Requirements for internet access in public places l.jpg
1 / 12

Requirements for Internet Access in Public Places.


83 views
Uploaded on:
Category: General / Misc
Description
Requirements for Internet Access in Public Places Anand Balachandran University of California, San Diego http://www-cse.ucsd.edu/users/abalacha Collaborators Anand Balachandran (UCSD) Allen Miu (MIT) Geoff Voelker (UCSD) Computing in Public Places Current trend in Internet access
Transcripts
Slide 1

Prerequisites for Internet Access in Public Places Anand Balachandran University of California, San Diego http://www-cse.ucsd.edu/clients/abalacha

Slide 2

Collaborators Anand Balachandran (UCSD) Allen Miu (MIT) Geoff Voelker (UCSD) 50 th IETF Meeting, Minneapolis

Slide 3

Computing in Public Places Current pattern in Internet access Ubiquitous system availability foundation Not confined to workplaces and homes Access at air terminals, shopping centers, tradition focuses Multiple entrance advancements (Ethernet, Wireless LANs, Bluetooth, DSL modems and so on.) Proliferation of lightweight versatile cell phones Use and pay model; “ shopping ” for access 50 th IETF Meeting, Minneapolis

Slide 4

Security in Public-region Networks Current Schemes MAC-level Filtering No assurance against equipment location ridiculing; does not scale WEP Key Security Keys are hard-wired and can't be changed adaptably WEP keys can be broken after some time OK for little ventures, yet does not scale well IEEE 802.1x port-based access control Access subordinate – does not bolster APs that are not IEEE agreeable (e.g. HIPERLAN, HomeRF, Bluetooth) Requires changes to existing AP equipment and programming TLS-based validation obliges client declarations 50 th IETF Meeting, Minneapolis

Slide 5

Our Vision A convention for system access ought to be: Hardware freethinker autonomous of access innovation IP-form rationalist Works with both IPv4 and IPv6 Individual-driven Allow system administrators to track who is utilizing the system and how it is being utilized Give client a decision on how they are confirmed - secure their protection Support numerous confirmation plans AAA (DIAMETER), Global authenticators, E-money frameworks (MasterCard, Visa) Support clients who don't have a “home” area Enables “free” access Payment is understood – drives occupant business for the host association 50 th IETF Meeting, Minneapolis

Slide 6

Service Models Model 1: Free access to neighborhood assets Does not oblige verification but rather needs a substantial IP location Allow access to the Intranet e.g. Shopping center entry, sprinkle screens, indoor route administration, Starbucks espresso requesting and so on. Model 2: Authenticate and pay Allow access to the Internet Allow applications like area based amigo list, unconstrained deals that depend on profiles and so on. Separated charging 50 th IETF Meeting, Minneapolis

Slide 7

Scope of Our Access Protocol User-system Interaction User consequently finds the system's presence User gets a substantial IP address (e.g. through DHCP) User checks legitimacy of the server (e.g. testaments) User gives individual accreditations to verification Server furnishes client with a “key” upon effective validation Key is time limited (e.g. access constrained to 30 minutes.) Protocol is not fixing to any single encryption plan Protocol is decoupled from directing and area redesigns for portable hosts Can utilize Mobile IP for this 50 th IETF Meeting, Minneapolis

Slide 8

Research Fallout User Registration and Authentication Protocol Multiple methods of validation conceivable (counting TLS) Handles basic parts of client system cooperation Provides common customer server verification Key administration and reestablishment Network disclosure Protocol rationalist instrument in light of show reference points Complements existing norms portability administration and steering (versatile IP) AAA-sort usefulness on the NNI Network sent and operational in a shopping center 50 th IETF Meeting, Minneapolis

Slide 9

Experiences Mall sending Operational for 7 months Provides essential Internet access and area based administrations Ongoing endeavors for grounds arrangement at UCSD Related productions A. Miu and P. Bahl, “Dynamic Host Configuration for Managing Mobility in the middle of Private and Public Networks,” In Proc. third Usenix Symposium on Internet Technologies and Systems (USITS’01), San Francisco, CA, March 2001, to show up. P. Bahl, A. Balachandran, and S. Venkatachary, “Secure Broadband Wireless Internet Access in Public Places,” In Proc. IEEE International Conference on Communications (ICC’01), Helsinki, Finland, June 2001, to show up. 50 th IETF Meeting, Minneapolis

Slide 10

Existing (Partial) Solutions for Access Mobile IP Essentially a steering convention; incorporates the errands of arrangement and directing for versatile clients in an outside area AAA Addresses communication between enrollment operators in distinctive managerial spaces (NNI) Authenticated DHCP (UC Berkeley) Similar to port-based access control at Layer-3 Netbar System at CMU and InSite at Michigan Hardware driven methodologies 50 th IETF Meeting, Minneapolis

Slide 11

Network Architecture 50 th IETF Meeting, Minneapolis

Slide 12

Discovery Protocol Detects the system's presence administration Decouple revelation from design convention Remain convention freethinker Server telecasts administration signals in the nearby system Passive way to deal with stay away from undesirable sales messages in the private system Better different option for customer surveying (spares system transmission capacity, particularly the air interface) Beaconing can be utilized for system wide load-adjusting, fizzle over, and area administrations 50 th IETF