Novel WLAN hotspot authentication

McCann, S.; Hancock, Robert E. W.; Hepworth, Eleanor

doi:10.1049/cp:20040635

Cited by 1 publication

(2 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another widely used form of authentication in WLANs, recommended by Wi-Fi alliance as a best practice solution [6], is web-based such that the mobile user provides own credentials as input to the browser form. This technique when based on the username / password is also known as the Universal Access Method (UAM), see also [7,8,41] for some variations. These credentials are usually forwarded to the authentication server (e.g., RADIUS).…”

Section: Wireless Roaming In Ip Networkmentioning

confidence: 99%

See 1 more Smart Citation

Authenticated wireless roaming via tunnels

Manulis

Leroy

Koeune

et al. 2009

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

View full text Add to dashboard Cite

Abstract. In wireless roaming a mobile device obtains a service from some foreign network while being registered for the similar service at its own home network. However, recent proposals try to keep the service provider role behind the home network and let the foreign network create a tunnel connection through which all service requests of the mobile device are sent to and answered directly by the home network. Such Wireless Roaming via Tunnels (WRT) offers several (security) benefits but states also new security challenges on authentication and key establishment, as the goal is not only to protect the end-to-end communication between the tunnel peers but also the tunnel itself. In this paper we formally specify mutual authentication and key establishment goals for WRT and propose an efficient and provably secure protocol that can be used to secure such roaming session. Additionally, we describe some modular protocol extensions to address resistance against DoS attacks, anonymity of the mobile device and unlinkability of its roaming sessions, as well as the accounting claims of the foreign network in commercial scenarios.

show abstract

Section: Wireless Roaming In Ip Networkmentioning

confidence: 99%

“…As noticed in [43] such web-based solutions become vulnerable to the access point impersonation, address spoofing, and dictionary attacks. Some improvements to UAM supporting further types of credentials reducing the required user interaction to opening a web-browser have been described by McCann et al [41].…”

Section: Wireless Roaming In Ip Networkmentioning

confidence: 99%