In recent years, the diffusion of wireless LANs (IEEE802.11 standard) has progressed, and large-scale wireless LAN networks have been constructed in public networks and corporate networks.
With wireless LANs, IEEE802.11i (Non-patent Document 1) aimed at strengthening security has been stipulated. Although authentication and periodic key updating in accordance with 802.1X are effective as short-term solutions to wireless LAN vulnerability, the vulnerability of the WEP itself remains a problem. Therefore, a new standard employing more robust encryption has been demanded, and the IEEE802.11i standard has been established as a result.
In 802.1X, only the form of an EAPol Key for key encapsulation is specified, and distribution thereof is effectively of a one-way notification type. With IEEE802.11i, in contrast, a two-way confirmation response type of key distribution procedure by means of a 4-way handshake procedure and group handshake procedure is specified, and master key synchronous authentication and temporary key updating can be performed dependably.
Meanwhile, with wireless LANs, investigation has been undertaken into shifting from a method whereby an access point (AP)—for example, a wireless LAN base station apparatus—is set and installed individually, to a method whereby an AP control apparatus that connects a plurality of wireless LAN base station apparatuses performs wireless LAN base station apparatus automatic setting, fault management, statistical information collection, and so forth, en bloc. This investigation has been carried out by international standard organizations such as the IETF (Internet Engineering Task Force) and IEEE802.11 Working Group, and progress is being made in drawing up standards.
Also, LWAPP (light weight access protocol) has been proposed by the IETF CAPWAP Working Group as a protocol for managing APs (see Non-patent Document 2). With this LWAPP, the AP control apparatus (also called an Access Controller) performs automatic setting of setting information, fault management, statistical information collection, encryption key information setting, and so forth, for a wireless LAN base station apparatus.
Non-patent Document 1: IETF 802.11i Standard
Non-patent Document 2: IETF draft draft-ohara-capwap-lwapp-00.txt “Light Weight Access Point Protocol”