PPT_692430031
Download
Report
Transcript PPT_692430031
The Challenge of Wi-Fi
(Wireless fidelity) Roaming
報告者:周士倫
Outline
Technical roaming issues
Implementation incompatibility
Handoff standards
Security and authentication
ROAMING BETWEEN WI-FI AND CELLULAR
BUSINESS-RELATED ROAMING ISSUES
TODAY’S LIMITED APPROACHES
Aggregators
Hotspot networks
A Quick Look At Wi-Fi Technologies
Most Wi-Fi hotspots currently use IEEE
802.11b technology
It’s cheap to deploy
Client-side devices are widely available
IEEE 802.11b use complementarycode-keying (CCK)
802.11a,802.11g use orthogonalfrequency-division-multiplexing(OFDM)
Introduction
The Wi-Fi technology faces a critical
challenge to its continued popularity
and success: Seamless roaming
between different networks is difficult
for various technical and business
reasons
Introduction
Roaming is difficult in part because
the technologies used in different
systems don’t always work together.
service providers’ billing and
authentication systems sometimes
aren’t compatible
Security is another concern
Introduction
Finally, carriers want to figure out
ways that Wi-Fi users can roam from
their networks to cellular networks
for example, let users begin working
at an airport on a laptop via a Wi-Fi
hotspot and then continue via a
cellular network until they get to their
office and can switch to a traditional
LAN.
TECHNICAL ROAMING ISSUES –
1.Implementation incompatibility
IEEE 802.11 standards are loose
enough that vendors have been able
to develop incompatible
implementations
even with compatible equipment,
there are no standards for the
methodology used in handing off
transmissions between networks
TECHNICAL ROAMING ISSUES –
2.Handoff standards
The IEEE 802 Handoff Executive Committee
Study Group is working on developing a
common-handoff-frame-work standard that
will be useful to Wi-Fi roaming
If a certain quality of service is being
maintained for a user, user does not
necessarily want to hand off to a base
station that cannot also support that QoS
TECHNICAL ROAMING ISSUES –
3.Security and authentication
WEP is designed to give wireless LANs
(WLANs) similar protection to that offered
by wired networks
WPA, though, is only a stopgap measure
while the IEEE works on the proposed
802.11i standard, which would include the
stronger Advanced Encryption Standard
algorithm
Authorization to make sure people trying to
sign on to a network are supposed to have
access to a hotspot is also an issue for WiFi
Handoff ,Security
and authentication
802.11f:提供了無線網路使用者漫遊(Roaming)時,透過不同
無線接取點(Access Point)連線的資料交換機制,其中定義了
IAPP(Inter Access Point Protocol) 機制,讓使用者在切換無
線接取點時,可以讓新的AP與舊的AP交換使用者的連線資料,以
便於維持原有的連線,而不會導致連線中斷,影響使用者無線網
路傳輸
802.11i: 定義了在802.11a/b/g MAC(Media Access
Control) Layer的安全機制,主要以EAP-802.1x做為認證的方
式,AES與TKIP(Temporal Key Integrity Protocol)作為加密
的方法,當然目前跟802.11f,一樣都沒有最後定案的版本,不過
在可預見的未來裡,802.11i肯定會成為無線網路安全方面最為
重要的通訊協定架構.
802.11f和802.11i示意圖
Handoff
Handoff
因為在目前的網路架構IPv4下並不支援可攜
式IP位址(Mobile IP),當資訊設備跨越了
不同服務網路時,送出去的訊號無法被其他
電腦所辨識,造成斷訊。這個問題將在下一
代的網路架構IPv6獲得改善
Handoff
目前可以利用DHCP的架構,將所有上網的資訊設
備採用DHCP模式取得網路IP位址,可暫時解決部
分跨越服務網路的問題
1.
2.
3.
4.
5.
6.
7.
8.
MN在原網路收到來自HA廣播之Agent Advertisement信息,
得知所在網路為原網路及HA位址。
MN移至其他網路,同時收到FA廣播之Agent
Advertisement信息,得知已移至其他網路,同時得知FA位
址。
MN透過FA轉送註冊信息給HA,並告知HA其拜訪網路之
CoA(MN在漫遊至其他網路之暫時網路位址) 。
HA廣播Proxy ARP信息至原網路所有節點,告知目前MN的
封包需交由HA轉送。
CN傳送至原網路的封包將路由至HA,HA查表得知MN之CoA
透過通道機制(Tunneling)將封包包裝後再送至FA。
FA收到後,解通道封包後,將原封包轉送至MN。
MN送至外部之封包可以直接遞送,若拜訪網路有作封包過濾
(Packet Filtering),則可以透過FA轉送至HA再行傳送到CN。
MN返回原網路,傳送解除註冊動作,封包路由回原MN。
安全性
目前WLAN的安全是利用WEP加解密的方式
來達到安全需求,不過這樣的方式由於WEP
加密上的缺失,導致容易被惡意使用者入侵
破解。例如駭客只要在辦公大樓外面,架設
天線,並進行加解密的動作,就容易侵入公
司內部網路.
在無線網路安全沒有進一步的保障前,最好
的方式就是可以透過WLAN加上VPN的安全
機制
VPN的加密機制可以補足WLAN所缺乏的安全問題,例如可以在公司內部架設一個VPN
Server,提供PPTP或是IPSec的機制,讓使用者在無線網路傳輸時,可以先透過PPTP簽
入內部主機後再連結上網路資源,如此一來在無線部分傳輸的資料就可以透過加密的方
式來傳輸了
不過,用VPN 來解決無線網路安全問題並不是一個最佳的方案,不過在目前更佳的無線
網路安全標準尚未建立以前,有些廠商則採用這樣的架構作為暫時的系統解決方案
認證
在計費問題上,一般像是網路隨插即用的設
備會提供簡單的帳號管理以及計費機制,這
很適合於小範圍的公用空間上網,像咖啡館、
旅社
若是提供大範圍的無線網路服務時,這要的
機制顯然不足,因此必須搭配其他系統作為
計費以及身份認證的需求,像是RADIUS伺
服器
撥號接入用戶遠程驗證服務協議
(RADIUS)
票據結算中心將用戶資訊發往該用戶的開戶ISP,
開戶ISP對用戶進行驗證和計費,並向為該用戶提
供接入服務的ISP支付一定的費用,最後,該用戶
就可以連接到其開戶ISP並透過他連接到自己的公
司網路
無線ISP間共用用戶資訊的技術相對來說簡單而直
接,而如何協調無線ISP間的利益分配,並制定相
應標準則略顯複雜。
WISPr的發言人 Homan認為,收費系統是最關鍵
的部分。為此,WISPr對RADIUS協議進行了擴充,
增添了一些新的協議屬性,如用戶名、在線時間、
發出與接收字節數等等。此外,透過標識用戶所處
位置的地域代碼,該協議還能向用戶提供某特定站
點的服務
RADIUS架構圖
ROAMING BETWEEN WI-FI AND
CELLULAR
Motorola、Avaya、及Proxim三家公司宣佈合作計畫,期盼能解
決Wi-Fi漫遊的問題。此合作計畫將基於VoIP技術來整合蜂巢式
(cellular)行動通訊技術及無線區域網路技術,目的在於讓Wi-Fi
熱點也能提供語音的服務
Motorola will develop the dual-mode phones, create the
mobility management server that provides the handoff
between Wi-Fi and cellular networks, and implement
system design tools
Avaya will integrate its IP telephony technology and callprocessing software to support mobile capabilities
Proxim will provide the Wi-Fi infrastructure, QoS
software, and centralized management systems to
facilitate network handoffs
BUSINESS-RELATED ROAMING
ISSUES
Some companies charge per-use,
per-minute, or subscription fees for
using their hotspots. Other individuals
and groups deploy free hotspots as a
public service
For roaming to succeed, carriers must
resolve differences in their business
models and their billing and
authentication mechanisms
TODAY’S LIMITED APPROACHES –
Aggregators
Small wireless ISP (WISP)
aggregators offer a single account
that provides access to networks of
many partners
Aggregators don’t build new hot-spots
but instead sign up existing accesspoint operators
想要達到的目標
Bad news
位於紐約的Joltage公司成為最新的犧牲品。這家公司成立於去
年年初(2002),它的創始人希望成為“規劃外頻譜領域的世界
頭號運營商”,同時向患有寬頻飢渴症的消費者提供無線網路
服務提供商(wISP)的選擇。它的業務計劃聽起來確實可行。
Joltage公司免費向所有擁有電腦、乙太網路連接和一些廉價網
路設備的用戶提供軟體。這些人的電腦將成為全國性無線網路
的節點,在理論上讓公司免於花費巨額成本建設自己的網路。
用戶每小時支付1.99美元就可享受無線網路,而這筆收入將由
Joltage公司和“熱點”托管方平均分配。
鑒于這項計劃十分具有創新意義,許多行業觀察家預測Joltage
公司(還有其他幾家Wi-Fi技術發起公司,如Boingo無線公司)將
成為新時代的先驅,並預測小型ISP將奪走大型無線和有線ISP
的客戶。但不幸的是,甚至連Joltage公司相對較低的價格仍然
不夠便宜。由於用戶太少,Joltage公司董事長Andrew
Weinreich發出一封電子郵件,稱公司將停止運營。
TODAY’S LIMITED APPROACHES –
Hotspot networks
Large companies are also trying to form
nationwide hotspot networks. For example,
US wireless service providers T-Mobile USA
and Wayport have their own extensive WiFi networks, largely in airports, coffee
shops, and convention centers.
Several leading computer and telecommunications companies including AT&T,
IBM, and Intel have formed Cometa
Networks
Conclusion
many companies currently don’t offer
hotspots to make a profit. Instead, they
frequently offer hotspots to enhance other
services they offer and to attract customers
customers won’t pay a high usage fee for
hotspots, especially when so many free
ones exist
national Wi-Fi coverage would be a key
factor for the technology’s success, as has
been the case with cellular phone services.
BUT “It’s not here yet for the average
consumer.”