SlideShare une entreprise Scribd logo

OpenRoaming and CapPort API for Mobile Notifications

Radiator Software
Radiator Software

This document discusses OpenRoaming and the Captive Portal API (CapPort). OpenRoaming allows users to automatically connect to Wi-Fi networks around the world using their existing credentials. It benefits both access network providers and identity providers. The minimum requirements to participate as each type are outlined. Implementing OpenRoaming with Radiator Software is also discussed. The CapPort API allows notifying Wi-Fi users via mobile notifications and could be useful for promoting preferred networks like eduroam. A demonstration of implementing CapPort with only a DHCP server and web server is provided.

Technologie
1  sur  18
Télécharger pour lire hors ligne
OPENROAMING AND CAPPORT 2023-01-30 Karri Huhtanen (Radiator Software Oy)
OPENROAMING “eduroam for all”
What is OpenRoaming? ● OpenRoaming is a Wi-Fi roaming federation. ● Wi-Fi roaming is like mobile phone roaming, but becoming an operator is less difficult. ● If you are already familiar with eduroam, OpenRoaming is like eduroam for all of us. ● The idea is that end users can utilise their existing user credentials (e.g. username-password, certificates, cellular identities (SIMs)) to automatically connect to Wi-Fi networks around the world.
With OpenRoaming™ WBA is acting as a centralized policy authority enabling an ecosystem for identity providers and Wi-Fi network providers to work together and deliver automatic and secure Wi-Fi experience to millions of users Source: https://wballiance.com/openroaming/how-it-works/ OpenRoaming video: https://www.youtube.com/watch?v=YvhZouk6MKM
Benefits for Guest Network Providers ● Easier, automatic admission/authentication of guest network users (into WPAx-Enterprise Wi-Fi networks) ● Multi-vendor supported network authentication, configuration and provisioning ● Additional monetisation of guest/hospitability Wi-Fi networks ● Called Access Network Providers (ANPs)
Benefits for Identity Providers ● Providing network access to identity provider users via roaming ● Cost-savings from using roaming Wi-Fi networks compared to cellular network roaming ● Multi-vendor supported network authentication, configuration and provisioning
example.org RADIUS server example.com RADIUS server OpenRoaming Technical Functionality Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx RADIUS capable Wi-Fi controller or example.net’s own RADIUS server OpenRoaming Settled or Settlement-Free Access Service Provider Static Radius over TLS (RadSec, RFC 6614) connection Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx Global Public DNS Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx DNS discovery: NAPTR aaa+auth:radius.tls.tcp <realm> SRV <NAPTR result> Name lookup <SRV result> Dynamic RadSec connection to example.net’s IdP service provider Dynamic RadSec connections to example.com IdP Dynamic RadSec connection to example.org IdP user@example.com user@example.net user2@example.com user@example.org
OpenRoaming requirements for Access Network Provider (ANP) ● For organisations who only want to let OpenRoaming users roam in their network ● Minimum requirements: ○ Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment ○ OpenRoaming Settled or Settlement-Free Access service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client certificate (via service provider or WBA membership), and an own RADIUS server
OpenRoaming requirements for Identity Provider (IdP) ● For organisations who want their members or subscribers roam in OpenRoaming member networks ● Minimum requirements: ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) * ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
OpenRoaming with eduroam (community) ● Do-it-yourself trial service for IdP (roaming with eduroam credentials in OpenRoaming networks) available from eduroam: https://wiki.geant.org/pages/viewpage.action?pageId=133763844 ● Access Network Provider/Service Provider (ANP/SP) (allowing OpenRoaming users roam in guest networks) is not available from eduroam. ● Summary information about OpenRoaming and eduroam: https://eduroam.org/openroaming-and-eduroam-useful-information-for-e duroam-identity-providers-and-service-providers/ ● Wi-Fi configuration profile provisioning via https://cat.eduroam.org/ ● Support from eduroam community
OpenRoaming with Radiator Software ● Allowing OpenRoaming visitors in guest networks as well as roaming in OpenRoaming networks with eduroam credentials both supported as a service ● RadSec connections (with Radiator or radsecproxy) supported for securing roaming connections => connections behind dynamic IPs supported as well ● No need for Wireless Broadband Alliance membership (otherwise required by organisation or its service provider) ● With https://roam.fi/ membership an open roaming and OpenRoaming Wi-Fi network authentication service ● Wi-Fi configuration provisioning via eduroam-cat ● Minimum tuning with RADIUS/RadSec service and support from Radiator Software ● If interested, please contact Radiator Software (sales@radiatorsoftware.com, info@radiatorsoftware.com) for limited free trial
Other OpenRoaming implementations, services and instructions ● Cisco Spaces OpenRoaming Configuration Guide: https://www.cisco.com/c/en/us/td/docs/wireless/spaces/openroaming/b- spaces-or-cg.html ● Wi-Fi authentication/roaming service providers: ○ e.g Single Digits, GlobalTechnology
OpenRoaming with Radiator webinar on the 14th and 16th of February 2023 LEARN ● What is required for OpenRoaming? ● What is the quickest way to start testing? ● What are the recommended architecture and practices for adding OpenRoaming both for a Service/Access Network Provider and for an Identity Provider? ● Where can one find help to configure Radiator for OpenRoaming? Register at https://radiatorsoftware.com/webinars/
CAPPORT API Contacting your users via mobile notifications
CapPort API resources ● CapPort API demonstration site: https://capport.net/ ● CapPort API demonstration privacy policy: https://capport.net/privacy.html ● RFC8908 Captive Portal API: https://datatracker.ietf.org/doc/html/rfc8908 ● RFC8910 Captive-Portal Identification in DHCP and Router Advertisements (RAs): https://datatracker.ietf.org/doc/html/rfc8910 ● Google CapPort information: https://developer.android.com/about/versions/11/features/captive-portal ● Apple CapPort information: https://developer.apple.com/news/?id=q78sq5rv
Do it yourself CapPort … You only need a … # ISC DHCP server example subnet 192.168.144.0 netmask 255.255.255.0 { range 192.168.144.130 255.255.255.0; option domain-name-servers 192.168.144.1; option subnet-mask 255.255.255.0; option routers 192.168.144.1; option broadcast-address 192.168.144.255; option default-url "https://example.com/capporttest/"; default-lease-time 28800; max-lease-time 86400; } // this can be an index.html file as well { // captive portal is not used // venue-info-url is where you want to send the // user "captive": false, "venue-info-url": "https://example.com/" } Wi-Fi network DHCP server WWW server for JSON file
CapPort API summary ● Android (and Apple) supported technology to provide mobile notifications to Wi-Fi users ● Works, deployable already, even from organisation own servers ● Can be used to notify and provide information to Wi-Fi network users (usage policy, organisation contact information, organisation advertisement etc.) ● Could be especially useful in promoting a preferred Wi-Fi network (like eduroam/roam.fi) and a provisioning tool like https://cat.eduroam.org/ for guest Wi-Fi users
Thank you. Questions, Comments? Follow Radiator Software for more information… Radiator Software blog: https://blog.radiatorsoftware.com/ Twitter: https://twitter.com/RadiatorAAA Slideshare: https://slideshare.net/radiatorsoftware/ Webinar registration and materials: https://radiatorsoftware.com/webinars/

Recommandé

OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllKarri Huhtanen
 
OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllRadiator Software
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
 
Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Software
 
Adding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceAdding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceRadiator Software
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
 
Modern messaging with RabbitMQ, Spring Cloud and Reactor
Modern messaging with RabbitMQ, Spring Cloud and ReactorModern messaging with RabbitMQ, Spring Cloud and Reactor
Modern messaging with RabbitMQ, Spring Cloud and Reactoracogoluegnes
 
Camara Application Programming Interface (API) Overview.pdf
Camara Application Programming Interface (API) Overview.pdfCamara Application Programming Interface (API) Overview.pdf
Camara Application Programming Interface (API) Overview.pdfDimitrisLogothetis10
 

Recommandé

OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllKarri Huhtanen
 
OpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllOpenRoaming -- Wi-Fi Roaming for All
OpenRoaming -- Wi-Fi Roaming for AllRadiator Software
 
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingBeyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoaming
Beyond eduroam: Combining eduroam, (5G) SIM authentication and OpenRoamingKarri Huhtanen
 
Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Portfolio Updates webinar, 8th and 10th of March 2022
Radiator Portfolio Updates webinar, 8th and 10th of March 2022Radiator Software
 
Adding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceAdding OpenRoaming to existing IDP and roaming federation service
Adding OpenRoaming to existing IDP and roaming federation serviceRadiator Software
 
Adding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceAdding OpenRoaming to existing IdP and roaming federation service
Adding OpenRoaming to existing IdP and roaming federation serviceKarri Huhtanen
 
Modern messaging with RabbitMQ, Spring Cloud and Reactor
Modern messaging with RabbitMQ, Spring Cloud and ReactorModern messaging with RabbitMQ, Spring Cloud and Reactor
Modern messaging with RabbitMQ, Spring Cloud and Reactoracogoluegnes
 
Camara Application Programming Interface (API) Overview.pdf
Camara Application Programming Interface (API) Overview.pdfCamara Application Programming Interface (API) Overview.pdf
Camara Application Programming Interface (API) Overview.pdfDimitrisLogothetis10
 
20190523 archiver fim
20190523 archiver fim20190523 archiver fim
20190523 archiver fimArchiver
 
093049ov5.pptx
093049ov5.pptx093049ov5.pptx
093049ov5.pptxNguyenNM
 
Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyesThousandEyes
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...BAKOTECH
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi ArchitecturesMarc Nader
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service MeshRam Vennam
 
Web of things
Web of thingsWeb of things
Web of thingsSeo-Young Hwang
 
GCCP Session 3
GCCP Session 3GCCP Session 3
GCCP Session 3DSCIITPatna
 
platform without vendor lock-in
platform without vendor lock-inplatform without vendor lock-in
platform without vendor lock-inKai Jokiniemi
 
Workshop web rtc customers and use cases
Workshop web rtc customers and use casesWorkshop web rtc customers and use cases
Workshop web rtc customers and use casesDouglas Tait
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...WSO2
 
Platform without vendor lock-in
Platform without vendor lock-inPlatform without vendor lock-in
Platform without vendor lock-inSakari Hoisko
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable NetworkMyNOG
 
IoT Security Issues and MQTT
IoT Security Issues and MQTTIoT Security Issues and MQTT
IoT Security Issues and MQTTHiveMQ
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2DrayTek
 
OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014mfrancis
 
Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Johan Stokking
 
Architecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deploymentArchitecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deploymenta8us
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Contenu connexe

Similaire à OpenRoaming and CapPort API for Mobile Notifications

20190523 archiver fim
20190523 archiver fim20190523 archiver fim
20190523 archiver fimArchiver
 
093049ov5.pptx
093049ov5.pptx093049ov5.pptx
093049ov5.pptxNguyenNM
 
Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyesThousandEyes
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...BAKOTECH
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi ArchitecturesMarc Nader
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service MeshRam Vennam
 
platform without vendor lock-in
platform without vendor lock-inplatform without vendor lock-in
platform without vendor lock-inKai Jokiniemi
 
Workshop web rtc customers and use cases
Workshop web rtc customers and use casesWorkshop web rtc customers and use cases
Workshop web rtc customers and use casesDouglas Tait
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...WSO2
 
Platform without vendor lock-in
Platform without vendor lock-inPlatform without vendor lock-in
Platform without vendor lock-inSakari Hoisko
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable NetworkMyNOG
 
IoT Security Issues and MQTT
IoT Security Issues and MQTTIoT Security Issues and MQTT
IoT Security Issues and MQTTHiveMQ
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2DrayTek
 
OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014mfrancis
 
Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Johan Stokking
 
Architecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deploymentArchitecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deploymenta8us
 

Similaire à OpenRoaming and CapPort API for Mobile Notifications (20)

20190523 archiver fim
20190523 archiver fim20190523 archiver fim
20190523 archiver fim
 
093049ov5.pptx
093049ov5.pptx093049ov5.pptx
093049ov5.pptx
 
Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyes
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
 
Carrier WiFi Architectures
Carrier WiFi ArchitecturesCarrier WiFi Architectures
Carrier WiFi Architectures
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
 
Web of things
Web of thingsWeb of things
Web of things
 
GCCP Session 3
GCCP Session 3GCCP Session 3
GCCP Session 3
 
platform without vendor lock-in
platform without vendor lock-inplatform without vendor lock-in
platform without vendor lock-in
 
Workshop web rtc customers and use cases
Workshop web rtc customers and use casesWorkshop web rtc customers and use cases
Workshop web rtc customers and use cases
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...Setting the Foundation for Digital Transformation Through API Management and ...
Setting the Foundation for Digital Transformation Through API Management and ...
 
Platform without vendor lock-in
Platform without vendor lock-inPlatform without vendor lock-in
Platform without vendor lock-in
 
The Path to a Programmable Network
The Path to a Programmable NetworkThe Path to a Programmable Network
The Path to a Programmable Network
 
IoT Security Issues and MQTT
IoT Security Issues and MQTTIoT Security Issues and MQTT
IoT Security Issues and MQTT
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2
 
OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014OSGi IoT Demo - OSGi Community Event 2014
OSGi IoT Demo - OSGi Community Event 2014
 
Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018Building the Network - The Things Conference 2018
Building the Network - The Things Conference 2018
 
Architecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deploymentArchitecting an ibm sametime 9.0 audio visual deployment
Architecting an ibm sametime 9.0 audio visual deployment
 

Dernier

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 

Dernier (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 

OpenRoaming and CapPort API for Mobile Notifications

  • 1. OPENROAMING AND CAPPORT 2023-01-30 Karri Huhtanen (Radiator Software Oy)
  • 3. What is OpenRoaming? ● OpenRoaming is a Wi-Fi roaming federation. ● Wi-Fi roaming is like mobile phone roaming, but becoming an operator is less difficult. ● If you are already familiar with eduroam, OpenRoaming is like eduroam for all of us. ● The idea is that end users can utilise their existing user credentials (e.g. username-password, certificates, cellular identities (SIMs)) to automatically connect to Wi-Fi networks around the world.
  • 4. With OpenRoaming™ WBA is acting as a centralized policy authority enabling an ecosystem for identity providers and Wi-Fi network providers to work together and deliver automatic and secure Wi-Fi experience to millions of users Source: https://wballiance.com/openroaming/how-it-works/ OpenRoaming video: https://www.youtube.com/watch?v=YvhZouk6MKM
  • 5. Benefits for Guest Network Providers ● Easier, automatic admission/authentication of guest network users (into WPAx-Enterprise Wi-Fi networks) ● Multi-vendor supported network authentication, configuration and provisioning ● Additional monetisation of guest/hospitability Wi-Fi networks ● Called Access Network Providers (ANPs)
  • 6. Benefits for Identity Providers ● Providing network access to identity provider users via roaming ● Cost-savings from using roaming Wi-Fi networks compared to cellular network roaming ● Multi-vendor supported network authentication, configuration and provisioning
  • 7. example.org RADIUS server example.com RADIUS server OpenRoaming Technical Functionality Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx RADIUS capable Wi-Fi controller or example.net’s own RADIUS server OpenRoaming Settled or Settlement-Free Access Service Provider Static Radius over TLS (RadSec, RFC 6614) connection Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx Global Public DNS Passpoint (Hotspot 2.0) compatible Wi-Fi network SSID: *any* RCOI (Settled): BA-A2-D0-xx-xx or RCOI (Settlement-Free): 5A-03-BA-xx-xx DNS discovery: NAPTR aaa+auth:radius.tls.tcp <realm> SRV <NAPTR result> Name lookup <SRV result> Dynamic RadSec connection to example.net’s IdP service provider Dynamic RadSec connections to example.com IdP Dynamic RadSec connection to example.org IdP user@example.com user@example.net user2@example.com user@example.org
  • 8. OpenRoaming requirements for Access Network Provider (ANP) ● For organisations who only want to let OpenRoaming users roam in their network ● Minimum requirements: ○ Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment ○ OpenRoaming Settled or Settlement-Free Access service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client certificate (via service provider or WBA membership), and an own RADIUS server
  • 9. OpenRoaming requirements for Identity Provider (IdP) ● For organisations who want their members or subscribers roam in OpenRoaming member networks ● Minimum requirements: ○ (Passpoint (Hotspot 2.0) compatible Wi-Fi network equipment) * ○ Ability to configure OpenRoaming DNS records for IdP realm ○ OpenRoaming Settled or Settlement-Free Access service and IdP service from some WBA member service provider ○ No WBA membership needed ● Connecting directly to other OpenRoaming members requires WBA client+server certificate (via service provider or WBA membership) and an own RADIUS server. *) only if providing also Wi-Fi access network services (ANP)
  • 10. OpenRoaming with eduroam (community) ● Do-it-yourself trial service for IdP (roaming with eduroam credentials in OpenRoaming networks) available from eduroam: https://wiki.geant.org/pages/viewpage.action?pageId=133763844 ● Access Network Provider/Service Provider (ANP/SP) (allowing OpenRoaming users roam in guest networks) is not available from eduroam. ● Summary information about OpenRoaming and eduroam: https://eduroam.org/openroaming-and-eduroam-useful-information-for-e duroam-identity-providers-and-service-providers/ ● Wi-Fi configuration profile provisioning via https://cat.eduroam.org/ ● Support from eduroam community
  • 11. OpenRoaming with Radiator Software ● Allowing OpenRoaming visitors in guest networks as well as roaming in OpenRoaming networks with eduroam credentials both supported as a service ● RadSec connections (with Radiator or radsecproxy) supported for securing roaming connections => connections behind dynamic IPs supported as well ● No need for Wireless Broadband Alliance membership (otherwise required by organisation or its service provider) ● With https://roam.fi/ membership an open roaming and OpenRoaming Wi-Fi network authentication service ● Wi-Fi configuration provisioning via eduroam-cat ● Minimum tuning with RADIUS/RadSec service and support from Radiator Software ● If interested, please contact Radiator Software (sales@radiatorsoftware.com, info@radiatorsoftware.com) for limited free trial
  • 12. Other OpenRoaming implementations, services and instructions ● Cisco Spaces OpenRoaming Configuration Guide: https://www.cisco.com/c/en/us/td/docs/wireless/spaces/openroaming/b- spaces-or-cg.html ● Wi-Fi authentication/roaming service providers: ○ e.g Single Digits, GlobalTechnology
  • 13. OpenRoaming with Radiator webinar on the 14th and 16th of February 2023 LEARN ● What is required for OpenRoaming? ● What is the quickest way to start testing? ● What are the recommended architecture and practices for adding OpenRoaming both for a Service/Access Network Provider and for an Identity Provider? ● Where can one find help to configure Radiator for OpenRoaming? Register at https://radiatorsoftware.com/webinars/
  • 14. CAPPORT API Contacting your users via mobile notifications
  • 15. CapPort API resources ● CapPort API demonstration site: https://capport.net/ ● CapPort API demonstration privacy policy: https://capport.net/privacy.html ● RFC8908 Captive Portal API: https://datatracker.ietf.org/doc/html/rfc8908 ● RFC8910 Captive-Portal Identification in DHCP and Router Advertisements (RAs): https://datatracker.ietf.org/doc/html/rfc8910 ● Google CapPort information: https://developer.android.com/about/versions/11/features/captive-portal ● Apple CapPort information: https://developer.apple.com/news/?id=q78sq5rv
  • 16. Do it yourself CapPort … You only need a … # ISC DHCP server example subnet 192.168.144.0 netmask 255.255.255.0 { range 192.168.144.130 255.255.255.0; option domain-name-servers 192.168.144.1; option subnet-mask 255.255.255.0; option routers 192.168.144.1; option broadcast-address 192.168.144.255; option default-url "https://example.com/capporttest/"; default-lease-time 28800; max-lease-time 86400; } // this can be an index.html file as well { // captive portal is not used // venue-info-url is where you want to send the // user "captive": false, "venue-info-url": "https://example.com/" } Wi-Fi network DHCP server WWW server for JSON file
  • 17. CapPort API summary ● Android (and Apple) supported technology to provide mobile notifications to Wi-Fi users ● Works, deployable already, even from organisation own servers ● Can be used to notify and provide information to Wi-Fi network users (usage policy, organisation contact information, organisation advertisement etc.) ● Could be especially useful in promoting a preferred Wi-Fi network (like eduroam/roam.fi) and a provisioning tool like https://cat.eduroam.org/ for guest Wi-Fi users
  • 18. Thank you. Questions, Comments? Follow Radiator Software for more information… Radiator Software blog: https://blog.radiatorsoftware.com/ Twitter: https://twitter.com/RadiatorAAA Slideshare: https://slideshare.net/radiatorsoftware/ Webinar registration and materials: https://radiatorsoftware.com/webinars/