Credential Provisioning and Device Configuration with EAP

Sebastien Boire, Tolgahan Akgün, Philip Ginzboorg, Pekka Laitinen, Sandeep Tamrakar, Tuomas Aura

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

1 Citation (Scopus)
118 Downloads (Pure)


The Extensible Authentication Protocol (EAP) is used for authenticating client devices to WiFi networks, and it is designed to be extensible with new authentication methods. We look at ways to extend the protocol to support credential provisioning and configuration of new client devices. As large numbers of IoT devices are deployed, the task will be simplified by combining the network connectivity, identity and certificate provisioning, and application-layer connectivity to one process. The solution will also allow the use of a one-time credential for the initial authentication, so that the long-term device certificate is issued automatically after the first connection to the network. The paper analyzes the requirements and architectural design options that implement such a user experience. We consider solutions that transfer short bootstrapping data inside the EAP session and then implement the provisioning and configuration with web APIs over HTTPS. This allows future flexibility and speed of development in the provisioning and configuration steps. We designed and implemented several architecturally different solutions and present the comparison results and also compare with previous proposals that have similar goals.
Original languageEnglish
Title of host publicationMobiWac '21: Proceedings of the 19th ACM International Symposium on Mobility Management and Wireless Access
Place of PublicationNew York, NY, USA
Number of pages10
ISBN (Electronic)9781450390798
Publication statusPublished - 22 Nov 2021
MoE publication typeA4 Conference publication
EventACM International Symposium on Mobility Management and Wireless Access - Alicante, Spain
Duration: 22 Nov 202126 Nov 2021
Conference number: 19


ConferenceACM International Symposium on Mobility Management and Wireless Access
Abbreviated titleMobiWac


  • wireless network
  • configuration
  • EAP
  • device management
  • security
  • certificate provisioning


Dive into the research topics of 'Credential Provisioning and Device Configuration with EAP'. Together they form a unique fingerprint.

Cite this