Implementation and Experiments of Integrated Security Domain for IEEE 802.11s Mesh Networks

• Main Authors: Lin, Kun-Shan, 林坤杉
• Other Authors: Tseng, Chien-Chao
• Format: Others
• Language: zh-TW
• Published: 2011
• Online Access: http://ndltd.ncl.edu.tw/handle/83505968993180702024

碩士 === 國立交通大學 === 資訊學院資訊學程 === 99 === Today, we are able to access to wireless local area networks (wireless LANs) in many public places; however, this requires access points that link to physical networks. This requirement makes it much more difficult and costly to set up wireless LANs on a larger scale. The Wireless Mesh Network is a wireless replacement for cable connection that enable wireless communications between access points to form a mesh network architecture. With the implementation of Wireless Mesh Networks, the coverage of wireless network services can be improved, and the “last mile” of network service can be reached. Presently, most of the Wireless Internet Service Providers (WISPs) provide only HTTPS authentication, which lacks encryption and authentication for each packet, making base stations soft targets for wireless eardropping and attacks by hackers. IEEE802.11i enhances the encryption and authentication in the Wireless LAN. However, due to the characteristics of wireless networks, wireless mobile devices frequently handoff between the access points. Handoff delay is caused by the switching, and results in poor quality of service and service interruptions for many wireless mobile devices demanding real-time services. The mechanism implemented in this paper moves the function of the authenticator from Mesh Access Point (MAP) to Mesh Portal (MPP) without compromising the security of 802.11i, while reducing the frequency of wireless mobile devices’ demands for IEEE802.1X authentication during handoff. Hence, the handoff delay and message traffic will be effectively reduced. Also, the difficulties and challenges encountered in the real environment during the implementation process will be addressed.