PARC wants to make networks smarter, easier

By Stephen Lawson

March 8, 2004 12:00 PM ET

Recommended

(4)

Digg

Twitter

Share/Email

IDG News Service - Palo Alto Research Center Inc. (PARC), the storied institution started by Xerox Corp. that has spawned easy-to-use technologies including Ethernet and the computer mouse, still remembers how to invent things that busy users can just plug in and forget about.
PARC researchers recently announced that they have come up with a device that lets new users securely sign onto a wireless LAN in less than five minutes, as well as a way for otherwise incompatible digital consumer devices to exchange data.
The WLAN "enrollment station," which has been under development for about a year and is already in use at Palo Alto, Calif.-based PARC, uses a public-key infrastructure (PKI) to automatically authenticate a client device to a WLAN. As it's currently implemented, a user walks up to the station with a notebook computer or other device, lines up its infrared port with that of the station and waits for the device to be signed on to the network. It cuts the process down from several steps and more than an hour to two steps and about two minutes, with no choices for the end user to make during the process, said Dirk Balfanz, a researcher in PARC's security group. The process would have to happen only once for every user on that LAN.
At the heart of the system is the IEEE 802.1x standard, a specification for authenticating clients on LANs. The enrollment station uses Extensible Authentication Protocol-Transport Level Security, one of the authentication protocols that's optional under 802.1x. It's compatible with the Wi-Fi Protected Access mechanism introduced last year, Balfanz said. In a company that already has a PKI for its WLAN, the station can be integrated into the existing system through the standard, which can support a wide range of current PKI technologies.
When the user brings a client system up to the enrollment station, the devices initially exchange a cryptographic key pair. Then the client requests a digital certificate, which can be approved or rejected automatically based on preset policies or by a network administrator via e-mail. When the client gets approved, it receives a certificate and is automatically configured to use the WLAN, according to PARC.
Though useful in enterprises, the technology might have more potential for home networks, Balfanz said. The enrollment station, consisting mostly of software, could be integrated with a combination access point and router, making it easier and safer for end users to sign onto a home LAN. Getting the LAN going would be as easy as plugging in the combination device

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Mobile/Wireless

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.