Wilmagate
Encyclopedia
WilmaGate is a collection of open source
tools for Authentication, Authorization and Accounting
on an Open Access Network
. It has been initially developed by the
Computer Networks and Mobility Group at the University of Trento
(Italy
).
Its development has been part of the locally-funded Wilma Project and is now being pursued by the Twelve Project under the name Uni-Fy. It is currently being used for wireless authentication at the Faculty of Science at the University of Trento and by the UniWireless network of Italian research groups participating in the Twelve Project.
) from internet access provided at the user's current location by a local carrier.
Therefore, a multiplicity of authentication providers and of access providers is envisioned. The WilmaGate system provides code for both purposes and for a variety of authentication methods. Its modular and object-oriented structure allows programmers to easily add plug-in code for new authentication or accounting protocols. See this article for details.
and is executable both in Linux
and Windows/Cygwin
environments. The sample Captive portal
authentication system is written in PHP
.
Open source
The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...
tools for Authentication, Authorization and Accounting
AAA protocol
In computer security, AAA commonly stands for authentication, authorization and accounting.- Authentication :Authentication refers to the process where an entity's identity is authenticated, typically by providing evidence that it holds a specific digital identity such as an identifier and the...
on an Open Access Network
Open Access Network
An open-access network refers to a horizontally layered network architecture in telecommunications, and the business model that separates the physical access to the network from the delivery of services. In an OAN, the owner or manager of the network does not supply services for the network; these...
. It has been initially developed by the
Computer Networks and Mobility Group at the University of Trento
University of Trento
The University of Trento is an Italian university located in the cities of Trento and Rovereto. It has been able to achieve considerable results in didactics, research and international relations, as shown by Censis University Guide and by the Italian Ministry of...
(Italy
Italy
Italy , officially the Italian Republic languages]] under the European Charter for Regional or Minority Languages. In each of these, Italy's official name is as follows:;;;;;;;;), is a unitary parliamentary republic in South-Central Europe. To the north it borders France, Switzerland, Austria and...
).
Its development has been part of the locally-funded Wilma Project and is now being pursued by the Twelve Project under the name Uni-Fy. It is currently being used for wireless authentication at the Faculty of Science at the University of Trento and by the UniWireless network of Italian research groups participating in the Twelve Project.
Features
The system has been designed in order to separate the user authentication phase (which is usually performed by a possibly remote ISPInternet service provider
An Internet service provider is a company that provides access to the Internet. Access ISPs directly connect customers to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and host other people servers...
) from internet access provided at the user's current location by a local carrier.
Therefore, a multiplicity of authentication providers and of access providers is envisioned. The WilmaGate system provides code for both purposes and for a variety of authentication methods. Its modular and object-oriented structure allows programmers to easily add plug-in code for new authentication or accounting protocols. See this article for details.
Steps
The following steps are performed in a normal user connection.- The user's mobile terminal (laptop or PDA) physically connects to a network, ether by plugging a cable (EthernetEthernetEthernet is a family of computer networking technologies for local area networks commercially introduced in 1980. Standardized in IEEE 802.3, Ethernet has largely replaced competing wired LAN technologies....
or Firewire) or by associating to a wireless access pointWireless access pointIn computer networking, a wireless access point is a device that allows wireless devices to connect to a wired network using Wi-Fi, Bluetooth or related standards...
via Wi-FiWi-FiWi-Fi or Wifi, is a mechanism for wirelessly connecting electronic devices. A device enabled with Wi-Fi, such as a personal computer, video game console, smartphone, or digital audio player, can connect to the Internet via a wireless network access point. An access point has a range of about 20...
or BluetoothBluetoothBluetooth is a proprietary open wireless technology standard for exchanging data over short distances from fixed and mobile devices, creating personal area networks with high levels of security...
.
- The terminal automatically issues a DHCP handshake in order to set up an appropriate configuration for the network it is entering. By this action, the mobile terminal's existence is recognized by the Gateway component.
- The client starts some form of authentication process, either by opening a web browser and having it redirected to an authentication provider of choice, or by some pre-installed authentication program.
- After authentication, the client has possibly full Internet access; however, some authentication-based restrictions are applicable.
Code
The access gateway is written in C++C++
C++ is a statically typed, free-form, multi-paradigm, compiled, general-purpose programming language. It is regarded as an intermediate-level language, as it comprises a combination of both high-level and low-level language features. It was developed by Bjarne Stroustrup starting in 1979 at Bell...
and is executable both in Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
and Windows/Cygwin
Cygwin
Cygwin is a Unix-like environment and command-line interface for Microsoft Windows. Cygwin provides native integration of Windows-based applications, data, and other system resources with applications, software tools, and data of the Unix-like environment...
environments. The sample Captive portal
Captive portal
The captive portal technique forces an HTTP client on a network to see a special web page before using the Internet normally. A captive portal turns a Web browser into an authentication device. This is done by intercepting all packets, regardless of address or port, until the user opens a browser...
authentication system is written in PHP
PHP
PHP is a general-purpose server-side scripting language originally designed for web development to produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source document and interpreted by a web server with a PHP processor module, which generates the web page document...
.
Further reading
- Mauro Brunato, Renato Lo Cigno, Danilo Severina. Managing Wireless HotSpots: the Uni-Fy Approach. MedHocNet 2006, Lipari (Italy), June 14-17, 2006.
- Mauro Brunato, Danilo Severina. WilmaGate: a New Open Access Gateway for Hotspot Management. ACM WMASH 2005, Cologne (Germany), September 2, 2005.
- Roberto BattitiRoberto Battiti-References:...
, Mauro Brunato, Renato Lo Cigno, Alessandro Villani, Roberto Flor, Gianni Lazzari. WILMA: An Open Lab for 802.11 Hotspots. Proceedings of PWC2003, Venice (Italy), September 23-25, 2003.
External links
- The WilmaGate page at the NetMob Research Group
- The Uni-Fy page at the TWELVE Project