AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility by Mahsa Nakhjiri, Madjid Nakhjiri

6.5. RADIUS Issues

With the recent increased attention to an integrated approach to network architecture design that considers many aspects of the network, such as mobility, QoS, call control and security, all at the same time, the role of AAA servers is becoming more and more central. This not only requires more interaction between the AAA servers and other entities in the network, but also puts more strain on the AAA servers and AAA protocols to sustain the new reliability, mobility and security demands. As we mentioned earlier, RADIUS suffers from a long list of security and reliability issues. Furthermore, RADIUS lacks support for IP mobility protocols. On top of all these, the number of allowed attribute types is limited to less than 255 and the length of the attribute value field is limited. This, along with the limited RADIUS message set, reduces the applicability of RADIUS as a AAA protocol of the future.

As we will see in the next chapter, Diameter as a successor protocol to RADIUS overcomes many of the RADIUS shortcomings. For that reason IETF decided to conclude the work of RADIUS standardization a long time ago [RADIUSWEB]. However, due to current economic downturn and the wide deployment base of RADIUS, the need was felt for a number of RADIUS enhancements before Diameter takes off as a widespread AAA protocol. This led to the creation of a new IETF working group, called RADIUS Extensions, or shortly named RADEXT [RADEXTWEB] for short. RADEXT has a very aggressive ...