802.11 authentication and association provides a method for supplying different levels of access to different nodes in a wireless local area network (WLAN). Each node and access point (AP) in the WLAN is required to keep an authentication state and an association state with each other node and AP that it is in contact with.
Authentication is how a node gains access to the network. It provides proof of identity to ensure the node is allowed access to the network. This is comparable to physically attaching an Ethernet cable to the node for a wired network. Along with authentication, there is a deauthentication service which is used to disallow any further service to be provided to a node.
Once a node has been authenticated it must become associated with an AP. This is how the network determines where to send data that is intended for that node. It routes it through the AP that the node is associated with. This is why a node may only be associated with a single AP. There is also a disassociation procedure where by the node can disconnect from the WLAN. This prevents the AP from continuing to attempt to transmit data to this node after it has left the WLAN.
The final association procedure, called reassociation, is designed to allow a smooth transition when a node moves from within the transmission range of one AP to another. The reassociation service combines an association service with a notification of which AP it was previously associated with. This allows the new AP to accept the association and to request that any data buffered at the previous AP for the node be forwarded.
- Wireless Transport Layer Security
- Communication Security Software
- Communication Security Research
- Reference Designs