Security analysis of ssl/tls protocol implementation on a radius server: Case study
Abstract:
Authentication mechanisms must have an adequate level of security. This article presents a case study of security analysis of the implementation of SSL/ TLS protocol on a RADIUS server. For this, a RADIUS service was implemented with the mentioned protocols in two servers (GNU/Linux and MS Windows server). A test scheme was designed in which both servers and clients were scanned for open ports, and then attempts were made to access the servers by exploiting the vulnerabilities found. In the Ubuntu server implementation no vulnerabilities were identified. On the other hand, open ports and information about operating system features were found in the Windows Server service. Clients presented fewer open ports when they had digital certificates configured for authentication. With this, depending on the form of implementation and configuration, the use of RADIUS with SSL/TLS can be very secure and shows less vulnerability.
Año de publicación:
2020
Keywords:
- network vulnerability
- Certificates
- authentication
- AAA server
Fuente:
scopusTipo de documento:
Article
Estado:
Acceso restringido
Áreas de conocimiento:
- Red informática
- Ciencias de la computación
Áreas temáticas:
- Programación informática, programas, datos, seguridad
