Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

SecuSpot: Toward cloud-assisted secure multi-tenant WiFi hotspot infrastructures

: Schulz-Zander, J.; Lisicki, R.; Schmid, S.; Feldmann, A.


Association for Computing Machinery -ACM-; Association for Computing Machinery -ACM-, Special Interest Group on Data Communication -SIGCOMM-:
CAN 2016, ACM Workshop on Cloud-Assisted Networking : Irvine, California, USA, December 12, 2016, co-located with CoNEXT 2016
New York: ACM, 2016
ISBN: 978-1-4503-4673-3
Workshop on Cloud-Assisted Networking (CAN) <2016, Irvine/Calif.>
International Conference on Emerging Networking EXperiments and Technologies (CoNEXT) <12, 2016, Irvine/Calif.>
Fraunhofer HHI ()

Despite the increasing popularity ofWiFi networks and the trend toward automated offloading of cellular traffic to WiFi (e.g., HotSpot 2.0), today's WiFi networks still provide a very poor actual coverage: a WiFi equipped device can typically connect to the Internet only through a very small fraction of the "available" access points. Accordingly, there is an enormous potential for multi-tenant WiFi hotspot architectures, which however also introduce more stringent requirements in terms of scalability and security. The latter is particularly critical, as HotSpots are often deployed in untrusted environments, e.g., physically accessible Access Points deployed in the user's premises (e.g., FON) or cafes. This paper proposes a Cloud-assisted multi-tenant and secure WiFi HotSpot infrastructure, called SecuSpot. SecuSpot is based on a modular access point and features interesting deployment flexibilities. These flexibilities can be exploited, e.g., to move security critical f unctions to the Cloud, and hence prevent eavesdropping even when deployed across untrusted Access Points. At the heart of SecuSpot lies a novel programmable wireless switch, the wSwitch. The wSwitch allows to (de-)multiplex the different tenants already on the HotSpot and to decouple essential security functions (association, authentication, and cryptography).