Wireless Authentication Policy Possible security goals protection of local subnet traffic (but users should protect their own) protection of local subnet bandwidth (a concern) protection of other campus systems (but they can be abused from anywhere) protection of rest of Internet (ie, protecting CIO from embarrassment) traceability/accountability of user (very desirable) limit password exposure (ie, don't send them to middleboxes) Usability goals "any legitimate user", hence use UW NetID any (personal) wireless device, regardless of OS   ... hence, no special software permit local boot/login before authn low support cost (we're not doing MAC addr reg now) inter-building roaming not a big deal, yet

Workshop: Wireless Authentication CSG, Sanibel Harbour, January 2002 RL "Bob" Morgan, rlmorgan@ washington.edu