The growing ubiquity of Wi-Fi networks combined with the integration of low-cost Wi-Fi chipsets in all devices makes Wi-Fi as the wireless technology the most used for accessing to internet [1]. This means that the de...The growing ubiquity of Wi-Fi networks combined with the integration of low-cost Wi-Fi chipsets in all devices makes Wi-Fi as the wireless technology the most used for accessing to internet [1]. This means that the development of a Wi-Fi strategy has become an imperative for almost all operators worldwide. In this context, APs (Access Points) have to become as secure as cellular networks. Furthermore, authentication process between a mobile device and an access point has to be automated, without user constraining configuration. For reaching this purpose, client must have different credentials depending on authentication method. Our goal is to create an architecture that is both ergonomic and flexible in order to meet the need for connection and client mobility. We use NFC technology as a radio channel for starting communication with the network. The communication initiation will instantiate a virtual Wi-Fi AP and distribute all policies and access certificates for an authentication based on EAP-TLS (it could be extended to any EAP method for 802.1X standard). The end result of our new topology is to allow access to services through a virtual Wi-Fi AP with an enterprise-grade in a public hotspot.展开更多
文摘The growing ubiquity of Wi-Fi networks combined with the integration of low-cost Wi-Fi chipsets in all devices makes Wi-Fi as the wireless technology the most used for accessing to internet [1]. This means that the development of a Wi-Fi strategy has become an imperative for almost all operators worldwide. In this context, APs (Access Points) have to become as secure as cellular networks. Furthermore, authentication process between a mobile device and an access point has to be automated, without user constraining configuration. For reaching this purpose, client must have different credentials depending on authentication method. Our goal is to create an architecture that is both ergonomic and flexible in order to meet the need for connection and client mobility. We use NFC technology as a radio channel for starting communication with the network. The communication initiation will instantiate a virtual Wi-Fi AP and distribute all policies and access certificates for an authentication based on EAP-TLS (it could be extended to any EAP method for 802.1X standard). The end result of our new topology is to allow access to services through a virtual Wi-Fi AP with an enterprise-grade in a public hotspot.