1 Scope
2 References
3 Terms and definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 EAP-based authentication and key management framework
6.1 Introduction
6.2 General features of EAP
6.3 Basic operational procedures for authentication and key
management protocols
7 EAP protocols
7.1 Vulnerabilities in EAP
7.2 Set of requirements for EAP
7.3 Criteria for evaluating and classifying EAP methods
7.4 EAP method
7.5 Evaluation of existing EAP methods
8 Key
management
8.1 Practical threats to a specific wireless access network
8.2 General operational phases for key management
8.3 Set of requirements for key management
8.4 Flow of the key management protocol
8.5 Requirements classification of key management
9 Cryptographic
key for key management
9.1 General policy model
9.2 Possible cryptographic key hierarchy and key derivation
Appendix I – Evaluation of existing EAP methods
Appendix II – AAA protocol
Appendix III – Overview of the existing EAP methods
III.1 Pre-shared secret-based EAP methods
III.2 EAP methods based on public key
III.3 EAP methods that support both shared secret and public key
III.4 Tunnel-based EAP methods
Bibliography