Title :
Distributed user authentication in wireless LANs
Author :
Kuptsov, Dmitriy ; Khurri, Andrey ; Gurtov, Andrei
Author_Institution :
Helsinki Inst. for Inf. Technol., Helsinki Univ. of Technol., Helsinki, Finland
Abstract :
An increasing number of mobile devices, including smartphones, use WLAN for accessing the Internet. Existing WLAN authentication mechanisms are either disruptive, such as presenting a captive web page prompting for password, or unreliable, enabling a malicious user to attack a part of operator´s infrastructure. In this paper, we present a distributed authentication architecture for WLAN users providing instant network access without manual interactions. It supports terminal mobility across WLAN access points with the Host Identity Protocol (HIP), at the same time protecting the operator´s infrastructure from external attacks. User data sent over a wireless link is protected by the IPsec ESP protocol. We present our architecture design and implementation experience on two OpenWrt WLAN access points, followed by measurement results of the working prototype. The system is being deployed into pilot use in the city-wide panOULU WLAN.
Keywords :
IP networks; Internet; protocols; security of data; wireless LAN; IPsec ESP protocol; Internet; OpenWrt WLAN access points; WLAN authentication; distributed authentication; distributed user authentication; host identity protocol; instant network access; terminal mobility; wireless LAN; Access protocols; Authentication; Electrostatic precipitators; Hip; Internet; Protection; Smart phones; Web pages; Wireless LAN; Wireless application protocol;
Conference_Titel :
World of Wireless, Mobile and Multimedia Networks & Workshops, 2009. WoWMoM 2009. IEEE International Symposium on a
Conference_Location :
Kos
Print_ISBN :
978-1-4244-4440-3
Electronic_ISBN :
978-1-4244-4439-7
DOI :
10.1109/WOWMOM.2009.5282469
