Information Technology Reference
In-Depth Information
In June 2004, the IEEE 802.11i standard was ratified to provide additional security in
WLAN networks. It supersedes WEP security, and introduces the 4-way Handshake and
the Group Key Handshake. IEEE 802.11i is also known as WiFi Protected Access 2
(WPA2) and Robust Security Network (RSN). The 802.11i architecture contains the fol-
lowing components:
4-Way Handshake and Group Key Handshake. Both use 802.1X for authentication
(entailing the use of Extensible Authentication Protocol [EAP] and an authentication
server).
■
Robust Security Network (RSN) for the establishment and tracking of robust security
network associations.
■
Advanced Encryption Standard (AES) for confidentiality, integrity, and origin authen-
tication.
■
Unauthorized Access
A problem that confronts WLANs comes from the fact that wireless signals are not easily
controlled or contained. WEP works at the data link layer, sharing the same key for all
nodes that communicate. The 802.11 standard was deployed because it allowed band-
width speed up to 11 Mbps and it is based on DSSS technology. DSSS also enables APs to
identify WLAN cards via their MAC addresses. Because traditional physical boundaries
do not apply to wireless networks, attackers can gain access using wireless from outside
the physical security perimeter. Attackers achieve unauthorized access if the wireless net-
work does not have a mechanism to compare a MAC address on a wireless card to a database
that contains a directory with access rights. An individual can roam within an area, and each
AP that comes into contact with that card must also rely on a directory. Statically allowing
access via a MAC address is also unsecure because MAC addresses can be spoofed.
Some APs can implement MAC address and protocol filtering to enhance security or limit
the protocols used over the WLAN. With hundreds of WLAN clients, MAC address fil-
tering is not a scalable solution. Again, attackers can hack MAC address filtering. A user
can listen for transmissions, gather a list of MAC addresses, and then use one of those
MAC addresses to connect to the AP. This is why additional security protocols such as
WEP, WPA, and WPA2 have to be implemented so that the attacker has to attempt to
crack the security keys to gain access.
WLAN Security Design Approach
The WLAN security design approach makes two assumptions, which this chapter de-
scribes. The assumptions are that all WLAN devices are connected to a unique IP subnet
and that most services available to the wired network are also available to the wireless
nodes. Using these two assumptions, the WLAN security designs offer two basic security
approaches:
Use of EAP-Flexible Authentication via Secure Tunneling (EAP-FAST) to secure
authentication
■
■
the WLAN to the wired network
