Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Network-in-a-box: how to set up a secure wireless network in under a minute
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Information Sciences: an International Journal
Extensible authentication protocol (EAP) and IEEE 802.1x: tutorial and empirical experience
IEEE Communications Magazine
| Hi-index | 0.00 |
Providing a usable and secure mechanism for admitting guest devices into enterprise 802.11 WLANs with minimal human intervention is a challenging problem. Several collaborative mechanisms that may be applied to this problem have been proposed in the past. However none of the existing mechanisms can be made to work in an enterprise environment without either human assistance or online presence of a trusted third-party. Some of these mechanisms depend on human-assisted aural or visual verification and therefore are less desirable from the point of view of security as well as usability. In this paper, we propose a novel mechanism called Smart Whisper for permitting guest-devices into secure 802.11 Enterprise Wireless LANs (WLANs). We extend the standard 802.11i architecture with an Access Control Server (ACS) for supporting decentralized authorization, and Trust-Bootstrap Gateways for fully automated collaborative authentication between new guest-devices and ACS. The 802.11i Authentication Server is integrated with the ACS to support secure wireless access for guest-devices. The SmartWhisper system successfully addresses most of the security and usability issues which earlier mechanisms have not been able to address, while still being scalable and lightweight. We also report the initial set of performance results of our system prototype implementation.