Paper Info
Title
Securing network location awareness with authenticated DHCP.
Abstract
Network location awareness (NLA) enables mobile computers to recognize home, work and public networks and wireless hotspots and to behave differently at different locations. Pie location information is used to change security settings such as firewall rules. Current NLA mechanisms, however, do not provide authenticated location information on all networks. This paper describes a novel mechanism, based on public-key authentication of DHCP servers, for securing NLA at home networks and wireless hotspots. The main contributions of the paper are the requirements analysis, a naming and authorization scheme for network locations, and the extremely simple protocol design. The mobile computer can remember and recognize previously visited networks securely even when there is no PKI available. This is critical because we do not expect the majority of small networks to obtain public-key certificates. The protocol also allows a network administrator to pool multiple, heterogeneous access links, such as a campus network, to one logical network identity. Another major requirement for the protocol was that it must not leak information about the mobile host's identity or affiliation. The authenticated location information can be used to minimize attack surface on the mobile host by making security-policy exceptions specific to a network location.
Year
DOI
Venue
2007
10.1109/SECCOM.2007.4550359
SecureComm
Field
DocType
Citations 
Mobile computing,Public key infrastructure,Internet privacy,Authentication,Campus network,Computer security,Computer science,Server,Computer network,Dynamic Host Configuration Protocol,Network administrator,Location awareness
Conference
7
PageRank 
References 
Authors
0.54
6
3
Name
Order
Citations
PageRank
Tuomas Aura155277.28
Michael Roe2470131.65
Steven J. Murdoch380657.90