Authenticated wireless roaming via tunnels: making mobile guests feel at home
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Many organizations and many home users have deployed WiFi networks permitting external users to connect to the Internet through their networks. Such WiFi sharing poses many security risks for the visited network as well as for the visiting user. In this paper, we focus on the recently introduced concept for tunneled WiFi roaming in which the infrastructure of the visited network is considered as part of the security architecture. A secure layer-2 tunneling between the user's device and his home network is performed by the visited network only after the successful authentication of all three parties. The authentication protocol provides the mobile device and its home network with a secret key that protects their end-to-end communication. Additionally, it provides another tunnel key, shared with the visited network, that protects the actual traffic exchanged between the visited and home networks and prevents diverse resource consumption attacks against the latter. This concept encourages users to provide roaming service in a more secure and privacy-friendly way. We show how to implement this concept using the IEEE802.11i/EAP framework, based on existing infrastructures and standard tunneling protocols.