radext-9----Page:3
1  2  3  4  5 

“Correctness” in Fast Handoff & Context Transfer
Definition of “Correct”: when the same state results as if the peer had authenticated with the AAA server
Examples of “incorrect” transactions:
Peer authenticates with GUEST SSID, derives a key, does successful fast handoff within same physical AP to the CARRIER SSID
Result: Carrier sees an accounting record for GUEST which either doesn’t have an account, or it bills the wrong user
Peer authenticates to an AP, does fast handoff to same virtual AP in order to cause Session-Time variable to be reset.
Clients gain unlimited network access.

PPT Version