Wireless Campus project

1
TNC 2003 Wireless Campus project
Elisa.Marchioro_at_csp.it Davide.Ferri_at_csp.it
2
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

3
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

4

CSP in brief
Information-and-Communication-Technology Research
Centre non-profit consortium recognized by the
Italian Ministry of Education, University and
Scientific Research
5

CSP in brief

• CSP runs research and professional consultancy
  through permanent laboratories with the Turin
  Polytechnic and University of Turin
• INLab (Integrated Networks Laboratory)360 view
  on ICT solutions Multimedia protocols (H323,
  SIP, streaming), networking (IPv6, BGP), and
  wireless technology as points of strength
• SecureLab studies on ICT security aspects
  application, network, system, and mobile security
  
• WTLab (Web Technology Laboratory)studies on
  development and access to telematic applications
  (standards, tools, new technologies)

6

CSP in brief

• Technology focus
• IP-Based Technology Networks
• IPv6
• Gigabit Networking
• IP Telephony (H.323, SIP)
• Wireless LAN
• Satellite (DVB, DVB-RCS, MHP)
• Digital security
• Opensource

7
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

8

Wireless Campus

• Objectives
• Conjugate CSP RD activities on WLANs with
  dissemination of competency
• Promote the adoption of the wireless technologies
  among local communities and enterprises (SMEs, PA)

9

Wireless Campus

• The mean idea is realizing a WLAN network as
• Real test-bed for research activities on WLAN
  technologies
• Experimental field for end-user services to
  prototype after RD results
• Key issues
• State-of-the-art technology
• Multiple service scenarios

10

Location

• The Wireless Campus project has been supported by
  Environment Park Turin technology park that
  combine technological innovation and
  eco-efficiency, hosting several companies and
  Research Institutes operating both in the
  Environmental Protection field and the ICT field

11

Location

• The park provides a ideal location for the
  project for
• Many SMEs and LABs are hosted
• Offers wide band connection to ISPs
• Provides private and public areas (conference
  centre) in a mixed environment
• Promotes projects that could fit well for
  integration with wireless technologies (e.g.
  domotic LAB)

12

The network

• Technology is 802.11b (and Wi-Fi) compliant
• Architecture includes
• Access points centralized management server for
  network infrastructure
• Security servers
• Add-on services devices (e.g. e-mail, multimedia,
  ecc.)
• Two phases for network deployment
• Phase 1 First network core of 16 access points,
  management server, security servers and base
  services activation
• Phase 2Advanced service activation and coverage
  extension planning according to Phase1 results

13

RF coverage
Phase 1 network deployment
14

Site survey

• EM measurements
• Identify EM permeability of building materials
  and structures at 2.4 GHz useful for future
  deployments on building project phase
• Simulation of EM field propagation indoor and
  outdoor based on previous measured values
• Verification with possible RF interference
  sources (e.g. Bluetooth transmitters, other APs,
  ecc.)

15

The network

• Phase 1
• All access point on the same LAN
• Static IP addresses
• Service provided for internal users only
• Equipment (laptop, PDA)

• Phase 2
• Access point on different LANs
• DHCP server to provide terminals public IP
  addresses
• Service provided to visitors
• Rentable client equipment

16

Network architecture
WLAN management
Security
Servicecentre
Shared services
CSP
Enviroment Park
SMEs
LABs
External networks(other hot-spots)
Telconetwork
Wireless Campus extensions
17

Services

• Basic (active)
• E-mail
• Web navigation redirection to specific web
  pages to promote initiatives and locate offices
  in the park
• Intranet access
• Advanced (to provide later)
• Video-surveillance from wireless webcams
• Instant messaging
• Presence services
• Streaming (radio, video)

18

Issues

• A single network infrastructure providing
• Dedicated network access for some entities
• Shared environment in common places
• Services
• Targeted to different types of terminals (PDA,
  laptop, PC)
• Tailored on the user privileges (web access,
  intranet resources availability)

19

Challenges

• Main points
• User mobility
• Security
• QoS
• Interoperability

20
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

21

Mobility

• From network perspective
• Phase 1mobility among AP on the same WLAN ?
  seamless handover
• Phase 2mobility among different WLAN ?
  planning to deploy Mobile IPv4 on some areas ?
  LAB activity on Mobile IPv6
• From service perspective
• Studies about user localization on WLAN
• Location Based Services

22

WLAN GPRS

• Plan to connect Wireless Campus hot-spot with
  GPRS Cellular operator network
• Testing of WLAN-GPRS roaming features
• At present
• 802.11b client cards provided with SIM slot for
  GPRS connectivity
• Users can connect through WLAN under Wireless
  Campus hot-spot coverage and through GPRS when
  away

23

User localization

• CSP and Politecnico of Turin (Telecommunication
  Group) are investigating on WLAN mobile user
  localization techniques
• Currently indoor coverage of WLAN can provide
  information about user location on AP Cell-id
  each access point is associated with a section of
  the building
• Poor accuracy
• Localization can improve if the user is heard by
  a set of beacons, then triangulation techniques
  can be used
• Hybrid solutions can be found combining different
  pieces information available for the
  communication interface

24
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

25

Security what we need

• Security Goals
• Enhanced user authentication mechanisms
• Class-based service differentiated access for
  WLAN users
• Security Mobility

26

Radio medium weaknesses

• The Radio Medium is difficult to confine and
  control
• WLANs are exposed to different security threats
• Sniffing Interception and Eavesdropping
• Spoofing and Unauthorized Access
• Denial of Service and Flooding Attacks
• Network Hijacking and Modification

27

WEP is not sufficient
Wired Equivalent Privacy (WEP) is in charge of
ciphering data and identifying users for
accounting but
it is not sufficient to guarantee a good
security level for the WLAN infrastructure, in
fact there are many security analysis that show
WEPs weaknesses and several tools realized to
break it
28

So lets use 802.1x
802.1x standard is intended to provide strong
and mutual authentication between users and
WLAN elements, but also access control and key
management
For these reasons we adopt this standard in
conjunction with the Extensible Authentication
Protocol (EAP) to implement the security model of
Wireless Campus and permit a wide variety of
authentication mechanism
29

802.1x scheme
enterprise edge
semi-public network
enterprise network
EAP over wireless
EAP over RADIUS
Supplicant
Authentication Server
Authenticator
Operates on client
EAP plug-in goes in RADIUS server
Operates on devices at network edge, like APs and
switches
Open port Authentication traffic
Controlled portData traffic
30

Cellular operator side

• The parks WLAN has to be connected to a cellular
  operator GPRS network
• The two access technologies (802.11b and GPRS)
  can integrate each other in a complementary way
  but they need two different schemes for user
  authentication
• Therefore we will trial SIM based authentication
  mechanism to let users move between public
  operator hot-spots and roam as he/she was in
  his/her home WLAN network

31

Authentication
Authentication management
RADIUS proxy
Local Authentication
RADIUSEnvironment Park
RADIUSCSP
SMEs
LABs
Remote Authentication (SIM)
Telconetwork
32
Content

• CSP profile
• Wireless Campus network
• User mobility
• Security
• Further activities

33

Integration of the Open Source World

• Open source
• Tools to try and test new features as soon as
  they are released through draft and proposals
• Customize or deploy other enhancements
• Integration of open source with commercial
  systems as part of interoperability studies
• Tools
• Access point
• Authentication server
• Authentication client

34

RD activity future enhancements

• Ad hoc networking
• Diffserv on 802.11b
• IPv6 and WLAN mobility (CSP is an IPv6 TLA)
• Streaming
• LBS
• VoIP over WLAN
• Performance measurements

35

Finally
Thanks!

• Thanks!

36
Information

Center of Excellence for Research, Development
and Experimentation of Advanced Computer
Science and Information Technologies Via
Livorno 60 - 10144 Torino Italy Building
A1lab ? 39 011- 481 5111 ? 39 011- 481 5001 ?
Email info_at_csp.it
www.inlab.csp.it www.csp.it