Transcript Wifi infrastructure in HKBU Campus

ISEM3410
Telecommunications and Networking
in Business
WiFi System in HKBU
Group 4 members:
11008660 Yau Oi Man, Rainie
11013427 Tong Shing Shan, Irene
11007931 Chap Yuen Kwan, Rachel
11009667 chan Lai Kwan Irene
12050148, DENG BO, Mark
12009113 Tam Yu Wai, Ecu
13508490 Wang Hyerim, Emily
1
What is WiFi?
2
What is WiFi?(1/4)
• Wi-Fi = "wireless fidelity"
• Wireless networking technology
• wireless internet and network connections
• using radio waves
3
What is WiFi?(2/4)
The Wi-Fi Alliance
• Define as any “wireless local
area network” (WLAN)
• based on the Institute of
Electrical and Electronics
Engineers' (IEEE) 802.11
standards.
4
What is WiFi?(3/4)
• Commonly used and supported by many
applications and devices
5
WiFi in HKBU (4/4)
infrastructure?
challenges and
difficulties?
Difference among
different WiFi?
Security?
6
WiFi infrastructure
7
WiFi infrastructure in HKBU Campus(1/8)
HKBU Server
HARNET
Internet
RADIUS
Switch (PoE)
Router (AP)
Notebook
Router (AP)
Netbook
Router (AP)
Desktop Computer with PCI wifi
card/wifi USB Adapter
Router (AP)
Mobile
Device
8
Components of WiFi infrastructure(2/8)
• Router
- A computer networking device
- Connected to two or more data lines from
different networks
- Performs the “traffic directing” functions on the
internet.
9
Components of Wifi infrastructure(3/8)
• Access Point (AP)
- Usually connects to a router as a standalone
device, but it can also be the router itself
- Allows wireless devices to connect to a wired
network
- About 1,800 APs in Kowloon Tong Campus
- Hidden in the ceiling or in containers
- Connected by twisted pair cable to switch
10
(4/8)
An access point in a plastic box located in ITO office
11
Components of Wifi infrastructure(5/8)
• Network Switch
- Connects devices together on a computer network
physically
- Multiple cables can be connected to a switch
• Power over Ethernet (PoE)
- Describes any of several standardized or ad-hoc
systems which pass electrical power along with data on
Ethernet cabling
- Less expensive and more convenient
12
Components of Wifi infrastructure(6/8)
• Remote Authentication Dial-In User Service
(RADIUS)
- Authenticate users and authorizes access
- An accounting system used by Internet Service
Providers (ISPs)
- When a user dials in to the ISP, the user must
provide the username and the password
- Information is passed to the RADIUS server
- If the identification is verified-> authorizes access to
the ISP’s network
- Eg. BU-Standard: Student id, password
13
Components of Wifi infrastructure(7/8)
• The Hong Kong Academic and Research
NETwork (HARNET)
- The wide area network which links up the campus
networks of the eight tertiary institutions in Hong
Kong
- Under the management of the Joint Universities
Computer Centre (JUCC)
- An advanced network infrastructure to facilitate the
exchange of information
14
(8/8)
15
The comparisons of different
WiFis of HKBU
16
Different WiFis of BU(1/9)
BU
1 Standard
2
BUSRH
3
BU Web
4
BU Guest
5
Others
17
BU
1 Standard
(2/9)
Target Users
Staff and students
Location
Campus buildings and public areas
Characteristics
-
Secured connection by 802.1x authentication
Connected to HARNET
Fast and stable connection
1,800 AP in Kowloon Tong Campus
18
2
BUSRH
(3/9)
Target Users
Staff and students
Location
Student Halls
Characteristics
-
802.3 authentication
only available in Student Hostels
Provided by a different ISP, HKBN
1st and 19th floor are connected to HARNET
10 Aps per floor
19
(4/9)
Hall way
20
3
BU Web
(5/9)
Target Users
Staff and students
Location
Campus buildings and public areas
Characteristics
-
Authentication via web login
Restricted to web browsing and email
Used only if 802.1x is not supported by users’ devices
Currently not used (replaced by BU Standard)
21
4
BU Guest
(6/9)
Target Users
Visitors
Location
Campus buildings and public areas
Characteristics
- Login ticket (issued by ITO) is required
- Requires money to buy the ticket
22
The Comparison of Different Wifis (7/9)
BU
Standard
BUSRH
BU Web
BU Guest
Target Users
Staffs and
Students
Staffs and
Students
Staffs and
Students
Visitors
Location
Campus
buildings and
Public areas
Student halls
Campus
buildings and
Public areas
Campus buildings
and Public areas
ISP
HARNET
HKBN
HARNET
HARNET
(for 1st & 19th floor)
HARNET
Characteristics
Fast and
stable
Using
different ISP
Login ticket
required
Not used
23
5
Others
(8/9)
PCCW
For Customers of PCCW and BU students
How to use PCCW with BU student ID
24
Eduroam, Universities WiFi
(9/9)
For Visitors from local and international educational institutes
Y5ZONE
For Customers of Y5ZONE and University students
25
Security Measure
26
• ENCRYPTION
(1/8)
-1.
encodes
the
data
sent
wirelessly
between your device and the router
Type
of encryption:
Wired
Equivalent
Privacy
(WEP)
option
for
older
routers
and
equipment
--2.
outdated!!
Wi-Fi
Protected
Access
(WPA
&
WPA2)
more
common
advanced
security
protocols
encryption
keysitthey
use
change
each
time WEP
a device accesses the
network,
making
more
difficult
to hack
than
27
WiFi encryption in HKBU(2/8)
Security measures when choosing wifi access:
BU- Guest; BU-Web
BU-Standard; BUSRH
Why are there two type of
wifi security standard?
28
When you choose
(3/8)
….
- You need to type ID (identity) and Password
to verify your identity
- Then your request will be transmit to RADIUS
for checking
- RADIUS servers checked the user's information
against a locally stored flat file database
RADIUS (Remote Authentication Dial In
User Service)
A networking protocol of:
1.authentication
2.authorization
3.accounting
29
Digital Certificate(4/8)
• it is a digital identifier used to authenticate a machine or user to a network
• it contains information about who owns the certificate, certificate issuer, a unique serial
number or other unique identification, expiration dates, and encrypted information
that can be used to verify the information held within the certificate
• Function:
▫ - to authenticate and associate with access points (APs) or broadband Wi-Fi
routers. APs and routers then connect to the Internet via a DSL, cable or other
types of modems.
• How it works:
▫ - A certificate authority (CA) is an authority (security server) in a network, or a
third-party entity, that issues and manages security credentials and public keys
for message encryption and decryption. As part of a public key infrastructure
(PKI), a CA checks with a registration authority (RA) to verify information
provided by the requestor of a digital certificate.
30
Certificate of Bu-standard(5/8)
31
(6/8)
32
When transmitting info to internet…(7/8)
No encryption when the
information pass through
controller
People can easily get
what you are
searching online!
How to protect privacy????
33
The answer is… HTTPS!(8/8)
HTTPS (Hypertext Transfer Protocol Secure)
a communications protocol for secure
communication over a computer network
provides authentication of the web site and
associated web server that one is communicating
with, which protects against man-in-the-middle
attacks
provides bidirectional encryption of communications
between a client and server, which protects against
eavesdropping and tampering with and/or forging
the contents of the communication.
guarantee user is communicating with precisely the
web site that is intended to communicate with
ensure that the contents of communications between
the user and site cannot be read or forged by any
third party.
34
Potential Problem
35
(1/6)
Overlapping
36
About overlapping(2/6)
• Channels range
▫ UK: 2.400 GHz and 2.497 GHz
This is subdivided into 13 channels of 25 MHz
▫ US: Just 11 of those channels are available
• Overlapping High-incidence area:
▫ Between adjacent bands
37
Visualization of channels and
overlapping situation(3/6)
38
Signal strength(spread)(4/6)
• Different medium:
▫ Concrete wall
▫ Wood
▫ Glass
39
Signal strength(spread)(5/6)
• The Distance
▫ For instance : different rooms in residence hall
holds different Wi-Fi Signal strength.
It depends on the distance between user and APs
40
Safety(6/6)
• Access points and routers all use a network
name called the SSID(Service Set Identifier)
And usually it’s a Default SSID
• Public free Wi-Fi : exposes your computer to
security risk (Hackers)
41
Conclusion
•
•
•
•
Digital and Internet generation
Wifi system  Essential
Provide high speed and stabile WiFi
Improving the teaching and learning
environment
42