to what and when.

[Previous] [Contents] [Next]