RadSec (original) (raw)
RadSec is a protocol for transporting RADIUS datagrams over TCP and TLS. The RADIUS protocol is a widely deployed authentication and authorization protocol. The supplementary RADIUS Accounting specification also provides accounting mechanisms, thus delivering a full AAA protocol solution. However, RADIUS is experiencing two major shortcomings as time passes since its initial design: its dependency on the unreliable transport protocol UDP and the lack of security for large parts of its packet payload. Specifically, for the latter, RADIUS security is based on the MD5 algorithm, which has been proven to be insecure.
| Property | Value |
|---|---|
| dbo:abstract | RadSec is a protocol for transporting RADIUS datagrams over TCP and TLS. The RADIUS protocol is a widely deployed authentication and authorization protocol. The supplementary RADIUS Accounting specification also provides accounting mechanisms, thus delivering a full AAA protocol solution. However, RADIUS is experiencing two major shortcomings as time passes since its initial design: its dependency on the unreliable transport protocol UDP and the lack of security for large parts of its packet payload. Specifically, for the latter, RADIUS security is based on the MD5 algorithm, which has been proven to be insecure. The main focus of RadSec is to provide a means to secure the communication between RADIUS/TCP peers on the transport layer. The most important use of RadSec lies in roaming environments where RADIUS packets need to be transferred through different administrative domains and untrusted, potentially hostile networks. An example for a world-wide roaming environment that uses RadSec to secure communication is eduroam. The "RADIUS Extensions" working group of the Internet Engineering Task Force (IETF) specified RadSec in RFC 6614. (en) |
| dbo:wikiPageID | 20625131 (xsd:integer) |
| dbo:wikiPageLength | 1790 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 1086292131 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:Protocol_(computing) dbr:MD5 dbr:Eduroam dbr:Transport_Layer_Security dbc:Internet_protocols dbr:Datagram dbc:Application_layer_protocols dbr:Transmission_Control_Protocol dbr:RADIUS dbr:AAA_protocol dbr:Internet_Engineering_Task_Force dbr:Transport_layer dbc:Computer_access_control_protocols dbr:User_Datagram_Protocol |
| dbp:wikiPageUsesTemplate | dbt:IETF_RFC dbt:Reflist |
| dct:subject | dbc:Internet_protocols dbc:Application_layer_protocols dbc:Computer_access_control_protocols |
| gold:hypernym | dbr:Protocol |
| rdf:type | dbo:Software yago:WikicatApplicationLayerProtocols yago:WikicatComputerAccessControlProtocols yago:Abstraction100002137 yago:Communication100033020 yago:Direction106786629 yago:Message106598915 yago:Protocol106665108 yago:WikicatInternetProtocols yago:Rule106652242 |
| rdfs:comment | RadSec is a protocol for transporting RADIUS datagrams over TCP and TLS. The RADIUS protocol is a widely deployed authentication and authorization protocol. The supplementary RADIUS Accounting specification also provides accounting mechanisms, thus delivering a full AAA protocol solution. However, RADIUS is experiencing two major shortcomings as time passes since its initial design: its dependency on the unreliable transport protocol UDP and the lack of security for large parts of its packet payload. Specifically, for the latter, RADIUS security is based on the MD5 algorithm, which has been proven to be insecure. (en) |
| rdfs:label | RadSec (en) |
| owl:sameAs | freebase:RadSec yago-res:RadSec wikidata:RadSec https://global.dbpedia.org/id/4tZpo |
| prov:wasDerivedFrom | wikipedia-en:RadSec?oldid=1086292131&ns=0 |
| foaf:isPrimaryTopicOf | wikipedia-en:RadSec |
| is dbo:wikiPageWikiLink of | dbr:FreeRADIUS dbr:RADIUS |
| is foaf:primaryTopic of | wikipedia-en:RadSec |