Bay Area Unified Wi-Fi Roaming Security and Ease of Use

From OpenCommons
Jump to navigation Jump to search


Bay Area Unified Wi-Fi Roaming Security and Ease of Use
GCTC logo 344x80.png
SanMateoWiFi.jpg
San Mateo WiFi
Team Organizations Ruckus Wireless
SmartWAVE Technologies
Team Leaders Anton Batalla
Jon Walton
Benny Lee
Steve Wimsatt
Participating Municipalities San Mateo CA
San Leandro CA
Status Concept only Stage
Document None

Description

As more and more cities deploy public Wi-Fi service, security and ease of use are becoming critical. In addition, the service becomes fragmented and constrained by geopolitical boundaries. This action cluster will deploy and evaluate the impact of new Wi-Fi authentication and access management solutions that deliver not only the highest possible end-user security, but will allow participating municipalities to create a unified regional system that users can automatically connect to when in range, regardless of what city/county they are in.

Challenges

In a recent GCTC survey, 90%+ of cities who have deployed public Wi-Fi responded that they currently offer no security. This leads to Wi-Fi connections that can be ‘hacked’ via relatively simple attacks such as man in the middle. It also means that each time a user connects, they need to select the SSID and navigate through a captive portal and once a user leaves one city, they need to connect to another’s cities system all over again.

Solutions

Standards based PKI certificate solutions can deliver a much better, seamless user experience while also implementing the gold standard in wireless security. The initial test will use Ruckus Cloudpath, an easy to use authentication solution, and subsequent tests will utilize HotSpot 2.0 based solutions. Participating cities/counties will deploy a unified solution that users will be able to automatically connect to whenever in range.

Major Requirements

  • Define an authentication architecture that will work across many different independently managed Wi-Fi networks
  • Deploy in 2-3 initial participating cities/counties
  • Define guidelines for any new participants and allow open signup
  • Collect network usage metrics before and during the pilot

Performance Targets

Key Performance Indicators (KPIs) Measurement Methods
  • Measurable increase in usage: number of sessions, session length…
  • Number of connections from the same device on multiple networks using unified authentication scheme
  • Satisfaction survey from users of network
  • Gigabytes transmitted on unified network

TBD

Standards, Replicability, Scalability, and Sustainability

  • The solution is based on IEEE x.509 PKI certificates which can enable full end to end encryption of all traffic for both known and guest users.
  • It helps eliminate a potential major concern about using or investing in public Wi-Fi services
  • It reduces or avoids potential IT support costs if end users have trouble connecting or forget a username/password
  • It positions the public Wi-Fi infrastructure as a secure communications platform for multiple new services.
  • It helps cities partner together to offer a meaningful, regional solution that can be easily scaled by other cities/counties participating

Cybersecurity and Privacy

TBD

Impacts

  • Improved connectivity for visitors/guests can bring tourism and economic development benefits
  • Extending secure Wi-Fi to under- and un-served neighborhoods can be critical to support online education needs as well as activities such as job hunting
  • Public Wi-Fi is often deployed to enhance a city/town’s image and attract/retain residents and businesses
  • Cities will benefit from partnering together to offer regional service

Demonstration/Deployment

Initial cites should be deployed and have baseline metrics in place