The development of secure interface system for wi-fi internet access using blended approach of captive portals and key verification techniques / Kamarul Ariffin Abdul Basit … [et al.]

Abdul Basit, Kamarul Ariffin and Awang, Norkhushaini and Darus, Mohammad Yusof and Mohd Ali, Fakariah Hani (2014) The development of secure interface system for wi-fi internet access using blended approach of captive portals and key verification techniques / Kamarul Ariffin Abdul Basit … [et al.]. In: IIDEX 2014: invention, innovation & design exposition. Research Innovation Business Unit, Shah Alam, Selangor, p. 54. (Submitted)

Official URL: http://www.iidex.com.my

Abstract

Wi-Fi technology has become one of the common ways to establish a connection to the Internet. However, the current implementation of Wi-Fi does not offer enough security protection. The security problems in Wi-Fi have become quite well-known to the public and this matter indirectly has opened a doorway to many people with adequate ICT skills to bypass the Wi-Fi security protection. One of the things that entice people to break the Wi-Fi security is that they could use the internet access as much as they want without having to worry about the charges on the Internet usage (i.e., using Internet for free). One way to tackle this problem is by adding another level of the Wi-Fi security protection. We proposed to blend the ‘captive portal’ strategy with ‘key verification’ techniques in order to improve the security system in Wi-Fi. We developed an information system known as ‘Secured Interface System’ (Sis) that linked to the Wi-Fi infrastructure. Our approach should force all users in the environment to register in our SiS and get an electronic key before they have the permission to access the Internet. This technique could be seen as a twofold strategy in order to harden the security protection of Wi-Fi system. The first protection is when any user tries to use the Internet facilities (through the communication to the access point), their device will be directed to our SiS. This system uses the captive portal technique in which it accepts the request of HTTP from the users on a network and displays a special web page before allowing the users to connect to the Internet. This captive portal has the ability to convert a web browser into an authentication device. In the beginning phase, users have to register by entering their details into SiS. The system also requires some specific user information with respect to the organization that supplies the facilities of the Wi-Fi systems in their place. Given the hotel as an example, the specific information demanded by SiS could be the user’s room number or payment receipt number or any special id provided by the hotel management in order to justify that users are actually the legitimate hotel’s resident. The user’s details are then being kept in a database. After users complete the registration, the Interface System should require them to apply for a verification key. The mechanism of verification key could be described as our second protection. The ‘symmetric key algorithm’ was used to build up the keys for every registered user. The key of a particular user has to match with his/her account. When a registered user wants to use the Internet via the organization’s access point, he/she has to login to the SiS by supplying the correct username and password as well as the key. The SiS will then process that information to determine whether the user is a legitimate user or not. The legitimate user will be granted permission and the non-legitimate user will be blocked to use the Internet facilities. We built a simulation environment that describes a scenario of implementing the SiS to a Wi-Fi system. The simulation results have shown that our system has worked well with the Wi-Fi system. The results of the penetration test to the Wi-Fi system which include the Interface System indicated that the security protection to access the Internet via Wi-Fi improved.

Metadata

Item Type: Book Section
Creators:
Creators
Email / ID Num.
Abdul Basit, Kamarul Ariffin
k_rol@tmsk.uitm.edu.my
Awang, Norkhushaini
UNSPECIFIED
Darus, Mohammad Yusof
UNSPECIFIED
Mohd Ali, Fakariah Hani
UNSPECIFIED
Subjects: T Technology > T Technology (General) > Information technology. Information systems
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunication
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunication > Local area networks (Computer networks)
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunication > Wifi access networks
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunication > Web servers. Internet > Internet access. Internet access control
Divisions: Universiti Teknologi MARA, Shah Alam > Research Management Centre (RMC)
Event Title: IIDEX 2014: invention, innovation & design exposition
Event Dates: 27 - 30 April 2014
Page Range: p. 54
Keywords: Wi-Fi technology; Security protection; Captive portal; Key verification; Secured Interface System (SiS)
Date: 2014
URI: https://ir.uitm.edu.my/id/eprint/70448
Edit Item
Edit Item

Download

[thumbnail of Research book: abstract only] Text (Research book: abstract only)
70448.pdf

Download (1MB)

ID Number

70448

Indexing

Statistic

Statistic details