OpenPana Projects

PANA (Protocol for Carrying Authentication for Network Access) is an IP-based protocol.OPenPana Projects aims for  device to authenticate itself with network.It does not define any authentication protocol, key agreement key distribution, or key derivation protocols.

OpenPana-simulator-Projects

PANA can be used in

  • Environments with link layer security.
  • Environments with physical layer security.
  • Environments where no lower security is available.

Architecture’s elements:

  • PaC (PANA Client).
  • PAA (PANA Authentication Agent).
  • AS (Authentication Server).
  • EP (Enforcement Point).

PaC (PANA Client):

  • The client part of the protocol is defined as PaC.
  • It is placed in node and easily reach access network.

PAA (PANA Authentication Agent):

  • Server side of PANA protocol is PAA.
  • It exchanges message with PaC for authentication and authorization.

AS (Authentication Server):

  • It is used to check the PaC’s credentials.
  • It receives the PaC’s credentials by the PAA.
  • Then it sends a packet with the result of credential checking process.
  • It has session time.
  • If this session expires it should re authenticate

EP (Enforcement Point):

  • It works in the basis of filter of a packet.
  • It is a type of node which drops packet according to the parameters it sets.

PANA signaling flow:

OpenPana signal flow

Platform Support:

Protocols supported in Openpana Projects

  • UNIX
  • Windows

Sample code for OpenPana Projects:

class PeerApplication : public PANA_ClientEventInterface

{

public:

PeerApplication(PANA_Node &n) : pacSession(n, *this),

handle(EapJobHandle(AAA_GroupedJob::Create(n.Task().Job(), this, “peer”))),

eap(boost::shared_ptr<MyPeerSwitchStateMachine>

(new MyPeerSwitchStateMachine(*n.Task().reactor(), handle))),

md5Method(EapContinuedPolicyElement(EapType(4)))

{

eap->Policy().CurrentPolicyElement(&md5Method);

}

virtual ~PeerApplication()  {

pacSession.Stop();}

void Start()

{

pacSession.Start();

eap->Start();

}

MyPeerSwitchStateMachine& Eap() { return *eap; }

// called by PANA on incomming EAP request

void EapRequest(AAAMessageBlock *request,

PANA_PINFO provider,

const PANA_CfgProviderInfo *pInfo) {

eap->Receive(request);}

// called by PANA on incomming BIND request

void EapRequest(AAAMessageBlock *request,

ACE_UINT32 resultCode,

ACE_UINT32 pcap) {

eap->Receive(request);}