Tomo Niizuma
ABSTRACT
In cases of large events such as concerts, conferences, sports events, as well as natural disasters, quick and easy deployment of temporary WLAN systems on-site is very important. In general, deploying WLAN systems requires wiring the cables to the Access Points (APs) and/or switches, and configuring the APs and servers. Although Wireless Mesh Networking (WMN) technologies enable us to reduce the wiring cost, some additional configurations are still required when we deploy a secure user authentication mechanism (e.g. IEEE 802.1X) on WLAN systems. This paper proposes a quickly and easily deployable WMN system working on a secure WLAN roaming system operated by multiple institutions like in eduroam, the worldwide roaming system for research and education institutions. The APs in the system generate authentication paths automatically using RadSec over the WMN to reduce the configuration costs of APs and authentication servers. The APs can perform user authentication and provide local services when they have lost the upper network temporarily or even when the authentication servers they are communicating with are down thanks to the local authentication technique using digital certificates.
- eduroam. http://www.eduroam.org/.Google Scholar
- T. Watanabe, S. Kinoshita, Y. Yamasaki, H. Goto, and H. Sone. Flexible Access and Priority Control System Based on 802.1X Authentication in Time of Disaster. In Computer Software and Applications Conference Workshops (COMPSACW), 2013 IEEE 37th Annual, pages 385--390, July 2013. Google ScholarDigital Library
- IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control. IEEE Std 802.1X-2010, pages C1--205, Feb 2010.Google Scholar
- C. Rigney, S. Willens, A. Rubens, and W. Simpson. Remote Authentication Dial In User Service (RADIUS). RFC 2865, June 2000. Google ScholarDigital Library
- S. Kinoshita, T. Watanabe, Y. Yamasaki, H. Goto, and H. Sone. Fault-Tolerant Wireless LAN Roaming System Using Client Certificates. In Computer Software and Applications Conference (COMPSAC), 2013 IEEE 37th Annual, pages 822--823, July 2013. Google ScholarDigital Library
- S. Winter, M. McCauley, S. Venaas, and K. Wierenga. Transport Layer Security (TLS) Encryption for RADIUS. RFC 6614, May 2012.Google Scholar
- radsecproxy. https://software.uninett.no/radsecproxy/.Google Scholar
- A. Egners, P. Herrmann, T. Jarmuzek, and U. Meyer. Experiences from security research using a Wireless Mesh Network testbed. In Local Computer Networks (LCN), 2013 IEEE 38th Conference on, pages 340--343, Oct 2013.Google ScholarCross Ref
- B.A.T.M.A.N. : Better Approach to Mobile Ad-hoc Networking. http://www.open-mesh.org/projects/open-mesh/wiki/.Google Scholar
- FreeRADIUS. http://freeradius.org/.Google Scholar
- hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator. https://w1.fi/hostapd/.Google Scholar
- Linux WPA/WPA2/IEEE 802.1X Supplicant. http://w1.fi/wpa_supplicant/.Google Scholar
- S. Cheshire, B. Aboba, and E. Guttman. Dynamic Configuration of IPv4 Link-Local Addresses. RFC 3927, May 2005.Google Scholar
- H. Goto, H. Sone, J. Yamato, and H. Wakayama. Easy-to-deploy eduroam system for hundreds of universities. http://www.apan.net/meetings/kualalumpur2009/proposals/middleware.html, July 2009.Google Scholar
- Shibboleth. https://shibboleth.net/.Google Scholar
- M. Anwander, T. Braun, A. Jamakovic, and T. Staub. Authentication and authorisation mechanisms in support of secure access to WMN resources. In World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2012 IEEE International Symposium on a, pages 1--6, June 2012.Google ScholarCross Ref
- Stefan Winter. radsecproxy - a swiss army knife for eduroam {or: why does eduroam work on the bus?}. https://tnc2009.terena.org/schedule/presentations/showdfcf.html?pres_id=42, July 2009.Google Scholar
- IEEE Standard for Information Technology--Telecommunications and information exchange between systems--Local and metropolitan area networks--Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 10: Mesh Networking. IEEE Std 802.11s-2011, pages 1--372, Sept 2011.Google Scholar
Index Terms
- Quick- and Easy-to-Deploy Wireless Mesh Network System for WLAN Roaming Services
Recommendations
A comparison study between the TLS-based security framework and IKEv2 when protecting DSMIPv6 signaling
This paper presents a comparison study between the TLS-based security for DSMIPv6 and IKEv2 when establishing Security Associations between MN and HA. The network transmission and processing costs are examined for each protocol using different ...
A seamless layer-2 handover scheme for mobile WiMAX based wireless mesh networks
ICACT'09: Proceedings of the 11th international conference on Advanced Communication Technology - Volume 2Wireless mesh networks have been studied as the next generation technology to solve problems of conventional wireless networks. Particularly, mobile WiMAX based wireless mesh networks are noticed due to many advantages. In this paper, we propose a layer-...
Comments