Scalable and Self-configurable Eduroam by using Distributed Hash Table Hiep T. Nguyen Tri, Rajashree S. Sokasane, Kyungbaek Kim Dept. Electronics and Computer Engineering Chonnam National University Gwangju, Republic of Korea e-mails: {tuanhiep1232@gmail.com, sokasaners@gmail.com, kyungbaekkim@jnu.ac.kr} Abstract—In the recent years, the number of increased Wi-Fi networks and Wi-Fi-enabled devices shows how fast Wi-Fi technology is growing. Since a single network provider is usually not able to ensure Wi-Fi coverage for its own users across many geographic locations, we need Wi-Fi roaming. Eduroam is a Wi-Fi roaming system, which allows a user of a domain to access wireless resources in another domain with the unique credential of the user managed in the original domain. The authentication process in Eduroam is based on the hierarchical tree structured Remote Authentication Dial-In User Service (RADIUS) servers over wide area networks. Existing RADIUS-based tree structure of Eduroam is not self- configurable; joining/leaving of node is not automatically handled by the existing approach and it takes high communication delay as well. In order to improve the scalability of Eduroam with self-configurable feature and reduce communication delay as compared with tree structure- based Eduroam, we hereby proposed a Scalable & Self- configurable Eduroam by using Distributed Hash Table (DHT). Through a prototype implementation, we showed that the proposed system supports high scalability and high fault tolerance. Keywords-DHT; Eduroam; RADIUS server; Wi-Fi roaming. I. INTRODUCTION Wi-Fi technology has become increasingly popular due to its flexibility and mobility; as a result, the need of Wi-Fi roaming systems is increasing. The Eduroam [1] is a secure roaming system between educational institutions. The Eduroam allows users to access the Internet with their own credentials at visiting institution during roaming. The Eduroam principle is based on the fact that the user's authentication is done by the user's home institution, whereas the authorization decision allowing access to the network resources is done by the visited network. The authentication process of Eduroam is based on hierarchical tree structured RADIUS servers. However, hierarchical tree structure approach in Eduroam causes long communication delay, and also exposes a single point of failure because every authentication traffic flows through the tree hierarchy even though it is only of interest to a leaf RADIUS server. To overcome these issues of tree structured Eduroam, we developed a Flat Layer RADIUS server model with Eduroam in our previous work [9]. The Flat Layer RADIUS server model effectively reduces communication delay and avoids single point of failure. In the Flat Layer RADIUS server model, we assumed that every node in the network must know about all other nodes in the network. In the Flat Layer RADIUS server model, each node (RADIUS server) directly communicates with each other, without using any intermediate RADIUS proxy servers. To evaluate the performance of the Flat Layer RADIUS server model and compare with tree structure model, we setup experiments by using open source based freeRADIUS (version 2.1.8) and ubuntu (version 10.04.4) as RADIUS server. Table I shows the authentication time comparison between the tree structure and the Flat Layer RADIUS models. Note that the authentication time includes request forwarding process, authentication process, network latency and response forwarding process. Table II shows request processing time of three stages in authentication process. From Table I, we can observe that Flat Layer RADIUS server model takes less authentication time than RADIUS-based tree structures. TABLE I. AUTHENTICATION TIME (µS) Tree structure Flat Layer RADIUS model 3 hops away 2 hops away Request Forwarding Process 1155 711 273 Authentication Process 330 237 242 Response Forwarding Process 559 278 134 Network latency 620823 402997 201330 TABLE II. REQUEST PROCESSING TIME Process/machine Time in µs Request Forwarding 357 Authentication 270 Response Forwarding 162 However, the Flat Layer RADIUS server model may face the scalability issue. If a node operation, such as joining or leaving the network, takes place all nodes in the network need to be updated to stay up-to-date with latest membership information of the network. If the number of nodes in the network goes up, the data transfer between all nodes lead to overhead and updating operation to all nodes takes much time, it may cause for bottleneck. Flat Layer RADIUS server model works well with small scale, but when the members in the network are going to be increased the maintenance cost is also increased with it. 120 Copyright (c) IARIA, 2014. ISBN: 978-1-61208-365-0 INFOCOMP 2014 : The Fourth International Conference on Advanced Communications and Computation