Authentication, authorization and accounting (AAA) in hybrid ad hoc hotspot's environments

Wireless LAN (WLAN) is rapidly growing as a popular technology for ubiquitous communication, where Internet access is being a standard commodity. The growing demand in WLAN technological development is to provide high quality and secure Internet access to mobile users using their portable devices. Nevertheless, WLAN is still restrictive, as it requires the presence of mobile users in the communication range of access points. Moreover, the security of this network is posing a major challenge for its usage. Hybrid ad hoc networks appear as an attractive solution in public hotspots applications, allowing mobile users to achieve WLAN access independent of their existence in access points communication ranges. Since effective Authentication, Authorization and Accounting (AAA) are of great importance for secure mobile wireless access, in this paper we propose a novel architecture that provides efficient AAA and secure communication among mobile clients in WLAN hotspots applications. Our solution uses the hybrid ad hoc network concept and considers the service provider as the single point of contact for all AAA transactions. We adapt the IEEE 802.11i standard to the hybrid ad hoc network environment in order to set up authenticated links on layer 2, achieving secure wireless access as well as confidential data transfer. Since IEEE 802.11i necessitates the existence of a fixed infrastructure between the WLAN and the authentication server, we introduce a cross-layer interaction with the ad hoc routing layer in order to provide a virtual infrastructure among the mobile clients through employing a clustering mechanism. We validate our proposed solution through simulation. Through analyzing the obtained results, we give some performance estimates and we show the advantages of using the hybrid ad hoc networks approach.