UNIBE.6 |
A4-Mesh |
Long Title: | Authentication, Authorization, Accounting, and Auditing in Wireless Mesh Networks |
Leading Organization: |
Universität Bern |
Participating Organizations: |
Université de Neuchâtel
SWITCH - Teleinformatikdienste für Lehre und Forschung |
Domain: | AAA |
Status: | finished |
Start Date: | 04.01.2011 |
End Date: | 30.10.2012 |
Project Leader: | T. Braun |
Deputy Project Leader: | A. Jamakovic-Kapic |
Website: | https://A4-mesh.unibe.ch/ |
(see also project exension eA4-Mesh)
Component | Description |
Project website | Project description and documentation |
Document storage (internal) | Documents related to the project (internal) |
Software and documentation (internal) | Software packages related to the authorization and authentication mechanisms. Software that related to the integration of the ADAM Linux branches of UNIBE and UNINE Software packages including hostapd, iw, and brctl along with the respective configuration files. Documentation and installation manual for short term and long-term accounting (incl. charging), and monitoring mechanisms based on Netflow. Software packages for ALIX nodes including the compilation script and configuration for softflowd. |
Indoor testbeds | Deployment of two indoor test beds at UNIBEand UNINE |
Wireless mesh network pilot | Design and hardware implementation of a fully functional outdoor mesh-node, and the deployment of pilot wireless mesh network for supporting environmental research requirements in the Crans- Montana-Sierre region. |
Extension pilot network | Pilot network for extending campus network connectivity at UNIBE IT |
Authentication | Design and implementation of machine and end-user authentication and authorization mechanisms based on SWITCHaai. Solution has been published in the IEEE HOTMESH 2012 ("Authorisation and Authentication Mechanisms in support of Secure Access to WMN Resources"). |
Publications and demos | Several publications, presentations and demonstrations have been done during the project, and about 10 press articles about A4-Mesh have been published. |
The focus of the A4-Mesh project was the development and integration of innovative authentication and authorization, auditing, and accounting mechanisms (A4) into a fully functional wireless mesh network infrastructure, and its deployment in two application scenarios, namely a campus extension scenario and an environmental monitoring scenario in the Swiss Alps. The last application for supporting environmental research requirements has been particularly successful. As a result researchers are able to access their measurement devices and onsite data storages directly from the university and the network users are able to access the Internet at any time. Furthermore, the integration of the mechanisms for authentication and authorisation made it possible to access the network in a secure way because of the integration into the authentication and authorization infrastructure (AAI) of Swiss higher education based on SWITCHaai mechanisms. Furthermore, the A4-Mesh offers detailed accounting functions, which provide information about traffic consumptions of each particular user. The A4-Mesh monitoring infrastructure allows us to monitor every parameter provided by the ADAM operating system. It might be an amount of free memory on the ALIX node, or number of retransmissions on the particular interface. The monitoring web interface is easily configurable by the administrator.
To successfully use wireless mesh networks in the area of Swiss higher education, wireless mesh networks
have to support authentication, authorization, accounting, and auditing. They must also be seamlessly
integrated into the organizations' authentication and authorization infrastructure. As there are
usually multiple concurrent users of the network, the wireless mesh network has to support accounting
to enable billing the costs to the different users and to support network management. For a successful
operation of a wireless mesh network, inconsistent and erroneous states in the networks have to be
detected and resolved. This requires constant auditing of network state and configuration.
The project will achieve the following specific goals:
The project will allow to increase the coverage of campus networks and networks for environmental monitoring applications.
With the approaches developed in A4-Mesh the organizations of Swiss higher education can easily extend
the coverage of their campus networks, e.g., when sites of a University are several 100 m or kms away from
the main campus.
They can also connect remote sites for research projects or events.
Many research projects in different
research areas (climate research, geology and biology) may profit from an easily deployable outdoor wireless
network that supports high speed network access as well as authentication and authorization based on SWITCHaai
and mechanisms for accounting and auditing.
A4-Mesh also supports the concurrent use of the wireless network infrastructure by multiple projects
with the ability of a detailed accounting and billing.
The project reduces the network maintenance costs by auditing functions that may trigger recovery mechanisms of the network.
First the system architecture has to be defined. Then the following parts will be designed and implemented: