Embed Size (px)
DESCRIPTION
Citation preview
Provisioning for Wi-Fi is Easy: A Look at Requirements – and Simple Solutions – for Embedded Wi-Fi and the Internet
Lew Adams
CTO
GainSpan Corporation
1
Wi-Fi Connects the Internet of Things
2
0
500
1000
1500
2000
2500
2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015
Ship
ments
(M
illio
ns)
Wi-Fi Chipset Shipments, by Protocol(ABI Research, May 2010)
802.11n 802.11a/g 802.11g 802.11a 802.11b
First Wave
Second Wave
Third Wave
The EmbeddedInternet
Embedded Internet Requirements
Security
Low power consumption
Interoperability
Ease of provisioning
3
Wi-Fi and Internet Security Solutions Wi-Fi Security with Wi-Fi Protected Access (WPA)
WPA/2 – Personal Residential/home and small office installations Manual setting of SSID and passphrase
WPA/2 – Enterprise Commercial/industrial settings Requires IT infrastructure with AAA/RADIUS server Automates Wi-Fi device authentication and authorization to Wi-Fi access points
Internet Security with SSL Server verification Certificate verification Embedded client verification Encryption of application data for LAN and WAN communication
4
Data Security over Wi-Fi and the Internet
5
Broadband ISP Gateway
Wi-Fi AP
Wi-Fi Devices & Equipment• WPA/2 enabled• SSL enabled
Public Internet
Application Server• SSL enabled
WPA
Data
SSL
Secure Wi-Fi Data• Socket layer encryption• Wi-Fi encryption
Data
SSL
Secure Internet Data• Socket layer encryption
Power Management Methods Wi-Fi Power Save Polling (PS-Polling)
Wi-Fi device/client Announces entering power save mode Listens periodically for AP beacon frames Send/receive data when necessary
Wi-Fi AP Buffers data for sleeping Wi-Fi devices/clients Sends beacon to indicate if buffered data exists for specific devices
6
Power Management Methods Chip Power Management
Power saving duty cycle Fine-grain control of HW subsystems
Processor: standby and deep sleep Receiver/Transmitter: enable/disable Clock frequency
Firmware design Sample-Store; Transmit/receive only when necessary APIs to utilize chip power management capabilities
7
Interoperability via Standards-based Protocols Industry standards Scalability with modular layers Incorporate only components that are required Millions of safe & secure, real-world deployments Networking services
Presentation layer Application sessions Application level security
Transport Supports: streaming, packets and data-grams
Internet Universal: Local and Wide Area Networks Physical layer agnostic Optional Security
Wi-Fi Wireless security Point-to-point connections & many-to-many connections
8
Wi-Fi802.11a/b/g/n
Internet
Transport
Networking Services
802.11i802.11e
WPA/2 PersonalWPA/2 EnterpriseEAP WMM
WPS
Wi-Fi Direct
IPv4
ICMP
DCCP
SCTP
RSVP
ECN
TCP UDP
IPv6
ICMPv6
IGMP
IPsec
DHCP DNS FTP HTTP IMAPIRC LDAP MGCP NNTP NTPRPC SSH TLS/SSL Telnet
Embedded Wi-Fi Provisioning Challenges Embedded Devices/Clients
Lack of display screen in most cases
Lack of buttons/controls Limited user/human interface
Consumer oriented devices Require ease of set up No IT department to call
Wi-Fi security and provisioning Wi-Fi network (access point) settings
Network SSID Security mode – personal or enterprise Wi-Fi security Passphrase
LAN and Internet settings IP address for client Domain name for server name access on the internet
Infrastructure
Wi-Fi Protected Setup (WPS) Push Button Configuration
APs & Wi-Fi client devices have buttons to initiate WPS
User pushes buttons for Wi-Fi credential exchange
User reboots device APs & Wi-Fi client devices
complete association and authentication
Personal Identification Number
Wi-Fi client device with PIN on label or displays PIN
APs have configuration page via browser to input device PINs
User reboots device APs & Wi-Fi client devices
complete association and authentication
Wi-Fi Protected Setup (WPS) Wi-Fi network (access point)
settings WPS enabled access point WPS embedded firmware feature
IP Network and Internet settings DHCP client DNS client
• Wi-Fi Protected Setup (WPS)• DHCP client• DNS client
Infrastructure
Wi-Fi Protected Setup (WPS)
Browser-based Provisioning via Ad-hoc Connection Wi-Fi network (access point)
settings No requirements of access point Embedded networking services
TCP/IP stack HTTP server Provisioning web pages
Browser on smart-phone or PC becomes UI to configure; Ad-hoc
Automation of LAN and Internet settings DHCP client DNS client
• TCP/IP stack• HTTP server• Provisioning Web pages• DHCP client• DNS client
Infrastructure
Ad-hoc
• Browser
Manuf.
Logo
Manufacturer Name
Change Clear
Logout Device Configuration IP Network Basic Wi-Fi
Current Name:
Current Password:
New Name:
New Password:
Validate New Password:
Reset to Factory Default: Reset
Native Application via Ad-hoc Connection
Wi-Fi network (access point) settings No requirements of access point Embedded networking services
TCP/IP stack GainSpan UUP command and control
protocol
Apple iPhone, iTouch, iPad Automation of LAN and Internet settings
DHCP client DNS client
• TCP/IP stack• GainSpan command and control protocol• DHCP client• DNS client
Infrastructure
Ad-hoc
• iTouch• iPhone• iPad
• Native App
Wi-Fi Meets Your Embedded Requirements Security
Wi-Fi Security: WPA/2 – Personal and Enterprise Internet Security: Secure Socket Layer (SSL)
Low Power Consumption Wi-Fi Power Save Polling Chip Power Management Embedded Applications
Interoperability Standards-based: Networking Services, Transport, Internet and Wi-Fi layers
Ease of Provisioning Wi-Fi Protected Setup Browser-based provision via Ad-hoc Connection Native Application via Ad-hoc Connection
14
Questions & Answers
15
