Greenpass: Flexible and Scalable Authorization for Wireless Networks Dartmouth Technical Report TR2004-484 Sean Smith Nicholas C. Goffee Sung Hoon Kim Punch Taylor Meiyuan Zhao John Marchesini Date: January 2004 URL (PDF): (124KB) Abstract: Wireless networks break the implicit assumptions that supported authorization in wired networks (that is: if one could connect, then one must be authorized). However, ensuring that only authorized users can access a campus-wide wireless network creates many challenges: we must permit authorized guests to access the same network resources that internal users do; we must accommodate the de-centralized way that authority flows in real universities; we also must work within standards, and accommodate the laptops and systems that users already have, without requiring additional software or plug-ins. This paper describes our ongoing project to address this problem, using SPKI/SDSI delegation on top of X.509 keypair within EAP-TLS. Within the ``living laboratory'' of Dartmouth's wireless network, this project lets us solve real problem with wireless networking, while also experimenting with trust flows and testing the limits of current tools.