Security and Privacy in WLAN Roaming
Currently, roaming in Wi-Fi networks is cumbersome, or outright impossible. While there are WLAN networks in many locations, these are either not accessible without manual configuration effort, or insecure, or the user has to create a new account for each location.
A proper roaming protocol would help to solve these problems. We have developed a novel protocol suite for roaming in WLAN that supports tariff negotiation, authentication, key agreement, and secure payment between roaming devices and network operators. Our solution also prevents disclosure of private user data, such as his name and billing information to the operator of the access point.
The solution aims to make free and paid networks easy to use. For paid networks, a broad range of rates can offered, with a recommendation algorithm in our client software supporting less experienced users.
An Extension to Hops will increase the range of the access points by using clients as relay stations. Clients offering these services will receive payment by the clients using them. The security goals remain, and most of the privacy goals. Only tracking of a client offering services becomes possible, so that other clients can avoid using certain clients, e.g., when providing inferior service.
Benefits for users:
- ease of use: discovery, selection, connection setup in a single application
- payment integrated, only one account required at home network
- privacy protection against tracking, disclosure of personal data and billing information
- full transparency of rates and spent money
Benefits for operators:
- additional clients from other operators for hotspot operators
- rates can be adjusted at any time for all new connections
- network operator does not need to handle private data or credit card transactions
- data offloading for mobile phone operators
Subprojects, help from students and first publication as indicated:
- Basic Protocol description (high level) - completed (paper at LCN 2011)
- Basic Protocol description (technical details) - completed (Bachelor thesis by Andreas Straub)
- Recommendation algorithm - completed (PhD thesis Johannes Barnickel)
- Hop Extension Protocol description (high level) - completed (paper at MOBILITY 2012)
- Hop Extension Protocol description (technical details) - completed (PhD thesis Johannes Barnickel)
- Linux Server - completed (Bachelor thesis by Andreas Straub)
- Linux Client - completed (Bachelor thesis by Andreas Straub)
- Desktop GUI - completed (Student assistants David Sosnitza and Florian Kerber)
- Windows Client - completed (Student assistant Florian Kerber)
- Android GUI - completed (Bachelor thesis David Sosnitza)
- Android Client - future work
- J. Barnickel, U. Meyer, A Privacy Preserving Range Extension for Commercial WLANs with User Incentives, The Second International Conference on Mobile Services, Resources, and Users (MOBILITY 2012), Venice, Italy, October 2012.
- J. Barnickel, U. Meyer: Security and Privacy for WLAN Roaming with per-connection Tariff Negotiation, IEEE Conference on Local Computer Networks, Bonn, October 2011.
Please direct questions to: Johannes Barnickel