Authenticating public access networking

Authors:
Joseph W. Graham, II
Affiliations:
University of Pittsburgh, Pittsburgh, PA
Venue:
SIGUCCS '02 Proceedings of the 30th annual ACM SIGUCCS conference on User services
Year:
2002

Citing 0
Cited 1

Roaming and service management in public wireless networks using an innovative policy management architecture

International Journal of Network Management

Quantified Score

Hi-index	0.01

Visualization

Abstract

The University of Pittsburgh began offering network connections to residence hall students in 1998. Initially, students were assigned static IP addresses and manual processes were implemented to record the each computer's network card MAC address. This quickly became unwieldy as service was expanded to all of the nearly 6,000 residence hall rooms. In 2000, DHCP was used to provide student IP addresses in conjunction with registration software to record the necessary machine information. Tracing activity in response to security issues was still time-consuming because of the time needed to research activity logs.The adaptation of the Point-to-Point Protocol (PPP) for broadband use by commercial Internet Services Providers (ISP's) provided a much simpler solution for registering users, and providing IP addresses. Direct user authentication to the network is accomplished by requiring the entry of a username and password each time the user establishes a connection. Tracing specific activity is simplified because it is not necessary to research different sets of logs to determine the IP address and username. Management of the system is entirely dynamic. The system can be used just as easily for ports located in public areas, classrooms, and in conjunction with wireless network services. The need for authenticated access to the network from these locations is even more important than from the residence halls.Although PPPoE has been used for authenticated access in the residence halls during the past academic year, this service will be converted to the IEEE 802.1x standard, which eliminates the requirement for client authentication software in the coming year. Our experience with PPPoE is that support requirements are very low and are primarily limited to client software installation assistance. Further reduction of support requirements is expected with the introduction of 802.1x authentication for residence hall, public access, classroom, and wireless network connections.