Design and implementation of MobiSEC: A complete security architecture for wireless mesh networks

Wireless mesh networks (WMNs) have emerged recently as a technology for next-generation wireless networking. They consist of mesh routers and clients, where mesh routers are almost static and form the backbone of WMNs. WMNs provide network access for both mesh and conventional clients. In this paper we propose MobiSEC, a complete security architecture that provides both access control for mesh users and routers as well as a key distribution scheme that supports layer-2 encryption to ensure security and data confidentiality of all communications that occur in the WMN. MobiSEC extends the IEEE 802.11i standard exploiting the routing capabilities of mesh routers; after connecting to the access network as generic wireless clients, new mesh routers authenticate to a central server and obtain a temporary key that is used both to prove their credentials to neighbor nodes and to encrypt all the traffic transmitted on the wireless backbone links. A key feature in the design of MobiSEC is its independence from the underlying wireless technology used by network nodes to form the backbone. Furthermore, MobiSEC allows seamless mobility of both mesh clients and routers. MobiSEC has been implemented and integrated in MobiMESH, a WMN implementation that provides a complete framework for testing and analyzing the behavior of a mesh network in real-life environments. Moreover, extensive simulations have been performed in large-scale network scenarios using Network Simulator. Numerical results show that our proposed architecture considerably increases the WMN security, with a negligible impact on the network performance, thus representing an effective solution for wireless mesh networking. 2009 Published by Elsevier B.V. R 48