A secure authentication and billing architecture for wireless mesh networks

Wireless mesh networks (WMNs) are gaining growing interest as a promising technology for ubiquitous high-speed network access. While much effort has been made to address issues at physical, data link, and network layers, little attention has been paid to the security aspect central to the realistic deployment of WMNs. We propose UPASS, the first known secure authentication and billing architecture for large-scale WMNs. UPASS features a novel user-brokeroperator trust model built upon the conventional certificatebased cryptography and the emerging ID-based cryptography. Based on the trust model, each user is furnished with a universal pass whereby to realize seamless roaming across WMN domains and get ubiquitous network access. In UPASS, the incontestable billing of mobile users is fulfilled through a lightweight realtime micropayment protocol built on the combination of digital signature and one-way hashchain techniques. Compared to conventional solutions relying on a home-foreign-domain concept, UPASS eliminates the need for establishing bilateral roaming agreements and having realtime interactions between potentially numerous WMN operators. Our UPASS is shown to be secure and lightweight, and thus can be a practical and effective solution for future large-scale WMNs.