Features
IPN Station can be installed without changing the existing environment
IPN Station can be installed without changing your existing wireless LAN environment configuration(*1).
Installed on your network and client terminals, IPN Station and IPN Supplicant terminals will enable mutual authentication (*2)and encryption of communication data (*3)using EAP-IPN communication (*4).
(*1)For the authentication method, access point needs to be compatible with WPA2-Enterprise.
However, operation capability cannot e guaranteed for all the devices. We recommend that you confirm the operation
capability in advance.
(*2)For the algorithms for mutual authentication, we have adopted "SAS-2", an SAS authentication method devised
by Professor Akihiro Shimizu of Kochi University of Technology.
This authentication method has been designed on assumption that it will be embedded in communication protocol.
Compared with other authentication method, its structure is simple. Requiring fewer computations, the method operates
at high speed.
Technical article:"A One-Time Password Authentication Method for Low Spec Machines and on Internet Protocols.", June/01/2004
(*3)For the encryption method, we have adopted AES(Advanced Encryption Standard) encryption,
an American encryption standard. the key length is 128bit.
(*4)EAP-IPN is a mutual authentication protocol using one-time password,
based on IEEE802.1X protocol which has been extended by T-SS.
Realized secure and easy-to-navigate system
Configuration of Radius server using the generic public key cryptosystem would require issuance and operation of digital certificate and configuration of certificate authority (CA). In addition, certificate would have to be renewed on every expiry date.
IPN Station has adopted one-time password for user authentication, and has dramatically reduced the designing and managing efforts, by enabling automatic renewal of authentication information. Because certificate authority is no longer needed, secure networks can be configured without trouble.
One-time password and reduced TCO
Every time a communication is executed, IPN Station and IPN Supplicant authenticate each other, and authentication information is automatically updated when authentication succeeds. Introduction cost can be controlled, because this method does not require users to perform data entry procedures required of the matrix method, etc., and it neither requires security tokens. At the same time, man-hours accompanying token management can also be reduced.