Category: Network Management

Articles

Your BMW wants email; the Merc wants Netflix | ITworld

HomePlug GP Networking Specification | The Tech Journal

My comments

The HomePlug Powerline Alliance have cemented the “Green PHY” standard for energy-efficient powerline networking and energy management in stone,

Now the major German vehicle builders have defined a power connection standard to connect their electric or plug-in-hybrid vehicles to the mains power supply for charging. This includes using these HomePlug standards for transferring required data between the vehicle and the host power supply for charging-process control, metering and other similar applications.

The core benefit is to achieve a successful level playing field for connecting these vehicles to the “smart grid” for overnight and rapid charging. This also includes particular requirements like costing of energy used by “guest vehicles”, road-tax implications as well as grid integration such as off-peak charging or vehicle-to-grid setups for offsetting energy peaks.

This also facilitates IP linking to the Internet service via this connection thus allowing for some possibilities beyond the “obvious Internet applications”. One application I have often thought of in this context is the ability to integrate the vehicle’s infotainment system in to the home network.

Here, it could lead to synchronisation of maps, contact lists and media files between the home network and the vehicle or the ability to simply benefit from the data held on the vehicle’s infotainment system in the home network. This would be the networked equivalent of bringing a tape or CD that was in the vehicle’s glovebox or sound system in to your home so you can play it on your music system there.

At least there is an attempt to achieve a level playing field across the vehicle industry to support electric vehicles while catering for flexible setups.

Articles

What You Need To Know About IPv6 – PCWorld

My Comments

There has been a lot of talk about IPv6 as becoming the next major change for the Internet ecosystem.

This talk increased since late 2010 with the fact that the Internet is running out of globally-assignable IPv4 addresses, which are used to identify Internet services to other endpoints on the public Internet. There would then be the requirement to frequently reuse these addresses which can lead to a confused Internet setup.

It has also been augmented by the “World IPv6 Day” taking place on June 8 2011 where most of the popular sites had to run a dual IPv4/IPv6 setup to test whether IPv6 is ready for prime time. This test passed with flying colours for all of these sites and some of them still run with IPv6 compatibility in one form or another,

It is a technology that will be put on the map more so with the arrival of next-generation broadband setups, either as a way of opening up more IP addresses or as a statement to say the these services are all about “next generation Internet”,

What does IPv6 offer?

Greater number of IP addresses

There is a greater number of unique IP addresses available in the IPv6 Internet than there would be for the current-technology IPv4 Internet.

This requires the use of long address strings that may be hard to understand. For example, a typical IPv4 Internet address would be something like 211.234.5.1 whereas the IPv6 Internet address would be something like 2001:0530:ac12:2333:03aa:12f3:fe21:53f2 . This is why some shorthands have been introduced like the one mentioned in the next paragraph.

If an address had four zeros in it like 0000, the shorthand for this would be two colons as in fe80::ac12:2333:03aa:12f3:fe21:53f2 being equivalent to fe80:0000:ac12:2333:03aa:12f3:fe21:53f2 . It is worth noting that any IPv6 address that starts with fe80:: (fe80:0000: in longhand) is a stateless link-local address that would be “worked out” between network devices unless there is an IPv6 router that has a DHCPv6 server handing out the addresses.

Different network addressing setup

In the current IPv4 world, an ISP would allocate each customer’s network an outside IP address like 211.234.5.1 with a netmask of 255.255.255.0 . All devices within the network would be allocated a site-local IP address and it would be the job of the router to map through using Network Address Translation a “port number” to an inside device’s address. This has often caused problems for network setup whenever a device had to receive information from the Internet, an activity that is becoming more common with applications like Internet gaming and IP telephony.

An ISP can now issue a network prefix to a subscriber like this: 2001:0530:ac12:2333 and the DHCP server in an IPv6 router can allocate a unique “full” IPv6 address for each of the network devices. There isn’t even the need for netmasks anymore because a network can be singled out by the use of the IPv6 prefixes.

It will also therefore provide for proper direct access to each unique node on an IPv6 network.

Therefore, you will end up with more unique IP addresses for your home or small-business network than the whole of the current-generation IPv4 Internet.

Different take on network security

The fact that each network device in an IPv6 network can be globally accessible requires a rethink of the role that the network-Internet “edge” device provides.

The role of these devices in a small IPv6 network will typically be to work as a security firewall for the logical network that is behind it. It will also be asked to work as a bridge between the IPv4 network, the IPv6 network and Internet services that work purely with IPv4 and IPv6. It will be augmented with Improved designed-in security with IPSec secure-network support.

What is the reality with IPv6

Most of us may think that our small networks in our homes, shops and small offices won’t touch IPv6. But there is a strong likelihood that it will be part of next-generation broadband Internet sometime in the near future.

Compatibility setups

The dual-stack network

The fact is that some of the devices you use for the Internet may be infact ready to work with the IPv6 Internet. They will typically work with the IPv6 Internet in a “dual-stack” form where they can support IPv6 or IPv4 network traffic over the same interface. This means that each device will be known on the network via an IPv4 address and an IPv6 address. It also leads to the fact that the network will work as though it is two different networks – an IPv4 network and an iPv6 network with the same physical infrastructure.

If you establish a network with two or more dual-stack IPv4/IPv6 devices with the IPv6 function enabled, you will end up with a dual-stack network with each device being known by a stateless IPv6 address. This is even though the network has a router that can only support IPv4 network setups and hand out IPv4 IP addresses from its DHCP server.

Inter-protocol tunnelling

As well, most routers that support IPv6 will implement tunnel setups that interlink data between regular IPv4 host systems and IPv6 host systems both within and outside the network. These are typically in the form of ISATAP or 6to4 protocols which manage this process automatically. Here, the routers will set up VPN-like tunnels between IPv4 networks over the IPv6 networks to link the resources that are behind these networks.

Who’s ready and who isn’t

Standard computers, tablets and smartphones

The regular computer and the smartphone will be ready for IPv6. This has been achieved with inherent operating-system support in the newer versions of the popular desktop and smartphone operating systems.

For example, Windows has inherent support from Vista onwards and has a “kludged-in” support arrangement for Windows XP. Macintosh users will have IPv6 support from at least MacOS X Snow Leopard onwards.

The two popular smartphone platforms, iOS (iPhone) and Android have inherent support in their current versions. This is because some of the mobile carriers run IPv6 networks for their wireless-broadband services.

Network-enabled equipment

Most small-business printers that are released by the big names over the past two years are IPv6 ready.This doesn’t hold true for consumer network printers or most consumer network media hardware for that matter. It also holds true for network-capable consumer electronics like the Internet radios that I have reviewed.

A selection of high-end consumer and small-business routers do support IPv6 in some way; usually in a dual-stack method  and/or providing IPv6/IPv4 routing functionality according to one or more common algorithms like 6to4 or ISATAP. It is still worth checking with your router vendor whether there will be IPv6-capable firmware available for your existing equipment or equipment that you plan to buy.

What I will be doing at HomeNetworking01.info is that when I review network-enabled equipment and find that it has IPv6 capability, I will identify it as being IPv6-ready in its connectivity list. This will allow users to know that the equipment they plan to buy or specify can he ready to work in the IPv6 age.

Internet services

At the moment, nearly all residential and small-business Internet services aren’t running IPv6-compliant Internet services. They may run an IPv6 network as part of their backbone or own-office infrastructure bot won’t enable IPv6 with their customer-facing services or the network links that reach their customers.

This situation may change with ISPs that are part of a next-generation broadband service or who provide “geek-friendly” Internet service with the latest and the greatest technology. But I would suspect that most ISPs will provide a dual-stack Internet service when they get around to providing the customer-facing IPv6 service.

Access to and hosting the Web

If you do set up a Web page with a service provider, you may have a different IPv6-readiness issue. Most Web hosts will run IPv6 on their backbone networks and may run IPv6 as a beta-testing service which isn’t all that “polished”; but they won’t have fully-functional IPv6 for their customer-facing Web sites or the sites that they host. This is because, at the moment,  most systems and networks won’t cope properly with “dual-stack” (IPv4 / IPv6) Web-host setups because of the primary reliance on IPv4 infrastructure.

After “World IPv6 Day”, most of the big sites like Google and Facebook had found they could operate as a dual-stack arrangement without "keeling over” or having negative impact on the end-user experience. This is even though most traffic that visits these sites originates from IPv4 networks. Therefore some of the major sites are still running dual-stack or maintaining their test IPv6 site as a separate subdomain.

What will this lead to

It may lead to the ability for many devices to be globally addressed in a small network and this may be of importance if these devices are to be directly accessible from the Internet. This will be of importance with gaming and remote-access applications, and may encompass the ability to have networks addressable through a premises-unique easy-to-remember subdomain.

It could also allow for multi-premises setups to be easier to establish and maintain due to the fact that a logical network can be set up to cover the different locations. This is as long as they work on one service account. It may not hold true of portable devices that are typically serviced by different providers’ accounts.

It may yield some controversies concerning individuals’ privacy and security because of the ability to provide globally-unique addressability for each device. This is along with the arrival of cost-effective network-based monitoring setups that could track every individuals’ movements.

Conclusion

This article is informing you about what is to be expected out of the IPv6 technology that is being highly talked about through this year. It also may be of relevance as we move towards households and small businesses being served by next-generation broadband services such as the many fibre-optic networks.

Product Page

Netgear WN3000RP

My Comments

There has been some increased Internet publicity about Netgear’s WN3000RP “universal range extender” which is intended to extend Wi-Fi coverage in to a network’s dead spot. Devices like this one are billed as being able to work with any 2.4GHz Wi-Fi network segment such as an ISP-supplied “Internet-network edge” wireless router.

But these devices work in a particular manner that may cause problems with network use. Here, they work as a wireless client bridge to the existing network and set themselves up as a Wi-Fi access point that is its own “extended service set” or Wi-Fi network segment. Most of these devices will typically have an Ethernet connection for use with Ethernet-ended network devices like PCs, network printers or games consoles and work as a Wi-Fi client bridge for these devices.

What can go wrong

Positioning in the wireless network

There is infact a lot that can go wrong in setting up and using these devices. One issue is how the device is positioned in the master wireless segment that is to be extended. You have to locate these devices just off the fringe of that wireless segment in order to avoid unreliable service from the client devices on both network segments. Usually, you would have to keep an eye on two indicator lights – one which shows reception quality relative to the master wireless segment and one which shows the quality of the wireless segment created by the device.

Operation of Wi-Fi client devices

As well, users will need to make sure that their laptop computers, smartphones or other devices point to the SSID associated with the range extender. In the case of the Netgear device that is set up using WPS to the “master segment”, the SSID will be a combination of “master_segment_SSID” + “_EXT”; like “BIGPOND-1234_EXT” for a hypothetical Telstra-supplied Wi-Fi router whose SSID is “BIGPOND-1234”. Of course, the WPA security parameters will be the same as that for the “master segment”. It may also require users to make sure their devices “latch on” to the SSID that is strongest for the area they are in; which may be a problem with laptop computers running some desktop operating systems; or some network devices like some Internet radios.

Bandwidth availability and advanced Wi-Fi setups

Another factor that is also worth considering is that the data bandwidth available in this newly-created segment will be smaller that that available in the master segment due to the device working from a weaker point of the master segment. Of course, never expect these devices to offer advanced network behaviour like client isolation for use with hotspots or support for multi-SSID access points for example. With the latter example, these devices will only work with one of the SSIDs available from these access points.

WPS network setup

A key point of confusion that can occur with Netgear’s wireless range extenders is the way the WPS “push-to-connect” function works. These devices have one WPS button on their control surface, which handles associating with the “master segment” or associating with a client device on its own segment. When you set up the range-extender for the first time with a WPS-enabled access point or router on the master segment, you are meant to press this button on this range extender to start the WPS cycle then press the button on the WPS-enabled access point to complete the process. Then you enroll a WPS-capable client device on this range extender’s segment by starting the WPS-configuration process on that device then pressing the WPS button on this range extender. What can happen is that a person who is enrolling the client device could press the button on the range extender before starting the WPS-setup process on the client and this could make the device assume it is connecting to another master segment rather than enrolling the new client.

What could be done to make these devices better

Firmware that suits multi-function operation

Of course the current firmware with these devices prohibits using them as a “pure” Wi-Fi access point with a wired backbone to the network. This is although they work properly as an access point for the new segment with the Wi-Fi “master segment” as their backbone. Rather, I would prefer that these devices have a “multi-function” firmware in place which allows at least three operation modes: a wireless range extender with one wireless segment as the backbone and another covering the area; a wireless access point with a wired backbone; and a wireless client bridge serving Ethernet-connected devices.

Improved designs could use a hardware switch that selects between the operation modes. This can then lead to a logical foolproof WPS operation mode with the WPS button only used for enrolling client devices in modes other than “Client Bridge” whereupon it would be used to enrol with the master segment. The user would be required to set the unit to “Client Bridge” mode when the want to establish a wireless backbone, then set the unit to “Range Extender” mode for operation as a range extender with a distinct satellite segment.

Improved WPS operation

Similarly, these devices could have improved WPS-button logic such as a “long press” for setup with a master segment and a “short press” for client setup. This can avoid further operation complications due to someone who intends to enrol a client device causing these range extenders to “hunt” for new master segments and affecting access to the network by established devices.

Conclusion and my opinion on these devices

If I was to extend the coverage of a wireless network segment, I wouldn’t necessarily use the wireless backbone method that is encouraged with these devices. Instead I would use access points run off a wired (Ethernet or HomePlug AV) backbone. This would then make sure that there is the full bandwidth available across the coverage of the network

Article

BT: Tests using white space for rural broadband are ‘very encouraging’ – FierceWireless:Europe

My Comments

There have been a few tests taking place in various countries to use bandwidth vacated by TV stations when they gone digital for use as the wireless last-mile in broadband service delivery. This application of the “white space” will be used primarily to deliver real high-speed broadband in to households and small businesses in rural and remote communities.

The BT Openreach tests that occurred recently and were cited in this article were performed on the UHF TV band and were covering the Isle Of Bute in Scotland. This exploited the ability for this band to be received on indoor antennas (aerials) like the typical “rabbit’s ears” used on portable TVs, as well as outdoor aerials.

A good question that may be worth raising with a UHF-based “white space” setup may be whether such setups may cause digital-TV reception problems for stations broadcasting on that band. This is more so in areas where the UHF band is being used as a “repeater” / “translator” broadcast band to fill in reception black spots in a TV broadcaster’s market area. In a rural area, there will be these transmitters being used for each TV broadcaster that is to be received in the area alongside any “white-space” Internet-delivery setup.

Other questions worth asking include whether such a setup will use “fibre-to-the-transmitter” or other high-speed wired backbones, what kind of bandwidth is available to the customer and whether it will be a “shared bandwidth” setup like DOCSIS cable-modem setups or a “dedicated bandwidth” setup like what Ethernet and DSL setups can provide.

Articles

Understanding gigabit Wireless LAN: 802.11ac and 802.11ad

My comments

What is it all about

At the moment, 802.11n on both the 2.4GHz and 5GHz wavebands is the current link standard for the Wi-Fi wireless network. But the IEEE have decided to work on standards for providing increased-bandwidth wireless networks.

The two standards are 802.11ac, which will primarily work on the 2.4Ghz and 5GHz radio bands and be seen as a migration path from the current 802.11n technology; as well as 802.11ad which works on the 60GHz waveband and has a very short range. The latter technology would be considered best for peer-to-peer applications like short-range wireless backhaul.

Both of these systems will use MIMO (Multiple Input Multiple Output) radio technology; a “front-end diversity” system with multiple transceivers which is what the 802.11n network uses. But this technology will work with at least four “front-ends”; known as “4×4” due to four signals coming in and four going out.

Dedicated bandwidth options

One major benefit that I see with these technologies will provide is dedicated-bandwidth wireless networking which each access point compliant to these standards can do. This is brought on through the use of MU-MIMO (Multi-User Multi-Input Multi-Output) Here, it extends “transmit beamforming” technology which provides improved signal quality in an 802.11n network to allow the access point to provide “switched” Wi-Fi with dedicated bandwidth to stations; similar to the way the typical wired Ethernet network works.

It may be an improvement for network setups with many SSIDs per access point like so-called “guest / hotspot” + “private” networks, shared hotspot access points or many university networks; by allowing full bandwidth to each SSID.

The realities

Of course, the actual throughput that a network link will achieve will typically be less than headline link speed due to overheads associated with the link’s transmission requirements. Here, the average real world maximum throughput will be 867Mbps and the figure may be quoted for first-generation equipment or mature-generation equipment.

How it affects my small network

What will be asked of a small network like a home network would be a 5GHz segment that provides the 802.11ac network.

It may provide for dedicated throughput to client devices like laptops or tablet computers. For those networks that run as dual networks like hotspots or guest networks that share the same wireless router as the private network,the dedicated throughput for each wireless-network segment will be a bonus.

Of course, 2.4GHz will still be used as an 802.11n segment for existing devices and there may be a compatibility mode so that existing 802.11n devices can operate on the same segment.

Other issues

If the 802.11ad technology is to be used as a wireless-backhaul for many 802.11ac access points, there will have to be work on a complementary mesh-network technology. It will then provide a level of fault-tolerance in the wireless backhaul as well as a chance for each station to have and pass on full bandwidth networking. This is something that the IEEE standards body are working on with the 802.11s draft standard.

Conclusion.

It therefore shows that when there is a standard in place, there will be a chance to “raise the bar” with the technology that it covers. This will mean that a Wi-Fi wireless network could become close to the goal of a switched Gigabit network.

Links:

Android Market direct link

Click on or scan this barcode from your Android device to install this program.

Introduction

I am reviewing WiFi Analyzer which is an elementary wireless-network site-survey tool for the Android platform. This program is free-to-download but is ad-supported with ads that can be suppressed for a few weeks at a time through a user option. There is also the ability for users to donate via PayPal to keep the program being developed.

Like all other WiFi site-survey tools, this program relies on the “beacon” information sent out by wireless networks at regular information and a low-traffic wireless network may occasionally show up on the program’s radar whereas a regularly-used network will exist on the program’s radar.

Data views

This program has a few different methods of visualising the wireless-network space that your Android device as listed below.

There is a Channel graph which, like inSSIDer, can show the relative strength of each SSID on the Y axis and channel positioning on the X axis. This can be useful for determining whether a wireless network is being swamped out by other networks or determining where to tune the wireless access point’s operating channel to.

Wi-Fi Analyzer Channel Graph

There is also a time graph which shows relative signal strength of access points over a time period. This can be useful for determining what happens when a certain network comes on line for example.

There is also an access-point list which lists each access point that the Android phone can pick up. Here, you are provided with the ESSID, BSSID, channel number and security type (including WPS capability) of each access point and can have this sorted by ESSID, channel,signal strength or security type (“openness”). This list can be grouped by ESSID and security type so you can identify multi-access-point networks. This view may not be accurate if you have multiple wireless routers in an area set to default SSIDs like “linksys” or “dlink” but working on different WEP keys or WPA passphrases.

Wi-Fi Analyzer Network List by ESSID

There is a Channel-rating bar graph which measures channel useability by the number of stars where the more stars that exist, the better the channel is for your network. You can also “set” an access point to this graph so you can compare channels to the one it is tuned to at the moment. Again, this would come in handy for tuning the access point for best operation.

Lastly, there is a Signal strength meter which allows you to measure the signal strength of an access point. This can be useful for locating rogue or interfering access points or simply to determine the coverage of an access point.

Wi-Fi Analyzer signal strength meter

There is the ability for one to connect to a network if the user installs the “WiFi Connector Library” either through the application or by visiting the Android Market. This can allow the user to “lock-on” to a network while monitoring other wireless access points.

It works well as a basic handheld tool for setting up a new wireless router or access point or keeping a small wireless network operating at its best. For businesses who run public wireless hotspots, this program allows them to assess their hotspot’s performance or find rogue access points (fake hotspots / evil-twins).

Usage tests

I had put the program to some usage tests with different wireless networks including my own and a wireless hotspot, This hotspot was a complementary-use service run by a small independently-run cafe whom I have been helping out with concerning its performance and keeping it “business-safe”. Here, I used the signal-strength meter to check that there was proper signal coverage over the public dining room and terrace area of that cafe. I also used the channel-graph view to determine if there are other access points or ad-hoc wireless networks able to be picked up in the cafe. Both of these functions worked well with assessing the hotspot’s coverage and quality-of-service.

As well, I used it in two shopping strips to assess how it and the Samsung Galaxy S Android handset that I was running it on could handle many wireless networks. It is able to identify each SSID and plot it properly on the graph and could cope with me walking into and out of particular access-point coverage ranges.

Limitations and Points of Improvement

For this application, the program could support “whitelisting” of BSSIDs against an ESSID so that one can easily know if the access point that is using your ESSID is really your network. This would work well with managing public networks like wireless hotspots by identifying rogue access points like the aforementioned “fake hotspots”. It can also work well with managing multiple-access-point wireless networks.

A “Pro” version, which would be sold for at an extra cost and wouldn’t have in-app advertising, could provide various extra functions like SSID whitelist management for use in optimising or managing wireless-network activity in particular sites or GPS support for “plotting” network coverage maps or the ability to keep standard log files for use with desktop software.

It is worth noting that this program is restricted to the frequency bands that the smartphone or tablet can cover and this is typically the 2.4GHz platform. At the moment, there aren’t any Android devices that can cover the 5GHz spectrum using their own hardware.

Conclusion

At last this is a program that answers my need for a cost-effective easy-to-use handheld network-survey tool in a popular smartphone platform. It can therefore be a good companion program to the inSSIDer program that I had previously reviewed on this site.

Articles

Wi-Fi body wants hotspots to override 3G • reghardware

From the horse’s mouth

Wi-Fi CERTIFIED™ Hotspot Program to Ease Subscriber Connectivity in Service Provider Wi-Fi® Hotspots  – Press Release

Wi-Fi Alliance Webpage

My comments

One main thrust behind the Wi-Fi Alliance’s new initiative concerning authentication, authorisation and accounting on public hotspots was to permit a wireless-broadband carrier to use Wi-Fi hotspots as a complimentary cellular technology. This is to avoid the need to buy cellular-telephony spectrum in order to increase service capacity and is increasingly necessary as the available radio spectrum becomes increasingly scarce.

Here, a cellular carrier could run their own Wi-Fi hotspot networks like what Telstra is doing or they could form a partnership with a wireless Internet service provider like “The Cloud” in the UK as a way of providing this service. They could then allow for a customer to seamlessly hand over from a 3G network to a Wi-Fi network that supports these credentials.

The way this is going to operate is to use a SIM card in a smartphone to store credentials for Wi-Fi networks. This card is typically controlled by the cellular carrier and may be only used for login credentials that continue the carrier’s partnerships.

A limitation I find with this is that the carrier could implement software locks so that the customer can’t use public networks other than those provided for by the carrier or their partnership. As well, there are other issues that haven’t been looked at properly with this goal for improved authorisation, authentication and accounting on these networks as I list below.

Venue-controlled hotspots

It can also make life difficult for customers who use hotspots provided by venue owners like hotels or cafes. Here, the login experience is typically managed by the hotspot owner and this may require information like a session ID in the case of a hotspot at a bar or cafe, or a room number for a hotel. These may apply for hotspot service where you pay the premises owner for that service or the service is part of the business’s main operation. In some free hotspots, you may have to click on a form to assent to terms and conditions of the service before you continue using the service.

As well, a user could use a hotspot run by an independent wireless hotspot operator and buy their access themselves through a Web-based user interface before using the service.

What I would like to see is support for these kind of hotspots because the user interface that is provided by most of them can become awkward for people who use handheld devices. This is typically because most of these user interfaces are designed for devices like laptops rather than handheld devices.

The improved interfaces could support “app-style” login experiences including “remember-me” login experiences where applicable. Other improvements that could be facilitated include the use of barcodes that are scanned by the phone’s camera to load “session keys” for docket-controlled hotspots or MMS direct-load support for login tokens for “SMS login token” WISPS. It could then lead to a venue-branded experience which some users may find as a “safety net” for their hotspot experience.

As well, a branded experience can be part of a “walled-garden” of sites that a person can visit free of charge or can be a sophisticated experience with such things as an online menu or the ability to order food and drink from your computing device.

Similarly, the idea of “franchising” WISP service to owners of venue-controlled hotspots hasn’t been worked out fully with this technology. Here, a person could have the rights to resell a WISP’s service under varying risk-return models and have the clients associated with that service use their hotspot in exchange for a cut of the costs paid by the clients.

Selective device-cluster creation

It is also a preferred standard to have devices in a public network isolated at lower network levels in order to prevent unwanted peer-to-peer discovery of the devices on these networks. This is typically achieved through functions like “AP isolation” or “Wireless Network isolation” and makes it appear to the devices that they are connecting directly to the Internet privately.

There are situations where a person may want to provide local connectivity between their own devices or devices owned by other users that are in their trust circle. Examples of this include LAN-based gaming over a wireless hotspot network, workgroups sharing data during a cafe meeting; one shifting data between a smartphone and a tablet computer at a coffee lounge or simply uploading pictures from a Wi-Fi-enabled camera to a 13” traveller laptop at their favourite “watering hole”.

Here, the authentication needed for this could be achieved through “same-token” login for devices with integrated Web browsers to entry of MAC addresses or WPS PIN numbers into a “cluster-creation” screen provided by the hotspot gateway. The Wi-Fi Alliance could examine the feasibility of using the new authentication methods as a way of creating selective network clusters across a device-isolated public wireless network.

Authenticating hotspots at the SSID-discovery level

The other question that has not been answered as far as I am concerned is whether there will be a system for authenticating hotspots and public networks in a similar manner to what is done when a user logs on to a banking site for example. This is to verify that the user has discovered a “safe” network before they select that SSID and begin to login to the hotspot.

The data that would be verified would be the MAC addresses of the access points as well as the gateway device’s  IP address and MAC address. This can be used to verify that the user has logged in to a network that is operated by the venue that is providing the hotspot service. For a WISP like “The Cloud” or FON, this may be useful for verifying that users have logged in to the WISP’s network. In this case, this information may pertain to the locally-installed hardware for the WISP.

Here, this could be achieved through a private-key / public-key exchange setup where the successfully verified hotspots could at least be highlighted in a wireless network with a ?key” or green-light icon. If this system does also support the transmission of logo icons, the client device could also show a company logo for that hotspot host.

It can also work as a way of encouraging customers to be sure of where they are surfing the Web through. As well, a business could have a Windows 7 laptop or Blackberry smartphone that supports this kind of verification for public wireless networks to prohibit logging in to public wireless networks that don’t have this kind of verification.

The main issue with this is that independently-run cafes and bars may need to be able to have access to any certification setups at a modest price, preferably through a government business-support agency or their bank.

Conclusion

Once these issues are ironed out concerning the provision of public Wi-Fi Internet service to the hordes of users with notebooks, netbooks, smartphones and tablet computers, then they can use these services to full capability in a secure manner.