MicroISPs: Providing Convenient and Low-Cost High-Bandwidth Internet Access

We present MicroISP, a novel architecture for Internet Service Providers suitable for installation in airports, hotels, conference centers, cafes, and office or apartment buildings. Users access a MicroISP via a low-cost, high-bandwidth LAN, e.g., Ethernet or WaveLAN. A router connects the MicroISP's LAN to a shared high- bandwidth access link (e.g., DSL or cable) to a conventional ISP. For this service, a MicroISP charges its clients. The architecture supports a variety of payment methods, both offline (e.g., cash, credit card, or billing to a hotel room account) and online (e.g., eCash, SET, IBM Micro Payments, or Millicent). MicroISPs use IPSec's IKE protocol for securely exchanging authentication keys with paying users. Paying users use IPSec's AH protocol in tunnel mode to authenticate each packet they send. Therefore, MicroISPs can easily detect and drop packets of non-paying users. A MicroISP must present to users a certificate signed by a recognized authority, but a user may simply present a self-signed certificate, as long as the user pays for service.