Abstrakti
The Extensible Authentication Protocol (EAP) is used for authenticating client devices to WiFi networks, and it is designed to be extensible with new authentication methods. We look at ways to extend the protocol to support credential provisioning and configuration of new client devices. As large numbers of IoT devices are deployed, the task will be simplified by combining the network connectivity, identity and certificate provisioning, and application-layer connectivity to one process. The solution will also allow the use of a one-time credential for the initial authentication, so that the long-term device certificate is issued automatically after the first connection to the network. The paper analyzes the requirements and architectural design options that implement such a user experience. We consider solutions that transfer short bootstrapping data inside the EAP session and then implement the provisioning and configuration with web APIs over HTTPS. This allows future flexibility and speed of development in the provisioning and configuration steps. We designed and implemented several architecturally different solutions and present the comparison results and also compare with previous proposals that have similar goals.
Alkuperäiskieli | Englanti |
---|---|
Otsikko | MobiWac '21: Proceedings of the 19th ACM International Symposium on Mobility Management and Wireless Access |
Julkaisupaikka | New York, NY, USA |
Kustantaja | ACM |
Sivut | 87–96 |
Sivumäärä | 10 |
ISBN (elektroninen) | 9781450390798 |
DOI - pysyväislinkit | |
Tila | Julkaistu - 22 marrask. 2021 |
OKM-julkaisutyyppi | A4 Artikkeli konferenssijulkaisussa |
Tapahtuma | ACM International Symposium on Mobility Management and Wireless Access - Alicante, Espanja Kesto: 22 marrask. 2021 → 26 marrask. 2021 Konferenssinumero: 19 |
Conference
Conference | ACM International Symposium on Mobility Management and Wireless Access |
---|---|
Lyhennettä | MobiWac |
Maa/Alue | Espanja |
Kaupunki | Alicante |
Ajanjakso | 22/11/2021 → 26/11/2021 |