Sunday, September 12, 2010

802.11u Where Are You?

A few weeks ago I blogged about the "Consumerization of Enterprise Wi-Fi". A large component driving that trend in retail stores is the ability to interact with the consumer at the point of purchase with highly relevant and localized content. Challenges to deployment of these solutions include providing a capable last-mile connection, addressing security concerns, and probably one of the biggest (if not the biggest) challenge is usability of the solution for the consumer.

The first challenge in designing an in-store communication channel with the consumer is the last-mile (ahem, last link shall we say) connectivity. A recent cellular coverage survey of one major retailer with presence in many typical suburban shopping centers, strip malls, and even urban locations, revealed that telco coverage maps indicating good coverage of the store location did not equate to good in-store cellular coverage. In fact, at most locations the cellular coverage dropped significantly when entering the front door due to signal attenuation from materials used in building construction. Furthermore, improvement of in-store coverage is usually cost prohibitive, due to the expense associated with cellular repeaters. Other solutions such as femto-cells are largely consumer-based products at this time which restrict connections to a few concurrent handsets which must be pre-registered to be used. Enterprise products are being developed, but are not on the market yet. Other solutions are equally cost prohibitive such as Distributed Antenna Systems (DAS). Other unique solutions are immature, such a in-line Ethernet cellular repeaters that can remove the need for separate cabling and use the existing network cable plant.

This leads many retailers to investigate Wi-Fi as a solution for consumer interaction. However, there are numerous hurdles when taking this approach as well. Security of Wi-Fi networks is always a topic for discussion, especially once the PCI auditors come knocking. If the retailer plans on offering in-store purchases by consumers from their online inventory, then strong connection-level security through authentication and encryption is preferred over the open architecture commonly attributed to hotspots.

A recent article by Aruba Networks highlights the benefits as well as the security concerns with public Wi-Fi in retail:
"For every million iPhones Apple sells, retailers see a clearer opportunity to reach the ultimate marketing goal -- to influence the consumer at the time of purchase. Smartphones simplify the idea of real-time product marketing, making it something retailers can expand and personalize. 
Utilizing in-store WiFi networks, retailers can now deliver location and user-specific content to smartphone-carrying shoppers, while they are inside the store, updating it continuously.
Tempering the excitement of this new era in retail marketing is the fear (and reality) of opening up network access to the public. It wasn't too long ago when improperly secured in-store WiFi networks were exploited to gain access to the corporate network and over 100 million credit card records."
Implementation of 802.11i security is relatively well accepted as an effective security mechanism when properly deployed (strong EAP type, secure account provisioning, mutual authentication, crypto-binding inner and outer EAP methods, strong RADIUS shared secret, AES key wrap, etc.).

Once the security hurdle is crossed, usability of the solution must be considered. Apart from having an easily recognizable value proposition for the consumer (real-time discounts, complementary product promotions, expanded assortment across multiple channels including online, in-store, in-stock at nearby alternate locations, etc.), usability of the solution is critical for user adoption. A few of the questions that must be answered include:

  • How will the network be advertised? 
  • How will users connect to the network? Will an open or a secured network be used?
  • How can the retailer ensure an easy connection process for the consumer, while maintaining strong security (authentication, encryption)?
  • How can the retailer ensure a consistent user experience across multiple store locations; across multiple channels (online vs. in-store)?
Many barriers exist to making this process simple for the consumer. Take the popular Apple iPhone as an example. The Apple iOS SDK does not allow application developers to configure the device's Wi-Fi adapter for the consumer, even if an explicit prompt or opt-in process were required to be presented to the user. This seriously limits the capability of the retailer to remove technology as a barrier for the consumer. Instead, the best a retailer can do is to manually instruct the user to close the current application, open the device settings panel, find and connect to the Wi-Fi network, enter authentication credentials (if required by a secured network), and then re-open the retailer's application. Ughhh! What normal user would want to do that? No one, that's who. If it's too complicated, too lengthy, or too manual a process the consumer will not use it!


With a secure network solution, configuration of 802.11i security is the barrier. This is typically a one-time hurdle for the consumer because once it is setup most devices store or cache the network login credentials and server trust.

With an open network solution, the tediousness of opening a webpage and logging into a captive web portal for each and every connection to the network is the barrier.


This where the 802.11u amendment comes into play. The stated goal of this task group is to:
"develop an amendment to IEEE 802.11 to facilitate interworking with external networks. It is necessary for IEEE 802.11 to create a standard, which specifies the requirements and interfaces between IEEE 802.11 and external networks, such as those found in Cellular systems. The amendment will address specific interfaces to support external authentication, authorization and accounting, together with network selection, encryption, policy enforcement and resource management. Such interface provides interaction methods between IEEE 802.11 entities and the interworked external network. The standard also specifies how the interface works with existing IEEE 802.11 functions, e.g. IEEE 802.11i, to meet the interworking requirements."
Additionally, some of the specific issues to be addressed include:
  • Provide additional information to STAs about the characteristics of the network to support network selection decisions
  • Secure portal page and 802.11i security co-existence and operation in-parallel
  • Support for new user sign-up in 802.11i enabled networks (think in-store signup versus requiring signup at home prior to going to the store)
  • Requirement of the 802.11 network by external network operators (including traffic policies, QoS, voice call hand-overs, etc.) 
With the explosion of consumer smartphone adoption and mobile computing, retailers are investigating methods to utilize these market trends and seize the opportunity to create competitive advantage. However, current limitations with cellular and Wi-Fi networks make these imperfect solutions at-best; unusable solutions at worst. Additionally, place this in context with the cellular telco trend of offloading mobile data connections onto Wi-Fi, and the time is NOW for Wi-Fi to blossom as a public utility for data connectivity, information consumption, and retail interaction.

802.11u ratification can't come soon enough! With Draft 10 of the amendment being passed in July, final approval should be reached before the end of the year. Deployment should be as simple as software upgrades to existing infrastructure and client equipment. Let's hope manufacturers don't drag their feet on this one (see 802.11r for reference).

Don't leave us in the dark.

802.11u where are you?












-Andrew

5 comments:

  1. Good blog with very good posts on it it gives the total knowledge that everyone wants to know, It has given me everything that i wanted i had become a big fan of this blog and now i am going to bookmark this blog so that i can visit daily.
    http://www.freshcodes.com

    ReplyDelete
  2. My old 802.11g laptop and cell phone... automatically connect/disconnect as I switch wi-fi networks. No password. No user name. Nothing.

    How is 802.11u somehow "better"?

    ReplyDelete
  3. 802.11u and Hotspot 2.0 will eliminate the need to manually find and connect to public Wi-Fi hotspots. It advertises services and backend providers to the mobile device so that it can automatically take action to connect based on what credentials or policy is configured in the Wi-Fi connection manager on the device.

    Think of no more captive portal logins at public hotspots, or hospitality venues handing out Wi-Fi codes at time of check-in.

    You never have to scan and find a new cell tower when you're out and about. This is trying to make Wi-Fi operate similar. The device automatically connects, if configured to do so.

    Cheers,
    Andrew

    ReplyDelete
  4. hello andrews,

    Do you have any idea about the implementation of 802.11U client side esp windows operating systmes?
    802.11U involves what chnages apart from Beacon format,and ANQP and GAS request response...?

    ReplyDelete
    Replies
    1. Hi David,
      I'm sorry, but I don't have any implementation details yet. We'll have to wait for announcements from the Wi-Fi Alliance or participating vendors.

      Andrew

      Delete