Chapter

Infrastructure Security

Volume 2437 of the series Lecture Notes in Computer Science pp 115-128

Date:

Authentication and Authorization of Mobile Clients in Public Data Networks

  • Prakash ReddyAffiliated withHP Labs
  • , Venky KrishnanAffiliated withHP Labs
  • , Kan ZhangAffiliated withHP Labs
  • , Devaraj DasAffiliated withHP Labs

Abstract

We present a protocol that enables mobile clients to be authenticated and authorized in data networks that are deployed in public places otherwise referred to as hotspots! The three key elements of a hotspot network are the mobile client, the hotspot server and the service provider. A mobile client is any device that can be used to access the internet. The hotspot server is a node in the data network that is a bridge between wireless clients and wired broadband network. The service provider is an entity that has an existing service relationship with the client and the hotspot server. The protocol discussed in this paper shows how three parties: Client, hotspot server and the service provider come together in a mutually un-trusted environment, authenticate each other and upon authentication exchange authorization tokens that are used in subsequent service requests. The most common use of this protocol is for clients to gain internet connectivity in public places, specifically in hotspots. The hotspot server provides the equivalent of cellular network roaming functionality. The service provider allows added features to its clients.