2024 Volume 32 Pages 407-416
A network roaming system allows users to join the wireless or wired networks at various places where they visit. Authentication is a necessary process in the roaming system not only to restrict non-eligible users from network use but also to protect users from malicious activities by attackers. Since the authentication process is provided by remote servers in the current roaming systems, some use cases such as Public Wi-Fi in disaster-affected areas and In-Flight Wi-Fi on passenger aircrafts suffer from service interruption due to network disruptions. We developed earlier a disruption-tolerant system for Public Wi-Fi in order to realize secure user authentication and to maintain local network use in temporarily isolated areas affected by natural disasters. Following its underlying idea and architecture, we have developed two practical schemes of local authentication for large-scale Wi-Fi roaming systems, and designed a framework for In-Flight Wi-Fi. One is certificate-based local authentication using digital certificates. The other utilizes HMAC (Hash-based Message Authentication Code) and benefits from the simplicity of conventional ID/password-based authentication methods. The functionalities are tested using Proof-of-Concept systems.
