präsentatiopn inkl grafiken

diff --git a/8021X-ports.png b/8021X-ports.png
new file mode 100644 (file)
index 0000000..5f06002
Binary files /dev/null and b/8021X-ports.png differ

diff --git a/beamerouterthemetubs.sty b/beamerouterthemetubs.sty
new file mode 100644 (file)
index 0000000..6f2c2e4
--- /dev/null
+++ b/beamerouterthemetubs.sty
@@ -0,0 +1,183 @@
+% Copyright of original theme (miniframe theme):
+
+% Copyright 2003 by Till Tantau <tantau@users.sourceforge.net>
+%
+% This program can be redistributed and/or modified under the terms
+% of the GNU Public License, version 2.
+
+%
+% Changes 2005, 2006 by Jens Brandt <brandt@ibr.cs.tu-bs.de>
+%
+
+\setbeamercolor{section in head/foot}{parent=palette tertiary}
+\setbeamercolor{subsection in head/foot}{parent=palette secondary}
+\setbeamercolor{author in head/foot}{parent=subsection in head/foot}
+\setbeamercolor{title in head/foot}{parent=section in head/foot}
+
+
+\def\beamer@theme@footline@empty{}
+\def\beamer@theme@footline@authorinstitute{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}%
+      \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}%
+      \hfill%
+      {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+\def\beamer@theme@footline@authortitle{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}%
+      \leavevmode{\usebeamerfont{title in head/foot}\insertshorttitle}%
+      \hfill%
+      {\usebeamerfont{author in head/foot}\usebeamercolor[fg]{author in head/foot}\insertshortauthor}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+\def\beamer@theme@footline@institutetitle{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}%
+      \leavevmode{\usebeamerfont{title in head/foot}\insertshorttitle}%
+      \hfill%
+      {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+\def\beamer@theme@footline@authorinstitutetitle{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}%
+      \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}%
+      \hfill%
+      {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}%
+      {\usebeamerfont{title in head/foot}\insertshorttitle}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+
+\def\beamer@theme@footline@authorinstitutetitleframenumber{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}%
+      \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}%
+      \hfill%
+      {\usebeamerfont{institute in head/foot}\usebeamercolor[fg]{institute in head/foot}\insertshortinstitute}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{title in head/foot}%
+      {\usebeamerfont{title in head/foot}\insertshorttitle}%
+      \hfill%
+      {\usebeamerfont{title in head/foot}\insertframenumber}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+
+\def\beamer@theme@footline@authorinstituteframenumber{
+  \defbeamertemplate*{footline}{tubs theme}
+  {%
+    \begin{beamercolorbox}[colsep=1.5pt]{upper separation line foot}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{author in head/foot}%
+      \leavevmode{\usebeamerfont{author in head/foot}\insertshortauthor}%
+      \hfill%
+      {\usebeamerfont{institute in head/foot}\insertshortinstitute}%
+      \hfill%
+      {\usebeamerfont{title in head/foot}\insertframenumber}%
+    \end{beamercolorbox}%
+    \begin{beamercolorbox}[colsep=1.5pt]{lower separation line foot}
+    \end{beamercolorbox}
+  }
+}
+
+\newif\ifbeamer@theme@subsection
+\beamer@theme@subsectiontrue
+
+\DeclareOptionBeamer{footline}{\csname beamer@theme@footline@#1\endcsname}
+\DeclareOptionBeamer{subsection}[true]{\csname beamer@theme@subsection#1\endcsname}
+\ProcessOptionsBeamer
+
+
+\mode<presentation>
+
+\pgfdeclaremask{my-tu-logo-mask}{tu-logo-mask}
+\pgfdeclareimage[interpolate=true,mask=my-tu-logo-mask,height=25pt]{my-tu-header}{tu-logo-white}
+
+
+                                % Head
+\defbeamertemplate*{headline}{tubs theme}
+{%
+  \begin{beamercolorbox}[colsep=1.5pt]{upper separation line head}
+  \end{beamercolorbox}
+  \begin{beamercolorbox}[ht=36pt]{section in head/foot}
+    \hskip2pt\pgfuseimage{my-tu-header}
+    \vskip2pt\insertnavigation{\paperwidth}\vskip0.5pt
+  \end{beamercolorbox}%
+  \ifbeamer@theme@subsection%
+    \begin{beamercolorbox}[colsep=1.5pt]{middle separation line head}
+    \end{beamercolorbox}
+    \begin{beamercolorbox}[ht=2.5ex,dp=1.125ex,%
+      leftskip=.3cm,rightskip=.3cm plus1fil]{subsection in head/foot}
+      \usebeamerfont{subsection in head/foot}\insertsubsectionhead
+    \end{beamercolorbox}%
+  \fi%
+  \begin{beamercolorbox}[colsep=1.5pt]{lower separation line head}
+  \end{beamercolorbox}
+}
+
+\definecolor{dark-blue}{rgb}{0.12,0.23,0.62}
+
+\setbeamercolor{structure}{fg=dark-blue}
+
+
+\setbeamercolor*{palette primary}{use=structure,fg=black,bg=structure.fg!40!white}
+\setbeamercolor*{palette secondary}{use=structure,fg=white,bg=structure.fg}
+\setbeamercolor*{palette tertiary}{use=structure,fg=white,bg=structure.fg}
+\setbeamercolor*{palette quaternary}{fg=white,bg=black}
+
+\setbeamercolor*{sidebar}{use=structure,bg=structure.fg}
+
+\setbeamercolor*{palette sidebar primary}{use=structure,fg=structure.fg!10}
+\setbeamercolor*{palette sidebar secondary}{fg=white}
+\setbeamercolor*{palette sidebar tertiary}{use=structure,fg=structure.fg!50}
+\setbeamercolor*{palette sidebar quaternary}{fg=white}
+
+\setbeamercolor*{titlelike}{use=structure,fg=structure.fg}
+
+\setbeamercolor*{separation line}{}
+\setbeamercolor*{fine separation line}{}
+
+\mode
+<all>
+

diff --git a/eduroam-arch.png b/eduroam-arch.png
new file mode 100644 (file)
index 0000000..c5258ca
Binary files /dev/null and b/eduroam-arch.png differ

diff --git a/eduroam-radius.png b/eduroam-radius.png
new file mode 100644 (file)
index 0000000..7274efc
Binary files /dev/null and b/eduroam-radius.png differ

diff --git a/presentation.tex b/presentation.tex
new file mode 100644 (file)
index 0000000..79449a4
--- /dev/null
+++ b/presentation.tex
@@ -0,0 +1,196 @@
+\documentclass[]{beamer}
+
+\usepackage[utf8]{inputenc}
+\usepackage{ngerman}
+\usepackage{pgf}
+\usepackage{url}
+\usepackage{colortbl}
+
+\mode<presentation>
+\useoutertheme[footline=authorinstituteframenumber,subsection=false]{tubs}
+\setbeamertemplate{table of contents}[ball]
+\setbeamertemplate{items}[ball]
+\setbeamertemplate{navigation symbols}{}
+%%\setbeamertemplate{blocks}[rounded][shadow=true]
+
+\mode<all>
+
+\title{Sicherheit in eduroam}
+\subtitle{Seminar Kommunikation und Multimedia, Sommersemester 2010}
+\author{Roland Hieber}
+\institute[IBR, TU Braunschweig]{Institut für Betriebssysteme und Rechnerverbund\\
+  Technische Universität Braunschweig}
+
+\date{\today}
+
+% TODO BOXEN!!!!!
+\begin{document}
+
+\frame{\titlepage}
+
+\section*{Überblick}
+
+\frame{
+  \frametitle{Überblick}
+  \tableofcontents
+}
+
+\section{Einführung}
+\frame{
+ \frametitle{Was ist eduroam?}
+
+ \begin{itemize}
+   \item<1-> "`\emph{edu}cational \emph{roam}ing"'
+   \item<2-> Verbund aus den Organisationen nationaler Forschungsnetze
+   \begin{itemize}
+     \item TERENA -- Trans-European Research and Education Networking Association
+   \end{itemize}
+   \item<3-> Ziel: netzübergreifende Benutzerauthentifizierung
+   \item<4-> Aber auch: Zugriffskontrolle auf die angebotenen Ressourcen (Benutzerautorisierung)
+ \end{itemize}
+}
+
+\frame{
+  \frametitle{Verbreitung}
+  \begin{figure}[h]
+    \centering
+    \includegraphics[width=.8\textwidth]{eduroam-map.png}
+    \caption{Karte der teilnehmenden Länder \cite{eduroam.org}}
+  \end{figure}
+}
+
+\section{Architektur}
+
+\frame{
+\frametitle{IEEE 802.1X}
+  \begin{figure}
+    \centering
+    \includegraphics[width=0.6\textwidth]{8021X-Overview.pdf}
+    %\caption{Netzzugang durch IEEE 802.1X (\cite{commons8021X})}
+    \label{fig:8021X}
+  \end{figure}
+  \begin{enumerate}
+    \item<1> Rechner (Supplicants) müssen sich authentifizieren
+    \item<2-> Authenticator fragt Backend (RADIUS-Server) nach Gültigkeit der Login-Daten
+    \item<3-> Supplicant hat nach Freigabe Zugriff auf die kontrollierten Ressourcen
+  \end{enumerate}
+}
+
+\frame{
+  \frametitle{IEEE 802.1X: Detail}
+  \begin{figure}
+    \centering
+    \includegraphics[width=\textwidth]{8021X-ports.png}
+    %\caption{Netzzugang durch IEEE 802.1X (\cite{commons8021X})}
+    \label{fig:8021Xports}
+  \end{figure}
+  Nach erfolgreicher Authentifizierung werden beide kontrollierten Ports aktiviert.
+}
+
+\frame{
+  \frametitle{IEEE 802.1X: Extensible Authentication Protocol (EAP)}
+  Hier soll ein Diagramm erscheinen, das den Nachrichtenverkehr bei der generellen EAP-Authentifizierung darstellt
+  % TODO
+}
+
+\frame{
+  \frametitle{EAP-TLS}
+  Hier soll ein Diagramm erscheinen, das den Nachrichtenverkehr bei EAP-TLS darstellt
+  % TODO
+}
+
+\frame{
+  \frametitle{EAP-TTLS}
+  Hier soll ein Diagramm erscheinen, das den Nachrichtenverkehr bei EAP-TTLS darstellt
+  % TODO
+}
+
+\frame{
+  \frametitle{RADIUS}
+  \begin{itemize}
+    \item Remote Authentication Dial-In User Service
+    \item<2-> Protokoll für Authentifizierung, Autorisierung und Accounting (AAA)
+    \item<3-> RADIUS-Server kann Anfragen entweder selber beantworten oder an einen
+      anderen Server weiterleiten
+  \end{itemize}
+  \only<4->{\begin{figure}
+    \centering
+    \includegraphics[width=0.4\textwidth]{eduroam-radius.png}
+    %\caption{Netzzugang durch IEEE 802.1X (\cite{commons8021X})}
+    \label{fig:eduroam-radius}
+  \end{figure}}
+}
+
+\frame{
+  \frametitle{Autorisierung anhand weiterer Benutzerattribute}
+%   \begin{figure}[htb]
+%     \centering
+%     \includegraphics[width=0.4\textwidth]{tnc-arch.png}
+%     %\caption{TNC-Architektur~\cite{10.1109/NSS.2009.47}}
+%     \label{fig:tnc}
+%   \end{figure}
+  \begin{itemize}
+    \item \emph{Integrity Management Collector (IMC)}: sammelt Attributdaten auf dem Client-System (z.~B. ob ein Virenscanner installiert ist)
+    \item \emph{Integrity Management Verifier (IMV)}: prüft, ob die übertragenen Attributdaten mit den vom Systemadministrator vergebenen Richtlinien übereinstimmen
+    \item \emph{Network Access Requestor (NAR)}: auf der Client-Seite für den Aufbau einer Netzwerkverbindung zuständig. (meist IEEE~802.1X Supplicant).
+    \item \emph{Network Access Authority (NAA)}: regelt auf der Server-Seite den Zugriff der anfragenden Clients $\Rightarrow$ im RADIUS-Server integriert
+  \end{itemize}
+}
+
+\section{eduGAIN}
+\frame{
+  \frametitle{eduGAIN}
+  \begin{figure}[htb]
+    \centering
+    \includegraphics[width=0.6\textwidth]{edugain-arch.png}
+%     \caption{eduGAIN-Architektur~\cite{Lopez2008418}}
+    \label{fig:edugain}
+  \end{figure}
+  \begin{itemize}
+    \item Regelung des Zugriffs über manuell zugewiesene Attribute
+    \item<2-> Netzwerkübergreifende Kommunikation über \emph{Bridged Elements}
+    \begin{itemize}
+      \item Abstraktion der institutionsspezifischen Protokolle
+    \end{itemize}
+
+  \end{itemize}
+
+}
+
+\section{Sicherheitsbetrachtungen}
+\frame{
+  \frametitle{Sicherheitsbetrachtungen}
+  \begin{itemize}
+    \item Denial of Service durch gefälschte EAPOL-Pakete
+    \item<2-> Gefälschte Zertifikate $\Rightarrow$ Benutzer muss wissen, was er tut
+    \item<3-> RADIUS-Root-Server ist Single Point of Failure
+    \item<4-> Kommunikation zwischen RADIUS-Server nicht gesichert
+  \end{itemize}
+}
+
+\section{Ausblick}
+\frame{
+  \frametitle{Ausblick}
+  \begin{itemize}
+    \item eduroam-ng (\emph{eduroam next generation})
+    \item<2-> Migration RADIUS $\rightarrow$ RadSec
+    \begin{itemize}
+      \item<3-> Gesicherte Kommunikation zwischen RADIUS-Servern
+      \item<4-> Peer Discovery: automatisierte Feststellung des zuständigen RADIUS-Servers anhand von DNS-Einträgen (\url{_radiustls._tcp.idp.org}) $\Rightarrow$ kein SPoF mehr
+    \end{itemize}
+
+  \end{itemize}
+
+}
+
+\frame{
+  \centerline{\bf\LARGE Thank you!}
+}
+
+\frame{
+  \frametitle{Quellenangaben}
+  \bibliographystyle{plain}
+  \bibliography{lit}
+}
+
+\end{document}
\ No newline at end of file

diff --git a/seminar.kilepr b/seminar.kilepr
index 6ac228d..d8ef53a 100644 (file)
--- a/seminar.kilepr
+++ b/seminar.kilepr
@@ -4,7 +4,7 @@ img_extIsRegExp=false
 img_extensions=.eps .jpg .jpeg .png .pdf .ps .fig .gif
 kileprversion=2
 kileversion=2.1 beta2
 img_extensions=.eps .jpg .jpeg .png .pdf .ps .fig .gif
 kileprversion=2
 kileversion=2.1 beta2

-lastDocument=authz.tex
+lastDocument=presentation.tex

 masterDocument=ausarbeitung.tex
 name=Seminar
 pkg_extIsRegExp=false
 masterDocument=ausarbeitung.tex
 name=Seminar
 pkg_extIsRegExp=false


@@ -16,13 +16,31 @@ src_extensions=.tex .ltx .latex .dtx .ins
 MakeIndex=
 QuickBuild=
 
 MakeIndex=
 QuickBuild=
 

-[item:architektur.tex]
+[item:8021X-Overview.pdf]

 archive=true
 column=0
 archive=true
 column=0

+encoding=
+highlight=
+line=0
+open=false
+order=-1
+
+[item:8021X-Overview.svg]
+archive=true
+column=3080297
+encoding=
+highlight=
+line=0
+open=false
+order=-1
+
+[item:architektur.tex]
+archive=true
+column=841

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=40
-open=true
+line=43
+open=false

 order=1
 
 [item:ausarbeitung.tex]
 order=1
 
 [item:ausarbeitung.tex]


@@ -30,43 +48,79 @@ archive=true
 column=0
 encoding=UTF-8
 highlight=LaTeX
 column=0
 encoding=UTF-8
 highlight=LaTeX

-line=0
+line=40

 open=true
 order=0
 
 [item:ausblick.tex]
 archive=true
 open=true
 order=0
 
 [item:ausblick.tex]
 archive=true

-column=0
+column=324

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=7
+line=8

 open=true
 open=true

-order=5
+order=3

 
 [item:authn.tex]
 archive=true
 
 [item:authn.tex]
 archive=true

-column=18
+column=0

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=26
-open=true
+line=40
+open=false

 order=6
 
 [item:authz.tex]
 archive=true
 order=6
 
 [item:authz.tex]
 archive=true

-column=804
+column=0

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=8
+line=1

 open=true
 open=true

-order=7
+order=1
+
+[item:beamerouterthemetubs.sty]
+archive=true
+column=27
+encoding=UTF-8
+highlight=LaTeX
+line=18
+open=false
+order=9
+
+[item:edugain-arch.png]
+archive=true
+column=0
+encoding=
+highlight=
+line=0
+open=false
+order=-1
+
+[item:eduroam-map.png]
+archive=true
+column=7864421
+encoding=
+highlight=
+line=0
+open=false
+order=-1
+
+[item:eduroam-map.svg]
+archive=true
+column=7864320
+encoding=
+highlight=
+line=0
+open=false
+order=-1

 
 [item:einfuehrung.tex]
 archive=true
 column=0
 encoding=UTF-8
 highlight=LaTeX
 
 [item:einfuehrung.tex]
 archive=true
 column=0
 encoding=UTF-8
 highlight=LaTeX

-line=6
+line=12

 open=false
 order=5
 
 open=false
 order=5
 


@@ -84,10 +138,19 @@ archive=true
 column=1
 encoding=UTF-8
 highlight=BibTeX
 column=1
 encoding=UTF-8
 highlight=BibTeX

-line=55
-open=true
+line=151
+open=false

 order=3
 
 order=3
 

+[item:presentation.tex]
+archive=true
+column=150
+encoding=UTF-8
+highlight=LaTeX
+line=178
+open=true
+order=2
+

 [item:seminar.kilepr]
 archive=true
 column=0
 [item:seminar.kilepr]
 archive=true
 column=0


@@ -99,11 +162,11 @@ order=-1
 
 [item:sicherheit.tex]
 archive=true
 
 [item:sicherheit.tex]
 archive=true

-column=0
+column=34

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=11
-open=true
+line=2
+open=false

 order=4
 
 [item:tnc-arch.png]
 order=4
 
 [item:tnc-arch.png]


@@ -117,9 +180,9 @@ order=-1
 
 [item:zusammenfassung.tex]
 archive=true
 
 [item:zusammenfassung.tex]
 archive=true

-column=316
+column=6

 encoding=UTF-8
 highlight=LaTeX
 encoding=UTF-8
 highlight=LaTeX

-line=5
-open=true
+line=6
+open=false

 order=2
 order=2

diff --git a/tu-logo-mask.png b/tu-logo-mask.png
new file mode 100644 (file)
index 0000000..c29447f
Binary files /dev/null and b/tu-logo-mask.png differ

diff --git a/tu-logo-white.png b/tu-logo-white.png
new file mode 100644 (file)
index 0000000..96f9bf0
Binary files /dev/null and b/tu-logo-white.png differ