Security and Differentiated Hotspot Services Through Policy-Based Management Architecture

We have studied the case of deploying services in public wireless networks based on IEEE802.11 standard. Due to low cost, easy deployment, cost effectiveness and high performance, this technology appears as a very attractive solution for providing internet access and services in public places called hotspot like airports, hotels, train stations... etc Actually, there are numerous solutions that allow user management in WLAN networks. However, most of them do not support multiple service providers and provide all users with the same level of services to Internet access. In our paper, we propose a new software management architecture for hotspot networks, which is based on policy-based management principles introduced as a result of collaboration with the IETF. Our solution enables multiple service provider support and it allows user and service differentiation in hotspot networks. It provides efficient, flexible and scalable user management solution by implementing coherent combination of AAA functions, quality of service guarantee and security assurance for hotspot operators and service providers. For policy configuration, XML schemes have been defined, offering open, easy and customizable management architecture. Moreover, since our solution is layer 2 agnostic, it can be extended to different access technologies such as DSL, PLC... This management architecture has been implemented, tested and validated on the 6WINDGateTM routers and it can easily be ported onto other software architectures and open standard platforms.