Secure Authentication System for Public WLAN Roaming

Ana Sanz Merino, Yasuhiko Matsunaga, Manish Shah, Takashi Suzuki, Randy H. Katz
2005 Journal on spesial topics in mobile networks and applications  
A serious impediment for seamless roaming between independent wireless LANs (WLANs) is how best to confederate the various WLAN service providers, each having different trust relationships with individuals and each supporting their own authentication schemes which may vary from one provider to the next. We have designed and implemented a comprehensive single sign-on (SSO) authentication architecture that confederates WLAN service providers through trusted identity providers. Users select the
more » ... ropriate SSO authentication scheme from the authentication capabilities announced by the WLAN service provider, and can block the exposure of their privacy information while roaming. In addition, we have developed a compound layer 2 and Web authentication scheme that ensures cryptographically protected access while preserving pre-existing public WLAN payment models. Our experimental results, obtained from our prototype system, show the total authentication delay are well within 2 seconds. This is dominated primarily by our use of industry-standard XML-based protocols, yet are still small enough for practical use.
doi:10.1007/s11036-005-6428-y fatcat:7cmrartqong5zd7x4xumubea3q