Leroy, Damien ; Manulis, Mark ; Bonaventure, Olivier (2009)
Enhanced Wireless Roaming Security Using Three-Party Authentication and Tunnels.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Many organizations and many home users have deployed WiFi networks permitting external users to connect to the Internet through their networks. Such WiFi sharing poses many security risks for the visited network as well as for the visiting user. In this paper, we focus on the recently introduced con- cept for tunneled WiFi roaming in which the infrastructure of the visited network is considered as part of the security architecture. A secure layer-2 tunneling between the user's device and his home network is performed by the visited network only after the successful authentication of all three parties. The authentication protocol provides the mobile device and its home network with a secret key that protects their end-to-end communication. Additionally, it provides another tunnel key, shared with the visited network, that protects the actual traffic exchanged between the visited and home networks and prevents diverse resource consumption attacks against the latter. This concept encourages users to provide roaming service in a more secure and privacy- friendly way. We show how to implement this concept using the IEEE802.11i/EAP framework, based on existing infras- tructures and standard tunneling protocols.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2009 |
| Autor(en): | Leroy, Damien ; Manulis, Mark ; Bonaventure, Olivier |
| Art des Eintrags: | Bibliographie |
| Titel: | Enhanced Wireless Roaming Security Using Three-Party Authentication and Tunnels |
| Sprache: | Deutsch |
| Publikationsjahr: | Dezember 2009 |
| Verlag: | ACM |
| Buchtitel: | 5th ACM Conference on Emerging Network Experiment and Technology (CoNEXT 2009) |
| Kurzbeschreibung (Abstract): | Many organizations and many home users have deployed WiFi networks permitting external users to connect to the Internet through their networks. Such WiFi sharing poses many security risks for the visited network as well as for the visiting user. In this paper, we focus on the recently introduced con- cept for tunneled WiFi roaming in which the infrastructure of the visited network is considered as part of the security architecture. A secure layer-2 tunneling between the user's device and his home network is performed by the visited network only after the successful authentication of all three parties. The authentication protocol provides the mobile device and its home network with a secret key that protects their end-to-end communication. Additionally, it provides another tunnel key, shared with the visited network, that protects the actual traffic exchanged between the visited and home networks and prevents diverse resource consumption attacks against the latter. This concept encourages users to provide roaming service in a more secure and privacy- friendly way. We show how to implement this concept using the IEEE802.11i/EAP framework, based on existing infras- tructures and standard tunneling protocols. |
| ID-Nummer: | TUD-CS-2009-0181 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik |
| Hinterlegungsdatum: | 04 Aug 2016 11:51 |
| Letzte Änderung: | 16 Mai 2018 12:47 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum