This file was created by the TYPO3 extension bib --- Timezone: CEST Creation date: 2024-04-26 Creation time: 08-04-35 --- Number of references 9 inproceedings 2011-wirtz-kaleidoscope 2011 12 14 mobile_access fileadmin/papers/2011/2011-wirtz-kaleidoscope.pdf Online

ITU

Proceedings of the ITU-T Kaleidoscope Event 2011, Cape Town, South Africa Cape Town, South Africa ITU-T Kaleidoscope: The fully networked human? 2011-12-12 en 978-92-61-13651-2 1 HannoWirtz RenéHummen NicolaiViol TobiasHeer Mónica AlejandraLora Girón KlausWehrle inproceedings 2011-hummen-pisa-demo 2011 6 15 15 35--36 mobile_access fileadmin/papers/2011/2011-hummen-wisec-pisa-sa-demo.pdf Online ACM

New York, NY, USA

Proceedings of the fourth ACM Conference on Wireless Network Security, Hamburg, Germany Hamburg, Germany Wireless Network Security 2011 (WiSec 2011) en 1559-1662 10.1145/2073290.2073297 1 RenéHummen HannoWirtz NicolaiViol TobiasHeer KlausWehrle techreport rfc6253 2011 5 rfc6253 The Certificate (CERT) parameter is a container for digital certificates. It is used for carrying these certificates in Host Identity Protocol (HIP) control packets. This document specifies the CERT parameter and the error signaling in case of a failed verification. Additionally, this document specifies the representations of Host Identity Tags in X.509 version 3 (v3) and Simple Public Key Infrastructure (SPKI) certificates. The concrete use of certificates, including how certificates are obtained, requested, and which actions are taken upon successful or failed verification, is specific to the scenario in which the certificates are used. Hence, the definition of these scenario- specific aspects is left to the documents that use the CERT parameter. mobile_access http://www.ietf.org/rfc/rfc6253.txt IETF RFC 6253 (Experimental) Request for Comments Internet Engineering Task Force Internet Engineering Task Force Request For Commments (Experimental Standard) 1 TobiasHeer SamuVarjonen techreport rfc5201-bis-04 2011 1 1 draft-ietf-hip-rfc5201-bis-04.txt <prt>expires: July 24, 2011 (work in progress)</prt> mobile_access http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-04 Online <prt>IETF Trust</prt> An online version is available at: http://tools.ietf.org/html/draft-ietf-hip-rfc5201-bis-04 Internet Drafts <prt>Internet Engineering Task Force</prt> Internet Engineering Task Force en 1 RobertMoskowitz PetriJokela Thomas R.Henderson TobiasHeer techreport 2011-heer-draft-middle-auth 2011 draft-heer-hip-middle-auth-04 The Host Identity Protocol [RFC5201] is a signaling protocol for secure communication, mobility, and multihoming that introduces a cryptographic namespace. This document specifies an extension for HIP that enables middleboxes to unambiguously verify the identities of hosts that communicate across them. This extension allows middleboxes to verify the liveness and freshness of a HIP association and, thus, to secure access control in middleboxes. Work in progress ietf, mobile_access http://tools.ietf.org/html/draft-heer-hip-middle-auth-04 Online Internet Engineering Task Force Internet-Draft en TobiasHeer MiikaKomu RenéHummen KlausWehrle inproceedings 2010-heer-pisa-sa 2010 8 2 1 588-593 With the goal of providing ubiquitous wireless services (e.g., tourist guides, environmental information, pedestrian navigation), municipal wireless networks are currently being established all around the world. For municipalities, it is often challenging to achieve the bandwidth and coverage that is necessary for many of the envisioned network services. At the same time, Wi-Fi-sharing communities achieve high bandwidth and good coverage at a very low cost by capitalizing on the dense deployment of private access points in urban areas. However, from a technical, conceptual, and security perspective, Wi-Fi sharing community networks resemble a patchwork of heterogeneous networks instead of one well-planned city-wide network. This patchwork character stands in stark contrast to a uniform, secure platform for public and commercial services desirable for the economic success of such a network. Hence, despite its cost-efficiency, the community-based approach cannot be adopted by municipalities easily. In this paper, we show how to realize municipal wireless services on top of a Wi-Fi-sharing infrastructure in a technically sound and economically attractive fashion. In particular, we focus on how to securely provide services to mobile clients with and without client-side software support. Our solution cleanly separates the roles of controlling and administering the network from providing bandwidth and wireless access. With this separation, commercial ISPs and citizens with their private Wi-Fi can contribute to the network infrastructure. This allows municipalities in turn to focus their resources on municipal wireless services. mobile_access http://www.comsys.rwth-aachen.de/fileadmin/papers/2010/2010-heer-icc-pisa-sa.pdf Print IEEE Press

Washington, DC, USA

International Conference on Computer Communication Networks, ICCCN 2010, Zurich Zurich, Switzerland International Conference on Computer Communication Networks, ICCCN 2010 en 978-1-4244-7114-0 10.1109/ICCCN.2010.5560103 1 TobiasHeer ThomasJansen RenéHummen HannoWirtz StefanGötz EliasWeingaertner KlausWehrle inproceedings 2010-percomws-heer-munifi Proceedings of the Sixth IEEE PerCom Workshop on Pervasive Wireless Networking (PWN 2010), IEEE. 2010 4 2 1 588 - 593 Municipal Wi-Fi networks aim at providing Internet access and selected mobile network services to citizens, travelers, and civil servants. The goals of these networks are to bridge the digital divide, stimulate innovation, support economic growth, and increase city operations efficiency. While establishing such urban networks is financially challenging for municipalities, Wi-Fi-sharing communities accomplish good coverage and ubiquitous Internet access by capitalizing on the dense deployment of private access points in urban residential areas. By combining Wi-Fi communities and municipal Wi-Fi, a collaborative municipal Wi-Fi system promises cheap and ubiquitous access to mobile city services. However, the differences in intent, philosophy, and technical realization between community and municipal Wi-Fi networks prevent a straight-forward combination of both approaches. In this paper, we highlight the conceptual and technical challenges that need to be solved to create collaborative municipal Wi-Fi networks. mobile_access http://www.comsys.rwth-aachen.de/fileadmin/papers/2010/2010-heer-percomws-collaborative-municipal-wi-fi.pdf Print IEEE Press

Washington, DC, USA

Proceedings of the Sixth IEEE PerCom Workshop on Pervasive Wireless Networking (PWN 2010), Mannheim, Germany. Mannheim, Germany Sixth IEEE PerCom Workshop on Pervasive Wireless Networking (PWN 2010) April 02, 2010 en 978-1-4244-6605-4 10.1109/PERCOMW.2010.5470505 TobiasHeer RenéHummen NicolaiViol HannoWirtz StefanGötz KlausWehrle inproceedings 2009-icc-heer-middleboxes 2009 1 791-796 Today, middleboxes such as firewalls and network address translators have advanced beyond simple packet forwarding and address mapping. They also inspect and filter traffic, detect network intrusion, control access to network resources, and enforce different levels of quality of service. The cornerstones for these security-related network services are end-host authentication and authorization. Using a cryptographic namespace for end-hosts simplifies these tasks since it gives them an explicit and verifiable identity. The Host Identity Protocol (HIP) is a key-exchange protocol that introduces such a cryptographic namespace for secure end-to-end communication. Although HIP was designed with middleboxes in mind, these cannot securely use its namespace because the on-path identity verification is susceptible to replay attacks. Moreover, the binding between HIP as an authentication protocol and IPsec as payload transport is insufficient because on-path middleboxes cannot securely map payload packets to a HIP association. In this paper, we propose to prevent replays attack by treating packet-forwarding middleboxes as first-class citizens that directly interact with end-hosts. Also we propose a method for strengthening the binding between the HIP authentication process and its payload channel with hash-chain-based authorization tokens for IPsec. Our solution allows on-path middleboxes to efficiently leverage cryptographic end-host identities and integrates cleanly into existing protocol standards. mobile_access http://www.comsys.rwth-aachen.de/fileadmin/papers/2009/2009-heer-icc-end-host-authentication.pdf Print Piscataway, NJ, USA

Dresden, Germany

Proceedings of the IEEE International Conference on Communications 2009 (ICC 2009), Dresden, Gemany IEEE Dresden, Germany IEEE International Conference on Communications 2009 (ICC 2009) en 978-1-4244-3435-0 1938-1883 10.1109/ICC.2009.5198984 1 TobiasHeer RenéHummen MiikaKomu StefanGötz KlausWehrle conference 2008-heer-pisa-full 2008 6 16 1 1-7 The proliferation of broadband Internet connections has lead to an almost pervasive coverage of densely populated areas with private wireless access points. To leverage this coverage, sharing of access points as Internet uplinks among users has first become popular in communities of individuals and has recently been adopted as a business model by several companies. However, existing implementations and proposals suffer from the security risks of directly providing Internet access to strangers. In this paper, we present the P2P Wi-Fi Internet Sharing Architecture PISA, which eliminates these risks by introducing secure tunneling, cryptographic identities, and certificates as primary security concepts. Thus, PISA offers nomadic users the same security that they expect from a wired Internet connection at home. Based on its three fundamental mechanisms, PISA achieves a flexibility which opens significant advantages over existing systems. They include user mobility, anonymity, service levels with different performance and availability characteristics, and different revenue models for operators. With this combination of key features, PISA forms an essential basis for global, seamless, and secure Wi-Fi sharing for large communities. mobile_access http://www.comsys.rwth-aachen.de/fileadmin/papers/2008/2008-heer-ict-secure-wifi.pdf Print IEEE

Washington, DC, USA

Proc. of 15th International Conference on Telecommunication (ICT), St. Petersburg, Russian Federation St. Petersburg, Russian Federation 15th International Conference on Telecommunication (ICT) 16-19 June 2008 en 978-1-4244-2035-3 1 TobiasHeer StefanGötz EliasWeingaertner KlausWehrle