METHOD TO SUPPORT IDENTITY PSK, CAPTIVE PORTAL AND ENHANCE ROAMING FEATURES FOR RANDOM MAC ADDRESS CLIENTS
As we know, wireless clients associate to the wireless network using the mac address assigned by the manufacturer of the Wi-Fi Network Interface Card (NIC). This manufacturer-assigned mac address, which is globally unique, is also known as Burn-In-Address (BIA). Use of this BIA everywhere raises the question of end-user privacy as the end-user can be tracked with Wi-Fi's mac address. Random MAC address solves the user privacy issues as per GDPR, but introduce limitations on some of the existing legacy wireless security methods and features which depends on MAC address to identify the devices such as, MAC address filtering, Identity PSK, Web authentication with captive portals, Web authentication using MAC filtering, DHCP with MAC address based IP binding, Location Tracking, User Defined Network, Device Analytics, MAC-based Policies, Troubleshooting, Forensic Usage, Roaming etc., There are techniques to address few of the above limitations such as EAP-TLS, DHCP with DUID, disabling the MAC randomisation functionality etc., But there are no techniques to address security functionalities such as iPSK and "web authentication with captive portals" and also some of the features/services such as Location tracking, Telemetry, Roaming/Mobility etc., The techniques presented herein propose method to achieve iPSK, Web authentication with captive portals and roaming features even for random MAC address supported devices, yet maintaining the user privacy.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
M M, Niranjan and Bhavanasi, Srihari, "METHOD TO SUPPORT IDENTITY PSK, CAPTIVE PORTAL AND ENHANCE ROAMING FEATURES FOR RANDOM MAC ADDRESS CLIENTS", Technical Disclosure Commons, (March 28, 2022)