HP-UX AAA Server A.08.02 Administrator's Guide
Attributes for Configuring OTP Authentication........................................................137
Advanced Deployment Scenarios..............................................................................142
Validating OTP Alone.........................................................................................142
Configuring Two-Factor Authentication..................................................................144
OTP or Password Validation at External RADIUS Server...........................................150
Predefined Mapping and Conversion Functions...............................................................155
Sample Configuration Files...........................................................................................156
The sqlaccess.config Sample File..............................................................................156
Sample Policy Files.................................................................................................158
The oath-request-ingress.grp Sample File...............................................................158
The oath-reply-egress.grp Sample File...................................................................158
The oath-proxy-egress.grp Sample File..................................................................159
17 Configuring EAP-SIM and EAP-AKA Authentication Methods...................160
EAP-SIM..........................................................................................................................160
Overview...................................................................................................................160
EAP-SIM Authentication Using HP-UX AAA Server............................................................160
Features.....................................................................................................................162
Benefits......................................................................................................................163
Configuring EAP SIM...................................................................................................163
EAP-SIM Client Configuration...................................................................................163
EAP-SIM User Credential Lookup Configuration...........................................................163
EAP-SIM Realm-Based Configurations........................................................................164
Realm-Based EAP-SIM Configuration Information in authfile.....................................164
Realm-Based EAP-SIM Configuration Information in EAP.authfile...............................166
Global EAP-SIM Configuration in aaa.config..............................................................168
EAP-AKA........................................................................................................................169
Overview...................................................................................................................169
EAP-AKA Authentication Using HP-UX AAA Server...........................................................169
Features.....................................................................................................................170
Benefits......................................................................................................................171
Configuring EAP-AKA..................................................................................................171
EAP-AKA Client Configuration..................................................................................171
EAP-AKA User Credential Lookup Configuration..........................................................171
EAP-AKA Realm-Based Configurations.......................................................................172
Realm-Based EAP-AKA Configuration Information in authfile....................................172
Realm-Based EAP-AKA Configuration Information in EAP.authfile..............................173
Global EAP-AKA Configuration in aaa.config.............................................................177
Fast Re-Authentication.......................................................................................................178
Configuring for Fast Re-Authentication............................................................................178
Configuring for Fast Re-Authentication in EAP.authfile..................................................179
Sample EAP.authfile Configuration for Fast Re-authentication....................................180
Configuring for Fast Re-Authentication in aaa.config File..............................................180
Sample aaa.config Configuration for Fast Re-authentication.....................................181
Guidelines to Write EAP-SIM and EAP-AKA Fast Re-Authentication Database AATVs.............181
Fast Re-Authentication Database Update AATV...........................................................182
Update AATV Inputs...........................................................................................182
Update AATV Outputs........................................................................................182
AATV Functionality and Return Events...................................................................182
Fast Re-Authentication Database Lookup AATV...........................................................183
Lookup AATV Inputs...........................................................................................183
Lookup AATV Outputs........................................................................................183
Lookup AATV Functionality and Return Events........................................................184
Pseudonym Identities........................................................................................................184
Random Pseudonyms...................................................................................................184
Contents 7