Document Overview (2) Discussion of CAPWAP security goals Gist: try not to add any exposure not present in original fat AP model Overview of 802.11 and AAA security Need to give background, context to understand how CAPWAP interacts with WLAN security landscape There are complex trust relationships, trust chaining CAPWAP is smack dab in the middle of all this Structure of the analysis What are we protecting? What are the risks? Attacker capabilities Vulnerabilities/potential points of attack Attacker goals Mitigation strategies Trade-off analysis |