MicroISPs: providing convenient and low-cost high-bandwidth Internet access

We present MicroISP, a novel architecture for Internet Service Providers su itable for installation in airports, hotels, conference centers, cafes, and office or apartment buildings. Users access a MicroISP via a low-cost, hig h-bandwidth LAN, e.g. Ethernet or WaveLAN. A router connects the MicroISP's LAN to a shared high-bandwidth access link (e.g., DSL or cable) to a conve ntional ISP. For this service, a MicroISP charges its clients. The architec ture supports a variety of payment methods, both offline (e.g., cash, credi t card, or billing to a hotel room account) and online (e.g., eCash, SET IB M Micro Payments, or Millicent). MicroISPs use IPSec's IKE protocol for sec urely exchanging authentication keys with paying users. Paying users use IP Sec's AH protocol in tunnel mode to authenticate each packet they send. The refore, MicroISPs can easily detect and drop packets of nonpaying users. A MicroISP must present to users a certificate signed by a recognized authori ty, but a user may simply present a self-signed certificate, as long as the user pays for service. Regardless of how online payment is implemented, it runs on the user's authenticated tunnel, and therefore can be securely bou nd to it. The MicroISP protocol allows users to monitor and control usage a nd supports recovery in case of a MicroISP or user computer crash. (C) 2000 Published by Elsevier Science B.V. All rights reserved.