We present MicroISP, a novel architecture for Internet Service Providers suitable for installation in airports, hotels, conference centers, cafés, and office or apartment buildings. Users access a MicroISP via a low-cost, high-bandwidth LAN, e.g. Ethernet or WaveLAN. A router connects the MicroISP's LAN to a shared high-bandwidth access link (e.g., DSL or cable) to a conventional ISP. For this service, a MicroISP charges its clients. The architecture supports a variety of payment methods, both offline (e.g., cash, credit card, or billing to a hotel room account) and online (e.g., eCash, SET, IBM Micro Payments, or Millicent). MicroISPs use IPSec's IKE protocol for securely exchanging authentication keys with paying users. Paying users use IPSec's AH protocol in tunnel mode to authenticate each packet they send. Therefore, MicroISPs can easily detect and drop packets of non-paying users. A MicroISP must present to users a certificate signed by a recognized authority, but a user may simply present a self-signed certificate, as long as the user pays for service. Regardless of how online payment is implemented, it runs on the user's authenticated tunnel, and therefore can be securely bound to it. The MicroISP protocol allows users to monitor and control usage and supports recovery in case of a MicroISP or user computer crash.
Did you find this white paper useful?
12 out of 20 users found this white paper useful
Related white papers
Nortel Secures Managed Care for Internet Traffic at ProMedica Health System
ProMedica Health System is a not-for-profit healthcare organization of more than 209 healthcare facilities in Ohio and Michigan. They needed to regulate and secure traffic on the organization's fractional DS-3...
Next-Generation Optical Transmission Fibers
The first part of this paper gives a brief introduction of modern optical transmission fiber technology. The second part of this paper illustrates detailed numerical analysis, lab tests, and field...
Layer 3 Malformed Packet Testing in MCI's Public IP Network
Malformed packets associated with routing protocols can cause undesirable consequences if not detected and contained properly as close to the originator as possible. This issue magnifies in scope and complexity...
Network Intrastructure: Getting Started with VoIP
IP/Ethernet networks are fast becoming an attractive and viable utility for supporting high-quality voice in a converged network. Bringing disparate voice and data systems together into a multi-service network can...
Internet Acceptable Use Policies: Navigating the Management, Legal and Technical Issues
Many organizations have discovered the hard way that unrestricted and unmanaged Internet access by employees can lead to dire consequences in the form of wasted time, lost productivity, misappropriation of...
The Real Cost of Spam
Unsolicited Commercial E-mail, or spam, is not just an annoying problem. It's a costly one. This paper examines the different cost impacts, both direct and indirect, that spam has on...
The Three Components of Optimizing WAN Bandwidth
One of the truths in the industry is that few organizations pay much attention to proactive network management of any type. However, the proactive optimization of WAN bandwidth will quickly...
