13 - Easily and Fast Deployable WMN System for eduroam

Tomo Niizuma, Hideaki Goto (Tohoku University)

eduroam is known for a world-wide and large-scale WLAN roaming system. Deploying conventional WLAN systems such as eduroam requires wiring the cables to AP and/or switches and configuring APs and servers. However, taking much time to deploying WLAN systems should be avoided especially in cases of large events as well as natural disasters. On the other hand, Wireless Mesh Network (WMN) can decrease the cost of deploying WLAN roaming systems such as eduroam since it lowers the cost of wiring cables to APs or switches. It would help some developing countries having insufficient communication and/or electric power resources to deploy WLAN systems if we could build multi-operator WMNs that include not only WMN nodes belonging to the local institution but also the ones belonging to other institutions. This poster presents a rapidly and easily deployable WMN system working on a WLAN roaming system operated by multiple operators like in eduroam. The WMN system has 2 distinguishing features that conventional WMN systems do not have. (a) Automatic construction and optimization of RADIUS authentication paths In the conventional eduroam architecture, we must setup the pairs of pre-shared key and IP address between APs and servers to make a trust relationship while it takes much time setting up all the noeds in WMN. The WMN system we are developing is aimed at reducing the configuration labor by automatically build the paths for user and AP authentication using radsecproxy. A WMN node can make a trust relationship to the authentication server or proxy by submitting a digital certificate. (b) Local authentication method based on EAP-TLS The WMN system can authenticate users and APs by a local authentication method using digital certificates, which we developed before, based on EAP-TLS without communicating with authentication servers outside network. The feature helps us to deploy WLAN systems for example when some disruptions happen in the backhaul networks.

Download file