Announcements |   placeholder

18 - Secure Federated Wi-Fi System toward Hotspot 2.0 / NGH

Hideaki GOTO

Most of the current Free Wi-Fi systems in the world are based on the open wireless network combined with captive portal mechanism, and they are inherently unsecure with respect to eavesdropping, session hijacking, contents replacement, malicious code insertion, and even active attacks by rogue access points (APs). As more and more people become aware of the security threats, the interest to the 802.1x and its extension Hotspot 2.0 is growing. This poster presents the development status of our Secure Federated Wi-Fi System in Japan. The system is intended to provide secured Free Wi-Fi services to everyone. As we expect to connect many operators and roaming consortia, including eduroam, we have designed an inter-roaming hub system, which inter-connects various Identity Providers (IdPs) and Service Providers (SPs). The main idea is very simple – we put every entity in one unified RADIUS network and provide the wireless roaming service using a limited number of shared SSIDs. Such a federation system is needed even on the Hotspot 2.0 as well as on the forthcoming Next Generation Hotspot (NGH). In order to be familiar with Hotspot 2.0 and be ready for its adoption, we have built a testbed system. Operators who are interested in Hotspot 2.0 (Passpoint) / NGH are able to join the developer group, and test-drive the roaming system. We have already connected eduroam and anyroam as IdPs, and plan to connect some commercial ISPs/operators in the world. If an operator wants to deploy conference Wi-Fi temporarily, it can be done by just connecting the RADIUS proxy to our hub. If a shopping mall Wi-Fi is planned, we encourage the operator to join our network and to accept people from various roaming consortia. The operators do not need to add many SSIDs, and it will contribute to easier deployment and better wireless performance. If Hotspot 2.0 is available, the operators may turn it on.

Download file