Ruckus Wireless Receives Wi-Fi Security Patent
Ruckus Wireless has been granted a patent by the United States Patent and Trademark Office for a new technique, commonly known as Dynamic Pre-Shared Key (PSK) to securely access a wireless network.
Dynamic PSK generates strong, unique security keys for each authenticated user, automatically installing these encryption keys on end user devices with little or no human intervention.
With the explosive growth of Wi-Fi networks around the world, organizations have struggled with how to streamline robust wireless security. Many companies have used a passphrase that must be shared among many users and manually entered into client devices. If this "pre-shared key" becomes known or stolen it must be changed for all users and manually re-entered into every client device.
A popular alternative to the pre-shared key approach is an elaborate security framework (e.g. 802.1X) that requires information, such as unique certificates or supplicants, to be installed on every user device. Deploying such systems requires a high level of technical expertise as well as ongoing technical support for users.
With Dynamic PSK, when a user initially accesses the wireless network, they are authenticated through a captive portal on the Ruckus ZoneDirector. This information is checked against any standard back-end authentication server such as Active Directory, RADIUS or an internal database on the ZoneDirector.
Once the user has successfully authenticated, Dynamic PSK technology automatically generates a unique encryption key for that user device. This key is downloaded to the client and automatically configured, along with the requisite Wi-Fi information. This eliminates users from having to manually configure anything and reduces the technical support burden on IT staff.
Each Dynamic PSK is bound to a specific client device and has a configurable lifetime. With Dynamic PSK, organizations control the length of time that each key is valid in increments of hours, days, weeks or months. Once the key expires, users must re-authenticate.