Session Chair: Y. Salmatzidis
Achieving a Trust Relationship Model in eduroam – The Case of an RadSec Pilot Implementation in Portuguese Higher Education Institutions
(Pedro Simoes)
Eduroam or Education Roaming, is a RADIUS-based (Remote Authentication Dial In User Service) infrastructure that uses 802.1X security technology to allow for inter-institutional roaming. Since its origin in 2002, eduroam has rapidly spread across the world and now students and researchers from over 85 countries can benefit from free, secure and reliable wifi access. Making this initiative probably the major success story for Research and Education mobility in the past few years. Being part of eduroam, allows users visiting another member institution to log on to the WLAN using the same set of credentials (username/password) that the user would use if he were at his home institution. All this with a minimum administrative overhead. The current RADIUS hierarchy protocol implementation of eduroam works well. However, due to the constantly growing number of users and organizations around the world, issues related to timing, security and reliability of communication started to appear. The goal of a RadSec is to handle these issues, add features and more management flexibility. The current paper intents to describe and report of a Portuguese RadSec pilot implementation between the FCCN – a branch of FCT – the Portuguese Foundation for Science and Technology, with the aim of planning and managing the RCTS – the Science, Technology, and Society Network, UTAD – University of Trás-os-Montes and Alto Douro, IPCB- Polytechnic Institute of Castelo Branco and ISCTE-IUL University of Lisbon. Each of these institutions implemented different technological approaches in order to enable a heterogenic multi-domain RadSec infrastructure aiming to enable a good practice approach to a wither national implementation. View Paper
Device Specific Credentials to Protect from Identity Theft in Eduroam
(Bernd Decker)
To reduce the impact of security vulnerabilities of Eduroam the Eduroam Device Management was implemented at RWTH Aachen University. The service allows to create device specific credentials to be used as credentials when connecting to the Eduroam network. Users can create credentials, get an overview of their credentials already created and can disable network access for each device individually via a web interface. A first device manager was developed for users of RWTH Aachen, the current implementation considers the creation of device specific credentials and supporting processes for other universities within a federation. View Paper
–