Wireless LAN (WLAN) is rapidly growing as a popular technology for ubiquitous communication, where Internet access is being a standard commodity. The growing demand in WLAN technological development is to provide high quality and secure Internet access to mobile users using their portable devices. Nevertheless, WLAN is still restrictive, as it requires the presence of mobile users in the communication range of access points. Moreover, the security of this network is posing a major challenge for its usage. Hybrid ad hoc networks appear as an attractive solution in public hotspots applications, allowing mobile users to achieve WLAN access independent of their existence in access points communication ranges. Since effective Authentication, Authorization and Accounting (AAA) are of great importance for secure mobile wireless access, in this paper we propose a novel architecture that provides efficient AAA and secure communication among mobile clients in WLAN hotspots applications. Our solution uses the hybrid ad hoc network concept and considers the service provider as the single point of contact for all AAA transactions. We adapt the IEEE 802.11i standard to the hybrid ad hoc network environment in order to set up authenticated links on layer 2, achieving secure wireless access as well as confidential data transfer. Since IEEE 802.11i necessitates the existence of a fixed infrastructure between the WLAN and the authentication server, we introduce a cross-layer interaction with the ad hoc routing layer in order to provide a virtual infrastructure among the mobile clients through employing a clustering mechanism. We validate our proposed solution through simulation. Through analyzing the obtained results, we give some performance estimates and we show the advantages of using the hybrid ad hoc networks approach.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	IEEE Std. 802.11i, Amendment 6: Medium Access Control (MA) Security Enhancements. July 2004.
	2	Jurca, D., Hubeaux, J. P., Joint Synchronization, Routing and Energy Saving in CSMA/CA Multi-Hop Hybrid Networks. EPFL Technical Report: IC/2004/35, 2004.
	3	Francois Ingelrest , David Simplot-Ryl , Ivan Stojmenovic, Broadcasting in Hybrid Ad Hoc Networks, Proceedings of the Second Annual Conference on Wireless On-demand Network Systems and Services (WONS'05), p.131-138, January 19-21, 2005  [doi>10.1109/WONS.2005.5]
	4	Nilson, A., Garcia-Luna-Aceves, J.J., Spohn, M., Routing in Hybrid Ad hoc Networks using Service Points. IEEE Vehicular Technology Conference (VTC-fall 2003), 2003.
	5	Glaucia Campos , Gledson Elias, Performance Issues of Ad Hoc Routing Protocols in a Network Scenario used for Videophone Applications, Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 9, p.321.1, January 03-06, 2005  [doi>10.1109/HICSS.2005.489]
	6	Mitsianis, J., Free Trade for Hybrid Multihop Wireless Networks. IEEE International Conference on Performance, Computing, and Communications, 2004.
	7	Junbiao Zhang , Jun Li , Stephen Weinstein , Nan Tu, Virtual operator based AAA in wireless LAN hot spots with ad-hoc networking support, ACM SIGMOBILE Mobile Computing and Communications Review, v.6 n.3, July 2002  [doi>10.1145/581291.581297]
	8	Yubi, S., Aiqun, H., The Authentication in Public WLAN when Access Controller Deployed. IEEE Int. Conf. Neural Networks and Signal Processing, 2003.
	9	Shaer, Y., Kayssi, A., Chehab, A., SERAX: Secure Range Extensions in IEEE 802.11i. 2nd International Conference on Innovations in Information Technology (IIT'05), 2005.
	10	B. Aboba , D. Simon, PPP EAP TLS Authentication Protocol, RFC Editor, 1999
	11	B. Aboba , P. Calhoun, RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP), RFC Editor, 2003
	12	C. Rigney , S. Willens , A. Rubens , W. Simpson, Remote Authentication Dial In User Service (RADIUS), RFC Editor, 2000
	13	B. Aboba , J. Vollbrecht, Proxy Chaining and Policy Implementation in Roaming, RFC Editor, 1999
	14	AiroSpace Technology, White Paper, http://www.airospace.com/technolog/technote_auth_enc_wla n.php
	15	C. Rigney , W. Willats , P. Calhoun, RADIUS Extensions, RFC Editor, 2000
	16	G. Zorn, Microsoft Vendor-specific RADIUS Attributes, RFC Editor, 1999
	17	Fall, K., Varadhan, K., NS Notes and Documentation. The VINT project, UC Berkeley, LBL, USC/ISI, and Xerox PARC, May 1998. Work in progress.
	18	Johnson, D., Maltz, D., Dynamic Source Routing in Ad hoc Wireless Networks. Mobile Computing, T. Imielinski and H. Korth, Eds. Norwell, MA: Kluwer, 1996.
	19	Bettstetter, C., Hartenstein, H., Pèrez-Costa, X., Stochastic Properties of the Random Waypoint Mobility Model: Epoch Length, Direction Distribution, and Cell Change Rate. ACM MSWIM'02,2002.