Experimental evaluation of EAP performance in roaming scenarios

Abstract. The Extensible Authentication protocol (EAP), is the main component of the standard AAA (Authentication Authorization and Accounting) framework for network access control. AAA frameworks support cross-domain authentication that enables a certain access network to authenticate a roaming client that belongs to a remote network. The cross-domain authentication requires message exchange between the AAA server of the visited network and the AAA server of the client’s home network. Because these inter-domain exchanges occur over the Internet, they are subject to degradations such as packet loss and network delays thus increasing the overall authentication time. When the client changes of access point, the same authentication procedure takes place again, disrupting the user traffic at each hand-off. In this paper, we examine the performance of inter-domain EAP authentication in terms of authentication delay using an emulated environment. Moreover, in an effort to understand the performance of Inter-domain authentication over the Internet, we model the authentication time using mathematical approach and we define basis of future research items focusing on the estimation of inter-domain EAP authentication delays.