Secure authentication system for public WLAN roaming

  • Authors:
  • Yasuhiko Matsunaga;Ana Sanz Merino;Takashi Suzuki;Randy H. Katz

  • Affiliations:
  • Univ. of California, Berkeley Berkeley, CA;Univ. of California, Berkeley Berkeley, CA;Multimedia Laboratories, Yokosuka, Kanagawa, Japan;Univ. of California, Berkeley, Berkeley, CA

  • Venue:
  • Proceedings of the 1st ACM international workshop on Wireless mobile applications and services on WLAN hotspots
  • Year:
  • 2003

Quantified Score

Hi-index 0.00

Visualization

Abstract

A serious impediment for seamless roaming between independent wireless LANs (WLANs) is how best to confederate the various WLAN service providers, each having different trust relationships with individuals and each supporting their own authentication schemes which may vary from one provider to the next. We have designed and implemented a comprehensive single sign-on (SSO) authentication architecture that confederates WLAN service providers through trusted identity providers. Users select the appropriate SSO authentication scheme from the authentication capabilities announced by the WLAN service provider, and can block the exposure of their privacy information while roaming. In addition, we have developed a compound layer 2 and Web authentication scheme that ensures cryptographically protected access while preserving pre-existing public WLAN payment models. Our experimental results, obtained from our prototype system, show the total authentication delay are well within 2 seconds. This is dominated primarily by our use of industry-standard XML-based protocols, yet are still small enough for practical use.