The CHOICE Network: Broadband Wireless Internet Access In Public Places

We have built a network, called the CHOICE network, which globally authenticates users and then securely connects them to the Internet via a high-speed local area wireless network. Our network provides easy-to-use, individual-centric, service-oriented wireless Internet access in places other than the traditional corporate offices and homes. Our architecture is hardware and protocol agnostic and is built on an easily deployable software module called the Protocol for Authorization and Negotiation of Services or PANS. PANS provides authorization, access, privacy, security, policy enforcement, quality of service (QoS) and accounting. In this paper, we describe PANS in detail. We discuss our design decisions, system operation, implementation and performance. We evaluate PANS and show that it is scalable and secure. Our network has been deployed and is operational at a local mall in Bellevue, Washington.

[1]  Ralph Howard,et al.  Data encryption standard , 1987 .

[2]  Robert H. Stine FYI on a Network Management Tool Catalog: Tools for Monitoring and Debugging TCP/IP Internets and Interconnected Devices , 1990, RFC.

[3]  Chris Mitchell,et al.  Security defects in CCITT recommendation X.509: the directory authentication framework , 1990, CCRV.

[4]  Ralph E. Droms,et al.  Dynamic Host Configuration Protocol , 1993, RFC.

[5]  Perry Metzger,et al.  Encapsulating Security Payload (ESP) , 1995 .

[6]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[7]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[8]  Jon Crowcroft,et al.  Ticket based service access for the mobile user , 1997, MobiCom '97.

[9]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 1997, RFC.

[10]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[11]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[12]  Peter Viscarola,et al.  Windows NT Device Driver Development , 1998 .

[13]  Glen Zorn,et al.  Point-to-Point Tunneling Protocol (PPTP) , 1999, RFC.

[14]  Masahiro Morikura,et al.  New high-rate wireless LAN standards , 1999, IEEE Commun. Mag..

[15]  Guido Appenzeller,et al.  User-friendly access control for public network ports , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[16]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[17]  Keith Morneau,et al.  Active Server Pages , 2000 .

[18]  J. Lansford,et al.  The design and implementation of HomeRF: a radio frequency wireless networking standard for the connected home , 2000, Proceedings of the IEEE.

[19]  Wolfgang Bauer Implementing elliptic curve cryptography , 2002, Communications and Multimedia Security.