Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets

This document presents the problem of authentication and authorization in wireless mesh networks constituted by several users communicating with application servers and communicating with each other in a single or multi-hop fashion. Each user in this environment can also play the role of an application provider. Imagine a large music event where the provided network infrastructure is enhanced with network storage equipment to allow visitors to access content relating to the bands playing at the events, such as recorded video of previous performances, supplementary audio and video material relevant to the bands playing, etc. Certain content is, however, not necessarily available to everyone under the same conditions. Instead access control is applied before the full range of audio, and video material can be accessed. Other content, such as previews, might be offered for free. How can such authentication, and authorization infrastructure be made available with minimal configuration complexity for a temporary event like a music festival? This document lists the requirements for a potentially needed Kerberos extension and presents a solution proposal based on the attempt to use a Kerberos extension for mutual authentication in wireless mesh networks.