Leroy, Damien and Manulis, Mark and Bonaventure, Olivier (2009):
Enhanced Wireless Roaming Security Using Three-Party Authentication and Tunnels.
In: 5th ACM Conference on Emerging Network Experiment and Technology (CoNEXT 2009), ACM, [Conference or Workshop Item]
Abstract
Many organizations and many home users have deployed WiFi networks permitting external users to connect to the Internet through their networks. Such WiFi sharing poses many security risks for the visited network as well as for the visiting user. In this paper, we focus on the recently introduced con- cept for tunneled WiFi roaming in which the infrastructure of the visited network is considered as part of the security architecture. A secure layer-2 tunneling between the user's device and his home network is performed by the visited network only after the successful authentication of all three parties. The authentication protocol provides the mobile device and its home network with a secret key that protects their end-to-end communication. Additionally, it provides another tunnel key, shared with the visited network, that protects the actual traffic exchanged between the visited and home networks and prevents diverse resource consumption attacks against the latter. This concept encourages users to provide roaming service in a more secure and privacy- friendly way. We show how to implement this concept using the IEEE802.11i/EAP framework, based on existing infras- tructures and standard tunneling protocols.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2009 |
| Creators: | Leroy, Damien and Manulis, Mark and Bonaventure, Olivier |
| Title: | Enhanced Wireless Roaming Security Using Three-Party Authentication and Tunnels |
| Language: | German |
| Abstract: | Many organizations and many home users have deployed WiFi networks permitting external users to connect to the Internet through their networks. Such WiFi sharing poses many security risks for the visited network as well as for the visiting user. In this paper, we focus on the recently introduced con- cept for tunneled WiFi roaming in which the infrastructure of the visited network is considered as part of the security architecture. A secure layer-2 tunneling between the user's device and his home network is performed by the visited network only after the successful authentication of all three parties. The authentication protocol provides the mobile device and its home network with a secret key that protects their end-to-end communication. Additionally, it provides another tunnel key, shared with the visited network, that protects the actual traffic exchanged between the visited and home networks and prevents diverse resource consumption attacks against the latter. This concept encourages users to provide roaming service in a more secure and privacy- friendly way. We show how to implement this concept using the IEEE802.11i/EAP framework, based on existing infras- tructures and standard tunneling protocols. |
| Title of Book: | 5th ACM Conference on Emerging Network Experiment and Technology (CoNEXT 2009) |
| Publisher: | ACM |
| Divisions: | 20 Department of Computer Science |
| Date Deposited: | 04 Aug 2016 11:51 |
| Identification Number: | TUD-CS-2009-0181 |
| Export: |
Optionen (nur für Redakteure)
 |
View Item |
Drucken
Impressum