Wi-Fi, or WiFi, is a local area wireless computer networking technology that allows electronic devices access to network. A Wi-Fi network makes use of radio waves to transmit information across a network. Wi-Fi is based on the Institute of Electrical and Electronics Engineers' (IEEE) 802.11 standards. To connect to a Wi-Fi LAN, a computer has to be equipped with a wireless network interface controller. Wi-Fi technology may be used to provide Internet access to devices that are within the range of a wireless network. Devices may access a network resource such as the Internet via a wireless network Access Point (AP). The AP may provide Internet access over cable or cellular networks such as Second Generation (2G), Third generation (3G), Long Term Evolution (LTE) etc. among other options.
WiFi APs may provide user devices with access to a network resource such as the Internet, without authenticating them. However, since this is insecure and vulnerable to attacks, AP owners may provide security by authentication the users and encrypting traffic.
Offering Wi-Fi connections is a crucial service provided by businesses to attract customers. Organizations and businesses, such as hotels, airports, and restaurants, often provide hotspots wither free-of-charge or commercially, using a captive portal webpage for access.
For example, to join a wireless network at a hotel, a distinct network name and particular configuration instructions are needed for connecting. However, there are several known issues of this traditional Wi-Fi access management, which are presented below.
To login an end user device to a hotel's wireless networks, a correct access information is required to be entered in the end user device. It is often asked for a combination of a customer's last name, room number and a special passcode to be entered. Then the user of the end user device has to make sure all the information is entered into the right boxes correctly. Typing all the information into small text boxes on an end user device such as a mobile device causes reduction of use experience of staying at the hotel.
Further, the user of the end user device needs to make sure to be connected to the correct hotel network. Fake or poseur networks often show up as a way to lure hotel customers to give private information away unknowingly.
It is often found that when connecting to the hotel's network, the web-loading speed is extremely slow. One of the typical reasons is that many customers are using the same resources, at the same time. The problem is often caused by less considerate implementation of Wi-Fi access points in the building, leading too many connections to one access point.
Free Wi-Fi connections are also offered as one of the services in a hotel. Traditionally, the wireless network name such as a Service Set Identification (SSID) may be embedded in beacon signals broadcasted by a wireless access point to be heard by end user devices within radio range of the access point. Thus, the SSID becomes publically visible to all the Wi-Fi end user devices in the range. However, a business owner does not want to advertise the information to all the Wi-Fi end user devices, only to specific Wi-Fi end user devices being inside the premises especially.
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols and security certification programs that provide secure wireless network access.
The WPA2-Personal mode of WPA2 provides security based on pre-shared passwords among users.
WPA2-Personal provides security based on pre-shared passwords among users. However, this is not convenient as the user of a wireless device first needs to obtain correct SSID and password and then enter them for authentication and successful Internet access. Additionally, the passwords are vulnerable against guessing and cracking since they are not updated frequently.
The WPA2-Enterprise mode of WPA2 provides security based on the IEEE 802.1X standard. IEEE 802.1X is an IEEE Standard for Port-based Network Access Control (PNAC) and is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a Local Area Network (LAN) or Wireless Local Area Network (WLAN).
IEEE 802.1X uses an authentication server to validate users and provide network access. On wireless networks, IEEE 802.1X may work with WPA, WPA2, or Wired Equivalent Privacy (WEP) keys. This type of authentication is typically used when connecting to an enterprise network. However, this requires Wi-Fi users to obtain access credentials off-line, resulting in unnecessary troubles, like visiting or ringing front-desk at a hotel for username and password.