National Conference on Recent Trends in Information Technology: Opportunities and
Challenges


Title: Emerging wireless te...
Emerging wireless technologies: Recent advancements and associated security risk


1. Introduction

Wireless communication...
2.2 Wireless Devices
A wide range of devices use wireless technologies, with handheld devices being the most
prevalent for...
Bluetooth is an ad hoc networking technology. In ad hoc networks, devices maintain random
network configurations formed “o...
References:

1. NIST Special Publication 46, Security for Telecommuting and Broadband Communications,
National Institute f...
Upcoming SlideShare
Loading in...5
×

3) Emerging wireless technologies Recent advancements and ...

394

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
394
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
18
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "3) Emerging wireless technologies Recent advancements and ..."

  1. 1. National Conference on Recent Trends in Information Technology: Opportunities and Challenges Title: Emerging wireless technologies: Recent advancements and associated security risk Author: Gaurav Parashar Abstract: In this paper, we showcase the latest Wireless Technologies and the security threats emerging from them. We have addressed the security risk in various Wireless Technologies viz Wireless Networks (WLAN, WWAN, etc), Bluetooth Technology and other wireless handheld devices. Safe and secured Wireless networks hold the key to future information sharing and to growth of Information Technology sector. Author Profile: Gaurav Parashar is currently a Junior Undergraduate (Third Year Student) at the prestigious Indian Institute of Technology, Bombay (IIT Bombay). He is pursuing bachelors in Department of Computer Science and Engineering.
  2. 2. Emerging wireless technologies: Recent advancements and associated security risk 1. Introduction Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless technologies cover a broad range of differing capabilities oriented toward different uses and needs. Less wiring means greater flexibility, increased efficiency, and reduced wiring costs. Ad hoc networks, such as those enabled by Bluetooth, allow data synchronization with network systems and application sharing between devices. Bluetooth functionality also eliminates cables for printer and other peripheral device connections. Handheld devices such as personal digital assistants (PDA) and cell phones allow remote users to synchronize personal databases and provide access to network services such as wireless e-mail, Web browsing, and Internet access. Moreover, these technologies can offer dramatic cost savings and new capabilities to diverse applications ranging from retail settings to manufacturing shop floors to first responders. However, risks are inherent in any wireless technology. Some of these risks are similar to those of wired networks; some are exacerbated by wireless connectivity; some are new. Perhaps the most significant source of risks in wireless networks is that the technology’s underlying communications medium, the airwave, is open to intruders, making it the logical equivalent of an Ethernet port in the parking lot. The loss of confidentiality and integrity and the threat of denial of service (DoS) attacks are risks typically associated with wireless communications. Unauthorized users may gain access to agency systems and information, corrupt the agency’s data, consume network bandwidth, degrade network performance, and launch attacks that prevent authorized users from accessing the network, or use agency resources to launch attacks on other networks. 2. Overview of Wireless Technologies A brief overview of the recent technologies and research in the field of wireless networks, devices, standards, and security issues is presented in this section. With advances in wireless technologies, it will become even more sophisticated to control or even reduce the security risks. 2.1 Wireless Networks Wireless networks serve as the transport mechanism between devices and among devices and the traditional wired networks (enterprise networks and the Internet). Wireless networks are many and diverse but are frequently categorized into three groups based on their coverage range: Wireless Wide Area Networks (WWAN), Wireless Local Area Networks (WLAN), and Wireless Personal Area Networks (WPAN). WWAN includes wide coverage area technologies such as 2G cellular, Cellular Digital Packet Data (CDPD), and Global System for Mobile Communications (GSM), and Mobitex. WLAN, representing wireless local area networks, includes 802.11, HiperLAN, and several others. WPAN represents wireless personal area network technologies such as Bluetooth and IR. All of these technologies are “tether-less”—they receive and transmit information using electromagnetic (EM) waves.
  3. 3. 2.2 Wireless Devices A wide range of devices use wireless technologies, with handheld devices being the most prevalent form today. This document discusses the most commonly used wireless handheld devices such as mobile phones, laptops, PDAs, and smart phones. 3. Emerging Wireless Technologies A lot of technologies have emerged in wireless networks. While wireless networking was a luxury a few years ago, it has turned into a necessity today. Some new features of 2008 include Wireless USB and Bluetooth. The USB standard is also getting a wireless makeover, giving us, predictably enough, Wireless USB (WUSB). It is based on the Ultra WideBand (UWB) platform, a short-range, high data-rate radio frequency transmission standard. Wireless USB is designed to give the same performance as USB2 devices (480Mbps) at distances under 3 meters, scaling down to 110Mbps at distances up to 10 meters. Bluetooth 3.0 is currently also under development, being built on the UWB protocol. However, unlike WUSB, Bluetooth can use security to pair devices, which when coupled with the proposed 480Mbps transmission rate, could make it a serious contender for short-range peripheral connectivity. WirelessHD (WiHD) and Wireless HDMI (WHDI) are new technologies for transmitting High-Definition videos and audio signals from one device to another. 4. Emerging Security Standards and Technologies 4.1 Wireless LAN Securities There have been three major improvements in the WLAN security standards and technologies. • IEEE 802.11 Task Group i (TGi) have proposed significant modifications to the existing IEEE 802.11 standard as a long-term solution for security. The TGi is defining additional ciphers based on the newly released Advanced Encryption Standard (AES). The AES- based solution will provide a highly robust solution for the future but will require new hardware and protocol changes. • For improving WLAN security TGis had provided a short-term solution, namely, WiFi Protected Access (WPA)—to address the problems of WEP. The group is defining the Temporal Key Integrity Protocol (TKIP) to address the problems without requiring hardware changes—that is, requiring only changes to firmware and software drivers. • IEEE has introduced a new standard, IEEE 802.1X-2001, a generic framework for port- based network access control and key distribution. By defining the encapsulation of EAP (defined in RFC 2284) over IEEE 802 media, IEEE 802.1X enables an AP and station to mutually authenticate one another. Currently new generations of EAP methods are being developed within the IETF, focused on addressing wireless authentication and key management issues. These methods support additional security features such as cryptographic protection of the EAP conversation, identity protection, secure cipher suite negotiation, tunneling of other EAP methods, etc. 4.2 Wireless PAN and Bluetooth Security
  4. 4. Bluetooth is an ad hoc networking technology. In ad hoc networks, devices maintain random network configurations formed “on the fly,” relying on a system of mobile routers connected by wireless links that enable devices to communicate with each other. Bluetooth offers several benefits and advantages. Bluetooth Technologies need to address security concerns for confidentiality, data integrity, and network availability. • Software solutions: Software solutions in Bluetooth technology are the Bluetooth PIN and private authentication. Bluetooth enforces Bluetooth PINs at the link level. PINs may be 1 to 16 octets (8 bits to 128 bits) in length, depending on the degree of security selected by the device user. Bluetooth devices use the PIN, in effect, for device authentication. Since Bluetooth devices can store and automatically access link-level PINs from memory, Bluetooth devices are now employing device authentication as an extra layer of security. Since Bluetooth has established itself in wireless communications technology, supplemental software solutions (e.g., application security tool kits, robust IP security, and VPN overlay) have appeared in the marketplace. • Hardware Solutions: Hardware security solutions for Bluetooth devices are inherent in the design of the standard itself. Bluetooth uses a device address that is unique to each device. The device address, a 48-bit identifier—note that this is a 6-byte public parameter —serves several purposes such as generating 128-bit link keys and encryption keys. Another hardware solution, inherent in the Bluetooth design, is the use of frequency- hopping schemes. Frequency-hopping schemes offer protection from burst errors by continually moving signals in and out of the interference band and by making bit error corrections using FEC. Frequency-hopping schemes have been thought to protect authorized users from malicious users by transmitting the signal with a pseudo-random sequence that moves the signal arbitrarily around the bandwidth, making it very difficult to track. Modern devices that have Bluetooth applications have employed a form of voice authentication for security. Voice authentication helps in preventing malicious users from compromising remote Bluetooth devices and networks. 4.3 Wireless Handheld Devices Although handheld devices were earlier not viewed as posing security threats, their increased computing power and the ease with which they can access networks and exchange data with other handheld devices introduces new security risks to an agency’s computing environment. Since handheld devices are supporting more networking capabilities now, there is a need to assess the risks they introduce into the existing computing environment. The recent Technical Countermeasures for securing wireless handheld devices include various techniques such as Identification and Authentication, Encryption, Antivirus Software, PKI, VPN and Firewalls. 5. Conclusion The benefits of wireless networks are driving the explosive growth of the WLAN market. Since security has been the single largest concern for wireless network deployment in the corporate setting, strong security solutions are available to make wireless networks as secure as wired networks.
  5. 5. References: 1. NIST Special Publication 46, Security for Telecommuting and Broadband Communications, National Institute for Standards and Technology. 2. Norton, P., and Stockman, M. Peter Norton’s Network Security Fundamentals. 2000. 3. White papers, surveys, and reports on wireless network security. (http://www.infosecuritymagazine.com) 4. Cisco Web site provides information on securing wireless networks (http://www.cisco.com) 5. ZDNet India Magazine Web site provides white papers, surveys, and reports on wireless network security (http://www.zdnetindia.com) 6. SC Magazine Web site, an information security online magazine provides information on wireless security issues (http://www.scmagazine.com)

×