tag:blogger.com,1999:blog-17500930.post7266478023893667569..comments2024-03-20T22:57:03.923+00:00Comments on Dean Bubley's Disruptive Wireless: What impact will security worries have on WiFi offload?Dean Bubleyhttp://www.blogger.com/profile/05719150957239368264noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-17500930.post-14113071110699306842010-11-26T14:53:24.957+00:002010-11-26T14:53:24.957+00:00PC-based offload is surely going to be a relative ...PC-based offload is surely going to be a relative rarity going forwards (and its historical signficant position is probably a major reason why EAP-SIM had no real impetus). Any laptop user with an interest in data access is going to make the leap required to get SIM-auth working if their reward is Wifi levels of access, surely. <br />No reason from the looks of google-results for SIM access to be affected by flight mode - AFAIK any user with contacts stored on the SIM can still access them(?) when in that mode.<br />The sticky bit with EAP-SIM as your baseline is the non-SIM-based wifi customer. And for them, I wonder whether it's going to come with 802.1x PEAP/TTLS over WPA2 (enterprise) which will be the "acceptable" form of encrypted access dual SSID's and all..<br />Hughbaggierohttps://www.blogger.com/profile/06642629203727985596noreply@blogger.comtag:blogger.com,1999:blog-17500930.post-52652838270557826652010-11-26T13:39:44.289+00:002010-11-26T13:39:44.289+00:00EAP-SIM variant would work for WiFi offload in a s...EAP-SIM variant would work for WiFi offload in a smartphone, right? In this respect, Steven is right.Davidenoreply@blogger.comtag:blogger.com,1999:blog-17500930.post-73876917823468723832010-11-09T09:12:55.389+00:002010-11-09T09:12:55.389+00:00Hi Dean
whatever the case, it is clear that previ...Hi Dean<br /><br />whatever the case, it is clear that previous attempts at defining architectures which mandate a homogeneous client environment have failed (else we would all be talking on UMA-phones enabled with RCS-clients). Service Providers and WLAN Access Providers need to be able to support heterogeneous client environments which support service to basic clients with all the security caveats, but which motivate the deployment of new client functionality with improved WiFi experience.<br /><br />Cheers,<br /><br />Mark Grayson<br />CiscoMark Graysonnoreply@blogger.comtag:blogger.com,1999:blog-17500930.post-28932325071242624902010-11-07T01:25:19.747+00:002010-11-07T01:25:19.747+00:00Hi Steven
Sorry, I don't buy the EAP-SIM argu...Hi Steven<br /><br />Sorry, I don't buy the EAP-SIM argument at all - I've heard it since about 2004 and it doesn't stack up for a lot of use cases.<br /><br />In particular, it doesn't work in scenarios for PC-based offload where the user has a 3G dongle attached, but uses the native WiFi and connection manager on the computer. <br /><br />In fact, the most likely scenario is where the user doesn't even attach the dongle (& SIM) to the PC when they know they are in a cafe where WiFi is available & they have credentials, even if they use the operator's connection manager client. <br /><br />I'm also not sure if the SIM is accessible on a phone switched to "flight mode", or how it would work in roaming scenarios.<br /><br />There are many other flaws with using SIM-based authentication I can think of as well.<br /><br />DeanDean Bubleyhttps://www.blogger.com/profile/05719150957239368264noreply@blogger.comtag:blogger.com,1999:blog-17500930.post-78444674878334273902010-11-07T01:06:37.242+00:002010-11-07T01:06:37.242+00:00Dean -- no worries, really. Mobile operators have...Dean -- no worries, really. Mobile operators have heard the Wi-Fi security concerns loud and clear. The dominant design in 3G off-load via Wi-Fi moving forward, as operators are implementing it with us today, relies on the EAP-SIM variant of 802.1x authentication which uses (a) the subscriber credentials already on the smartphone (the SIM card) to make authentication as secure and automatic as what happens on 3G networks, and (b) the secret keys exchanged in that process as the basis for AES encryption over the air. Stay tuned for announcements of large Wi-Fi networks deployed that are every bit as easy to use and secure as the 3G networks -- but with tons more bandwidth where you want it most.<br /><br />regards,<br /><br />Steven Glapa<br />Ruckus Wireless, Inc.Steven Glapahttp://www.ruckuswireless.comnoreply@blogger.com