User-friendly access control for public network ports

Abstract

We are facing a growing user demand for ubiquitous Internet access. As result, network ports and wireless LANs are becoming common in public spaces inside buildings such as lounges, conference rooms and lecture halls. This introduces the problem of protecting networks accessible through these public ports from unauthorized use. In this paper, we study the problem of access control through public network ports. We view this problem as a special case of the more general problem of access control for a service on a network. We present an access control model on which we base our solution. This model has three components: authentication, authorization, and access verification. We describe the design and implementation of a system that allows secure network access through public network ports and wireless LANs. The design requires no special hardware or custom client software, resulting in minimal deployment cost and maintenance overhead. The system has a user-friendly, Web-based interface, offers good security, and scales to a campus-sized community.