Bay Area Unified Wi-Fi Roaming Security and Ease of Use: Difference between revisions
m (1 revision imported) |
No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{ActionCluster | {{ActionCluster | ||
|image=SanMateoWiFi.jpg | |||
| | |team=Ruckus Wireless, SmartWAVE Technologies | ||
| team | |leader=Anton Batalla, Jon Walton, Benny Lee, Steve Wimsatt | ||
|imagecaption=San Mateo WiFi | |||
| leader | |municipalities=San Mateo CA, San Leandro CA | ||
|status=Concept only Stage | |||
|description=As more and more cities deploy public Wi-Fi service, security and ease of use are becoming critical. In addition, the service becomes fragmented and constrained by geopolitical boundaries. This action cluster will deploy and evaluate the impact of new Wi-Fi authentication and access management solutions that deliver not only the highest possible end-user security, but will allow participating municipalities to create a unified regional system that users can automatically connect to when in range, regardless of what city/county they are in. | |||
|challenges=In a recent GCTC survey, 90%+ of cities who have deployed public Wi-Fi responded that they currently offer no security. This leads to Wi-Fi connections that can be ‘hacked’ via relatively simple attacks such as man in the middle. It also means that each time a user connects, they need to select the SSID and navigate through a captive portal and once a user leaves one city, they need to connect to another’s cities system all over again. | |||
| imagecaption | |solutions=Standards based PKI certificate solutions can deliver a much better, seamless user experience while also implementing the gold standard in wireless security. The initial test will use Ruckus Cloudpath, an easy to use authentication solution, and subsequent tests will utilize HotSpot 2.0 based solutions. Participating cities/counties will deploy a unified solution that users will be able to automatically connect to whenever in range. | ||
| municipalities | |requirements=* Define an authentication architecture that will work across many different independently managed Wi-Fi networks | ||
| status | |||
| description | |||
As more and more cities deploy public Wi-Fi service, security and ease of use are becoming critical. In addition, the service becomes fragmented and constrained by geopolitical boundaries. This action cluster will deploy and evaluate the impact of new Wi-Fi authentication and access management solutions that deliver not only the highest possible end-user security, but will allow participating municipalities to create a unified regional system that users can automatically connect to when in range, regardless of what city/county they are in. | |||
| challenges | |||
In a recent GCTC survey, 90%+ of cities who have deployed public Wi-Fi responded that they currently offer no security. This leads to Wi-Fi connections that can be ‘hacked’ via relatively simple attacks such as man in the middle. It also means that each time a user connects, they need to select the SSID and navigate through a captive portal and once a user leaves one city, they need to connect to another’s cities system all over again. | |||
| solutions | |||
Standards based PKI certificate solutions can deliver a much better, seamless user experience while also implementing the gold standard in wireless security. The initial test will use Ruckus Cloudpath, an easy to use authentication solution, and subsequent tests will utilize HotSpot 2.0 based solutions. Participating cities/counties will deploy a unified solution that users will be able to automatically connect to whenever in range. | |||
| requirements | |||
* Define an authentication architecture that will work across many different independently managed Wi-Fi networks | |||
* Deploy in 2-3 initial participating cities/counties | * Deploy in 2-3 initial participating cities/counties | ||
* Define guidelines for any new participants and allow open signup | * Define guidelines for any new participants and allow open signup | ||
* Collect network usage metrics before and during the pilot | * Collect network usage metrics before and during the pilot | ||
|kpi=* Measurable increase in usage: number of sessions, session length… | |||
| kpi | |||
* Measurable increase in usage: number of sessions, session length… | |||
* Number of connections from the same device on multiple networks using unified authentication scheme | * Number of connections from the same device on multiple networks using unified authentication scheme | ||
* Satisfaction survey from users of network | * Satisfaction survey from users of network | ||
* Gigabytes transmitted on unified network | * Gigabytes transmitted on unified network | ||
|measurement=TBD | |||
| measurement | |standards=* The solution is based on IEEE x.509 PKI certificates which can enable full end to end encryption of all traffic for both known and guest users. | ||
| standards | |||
* The solution is based on IEEE x.509 PKI certificates which can enable full end to end encryption of all traffic for both known and guest users. | |||
* It helps eliminate a potential major concern about using or investing in public Wi-Fi services | * It helps eliminate a potential major concern about using or investing in public Wi-Fi services | ||
* It reduces or avoids potential IT support costs if end users have trouble connecting or forget a username/password | * It reduces or avoids potential IT support costs if end users have trouble connecting or forget a username/password | ||
* It positions the public Wi-Fi infrastructure as a secure communications platform for multiple new services. | * It positions the public Wi-Fi infrastructure as a secure communications platform for multiple new services. | ||
* It helps cities partner together to offer a meaningful, regional solution that can be easily scaled by other cities/counties participating | * It helps cities partner together to offer a meaningful, regional solution that can be easily scaled by other cities/counties participating | ||
|cybersecurity=TBD | |||
| cybersecurity | |impacts=* Improved connectivity for visitors/guests can bring tourism and economic development benefits | ||
| impacts | |||
* Improved connectivity for visitors/guests can bring tourism and economic development benefits | |||
* Extending secure Wi-Fi to under- and un-served neighborhoods can be critical to support online education needs as well as activities such as job hunting | * Extending secure Wi-Fi to under- and un-served neighborhoods can be critical to support online education needs as well as activities such as job hunting | ||
* Public Wi-Fi is often deployed to enhance a city/town’s image and attract/retain residents and businesses | * Public Wi-Fi is often deployed to enhance a city/town’s image and attract/retain residents and businesses | ||
* Cities will benefit from partnering together to offer regional service | * Cities will benefit from partnering together to offer regional service | ||
|demonstration=Initial cites should be deployed and have baseline metrics in place | |||
| demonstration | |chapter=Communications Networks | ||
Initial cites should be deployed and have baseline metrics in place | |supercluster=Wireless | ||
|year=2017 | |||
| supercluster | |title=Public Wi-Fi Roaming, Security and Ease of Use (Bay Area Unified Wi-Fi – Regional Public Wi-Fi System) | ||
| year | |||
}} | }} |
Latest revision as of 21:16, January 24, 2023
Bay Area Unified Wi-Fi Roaming Security and Ease of Use | |
---|---|
San Mateo WiFi | |
Team Organizations | Ruckus Wireless SmartWAVE Technologies |
Team Leaders | Anton Batalla Jon Walton Benny Lee Steve Wimsatt |
Participating Municipalities | San Mateo CA San Leandro CA |
Status | Concept only Stage |
Document | None |
Description
As more and more cities deploy public Wi-Fi service, security and ease of use are becoming critical. In addition, the service becomes fragmented and constrained by geopolitical boundaries. This action cluster will deploy and evaluate the impact of new Wi-Fi authentication and access management solutions that deliver not only the highest possible end-user security, but will allow participating municipalities to create a unified regional system that users can automatically connect to when in range, regardless of what city/county they are in.
Challenges
In a recent GCTC survey, 90%+ of cities who have deployed public Wi-Fi responded that they currently offer no security. This leads to Wi-Fi connections that can be ‘hacked’ via relatively simple attacks such as man in the middle. It also means that each time a user connects, they need to select the SSID and navigate through a captive portal and once a user leaves one city, they need to connect to another’s cities system all over again.
Solutions
Standards based PKI certificate solutions can deliver a much better, seamless user experience while also implementing the gold standard in wireless security. The initial test will use Ruckus Cloudpath, an easy to use authentication solution, and subsequent tests will utilize HotSpot 2.0 based solutions. Participating cities/counties will deploy a unified solution that users will be able to automatically connect to whenever in range.
Major Requirements
- Define an authentication architecture that will work across many different independently managed Wi-Fi networks
- Deploy in 2-3 initial participating cities/counties
- Define guidelines for any new participants and allow open signup
- Collect network usage metrics before and during the pilot
Performance Targets
Key Performance Indicators (KPIs) | Measurement Methods |
---|---|
|
TBD |
Standards, Replicability, Scalability, and Sustainability
- The solution is based on IEEE x.509 PKI certificates which can enable full end to end encryption of all traffic for both known and guest users.
- It helps eliminate a potential major concern about using or investing in public Wi-Fi services
- It reduces or avoids potential IT support costs if end users have trouble connecting or forget a username/password
- It positions the public Wi-Fi infrastructure as a secure communications platform for multiple new services.
- It helps cities partner together to offer a meaningful, regional solution that can be easily scaled by other cities/counties participating
Cybersecurity and Privacy
TBD
Impacts
- Improved connectivity for visitors/guests can bring tourism and economic development benefits
- Extending secure Wi-Fi to under- and un-served neighborhoods can be critical to support online education needs as well as activities such as job hunting
- Public Wi-Fi is often deployed to enhance a city/town’s image and attract/retain residents and businesses
- Cities will benefit from partnering together to offer regional service
Demonstration/Deployment
Initial cites should be deployed and have baseline metrics in place