Wireless Networks in Libraries
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,523
On Slideshare
1,523
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • http://www.connect802.com/wireless_switch.htm http://www.networkworld.com/research/2005/050905-wireless-switching.html
  • http://www.npr.org/templates/story/story.php?storyId=1529361 http://www.sptimes.com/2005/07/04/State/Wi_Fi_cloaks_a_new_br.shtml
  • http://www.wi-fiplanet.com/tutorials/article.php/1368661
  • http://www.panerabread.com/wifi.aspx http://www.starbucks.com/retail/wireless.asp
  • http://www.st-charles.lib.il.us/contact/wireless/wireless.htm http://www.brev.org/about_bcl/computer_services/wifi/terms-of-use.htm http://www.brev.org/about_bcl/computer_services/wifi/index.htm http://www.sonomalibrary.org/wireless/index.html
  • http://www.npr.org/templates/story/story.php?storyId=4599106
  • http://www.cs.berkeley.edu/~dmolnar/library.pdf

Transcript

  • 1. Wireless Networks in Libraries Marshall Breeding Vanderbilt University http://staffweb.library.vanderbilt.edu/breeding [email_address] http://www.librarytechnology.org Alaska Library Association Annual Conference Saturday Feb 25, 2006                                  
  • 2. Abstract
    • Wireless LANS have captivated much attention in the business environment, in the home, and in libraries. A fundamental challenge lies in determining how—or if– to make use of this technology. This workshop aims to provide attendees with the knowledge to make these decisions and to enable them to establish effective and secure wireless networks in their libraries.
  • 3. Proposed Agenda
    • Network Basics
    • Wireless Basics
    • Security Concerns
    • Library applications: Wired vs Wireless
    • Examples and Case Studies
    • General Discussion
  • 4. Preliminary Questions
    • What do you expect to get out of the workshop?
    • Identify specific issues that you want to see addressed before the end of the day
    • Talk about issues of concern to your library
    • Is there any one item that we can cover that will make you feel like the workshop was worthwhile?
  • 5. Network Basics A review of basic concepts and terminology
  • 6. OSI Reference Model
    • Layer 1 – Physical (Electrical characteristics of cabling)
    • Layer 2 – Data Link (Ethernet) Ethernet cards, hubs,switches; (802.11)
    • Layer 3 – Network (IP) Routers
    • Layer 4 – Transport (TCP / UDP) Error recovery, transfer of data
    • Layer 5 -- Session
    • Layer 6 -- Presentation
    • Layer 7 -- Application
  • 7. Ethernet
    • IEEE 802.3
    • CSMA/CD
      • Carrier Sense Multiple Access with Collision Detection
    • Governs Media Access Rules
  • 8. Ethernet segments
    • Dates back to original Ethernet cabling
      • 10Base5 -- Thicknet coaxial cable
      • Overall length of 2500 meters
      • Minimum 2.5 meters between nodes
      • Transceivers
    • Broadcast medium
      • All nodes can intercept all traffic in promiscuous mode
  • 9. Network Components
    • Hubs
    • Switches
    • Routers
  • 10. TCP/IP
    • Primary Network Protocol
  • 11. TCP/IP Protocol Suite Ethernet (802.3) WiFi (802.11) IP UDP TCP ICMP Ping http ftp smtp LPR NFS DNS rtsp Physical Connectivity Datagram Delivery Reliable Transport User Programs
  • 12. TCP/IP Configuration Details
    • IP Address
    • Subnet mask
    • Gateway/router
  • 13. IP Addresses 129 59 150 5 10000001 00111011 10010110 00000101 129.59.150.5 IP Addresses are 32-bit numbers:
  • 14. Class B Networks 1 0 14-bit Network ID 16-bit Host ID 10 00111011 10010110 00000101 000001 129.59.150.5 2 or 65,536 Host Addresses per Network 16
  • 15. Class C Networks 1 1 22-bit Network ID 8-bit Host ID 11 01101111 01101110 00000101 000000 192.111.110.5 2 or 256 Host Addresses per Network 8
  • 16. DHCP
    • Dynamic Host Configuration Protocol
    • Automatically configures network client for TCP/IP communications
    • DHCP servers provide only a temporary lease on a configuration set
    • ipconfig: /release, /renew, /all
  • 17. Wireless basics
    • Uses radio frequency transmission over the air instead of network cabling
    • Stable and reliable technology
    • Increasing in popularity in business and home computing
  • 18. 802.11 Media Access Rules
    • CSMA/CA
    • Carrier Sense Multiple Access with Collision Avoidance
    • Request to Send (RTS) / Clear to Send (CTS)
    • Reduces or Eliminates collisions
    • Hidden Node Problem
  • 19. Wireless architectures
    • Peer-to-peer (ad hoc mode)
      • Wireless NICs talk to each other
    • Infrastructure Mode
      • Uses Wireless Access Point
  • 20. Ad hoc mode Computers connect directly with each other without additional equipment
  • 21. Infrastructure Mode Router Access Point Ethernet Switch
  • 22. Wireless Hardware
    • Access point
      • Functions just like an Ethernet hub
      • Shared media
      • Connects to an existing Ethernet connection
    • Receiver Network Interface Card
      • PC Cards for Laptops
      • PCI for Desktops
      • PDA versions available
  • 23. Transmission Details
    • RF transmitters and receivers, or radios, carry data packets as a payload.
    • Multiple channels
      • 802.11b: 14 (FCC allows 11)
      • 5 MHz per channel
    • AP’s within range of each other should be on different channels
  • 24. 802.11b Channels (U.S.) 2.3995 2.4045 2.4095 2.4145 2.4195 2.4245 2.4295 2.4345 2.4395 2.4445 2.4495 2.4745 11 10 9 8 7 6 5 4 3 2 1
  • 25. Non-overlapping Channel Map 11 6 1 11 6 1 6 11 1 11 11 6 1 1 6
  • 26. Positioning Wireless Access Points
    • Conduct an RF site survey
  • 27. Range per Access Point
    • 75-150 feet indoors typical
    • 500 feet in open areas
    • 1000 feet outdoors
    • Performance degrades with devices located further from the AP
  • 28. Wireless Devices
  • 29. Types of Wireless Devices
    • Access point
      • Bridge: wired network to wireless
    • Wireless Router or Gateway
      • Bridge
      • NAT: Network Address Translation, allows multiple devices to share single IP address
      • Router: Connects wireless network to Internet
      • Usually connects directly to DSL or cable modem connection
  • 30. Wireless Network Interface Card
    • PCI
    • PC Card
    • Pocket PC, Palm Pilot
    • Almost always built into current mobile devices
  • 31. Wireless Flavors
    • 802.11
    • 802.11b
    • 802.11a
    • 802.11g
    • 802.11n (future)
  • 32. 802.11
    • IEEE 802.11 WLAN committee initially formed in 1997
    • Original specification
    • Now obsolete
    • 1-2 mb/sec
  • 33. 802.11b offers 11 mb/sec
    • Original standard
    • 11mb/sec
    • 2.4GHz band
    • Still 90% of market
  • 34. RF interference
    • 2.4 GHz frequency used by other devices
    • 802.11a, g
    • Microwave Ovens
    • Cordless telephones
    • Bluetooth (high-speed frequency hopping)
    • Rogue 802.11 equipment
  • 35. DSSS modulation
    • Direct-sequence spread spectrum
  • 36. 802.11a delivers up to 54 mb/sec
    • 54mb/sec
    • 5GHz band
    • Higher performance
    • Higher cost
    • Shorter range (180 feet)
  • 37. 802.11g
    • 54mb.sec
    • Alternate future standard
    • Backwards with 802.11b
    • Operates in same 2.4GHz band as 802.11b
  • 38. 802.11n
    • Proposed next generation of 802.11 technologies
    • Up to 100 mb/sec
    • No agreement yet. Competing proposals still being considered by IEEE 802.11 Task Group N
    • multiple in, multiple out (MIMO) technology
    • Wide channels: 20 – 40 MHz
  • 39. Wired vs. Wireless bandwidth
    • Wired networks will always be faster
    • 100 mb/sec Ethernet common for wired networks for desktop computers
    • Ethernet switching available for wired networks
    • 1 GB/sec common for servers and high-performance workstations
    • 10 GB/sec available for fiber networks
  • 40. Wired networks offer higher performance
    • “ Despite the steadily increasing speed of wireless technology, wired networks will always outperform it by long strides.”
    • “… wireless applications will flourish in places where mobility takes precedence over performance or where physical cabling is especially problematic”
  • 41. Balanced perspective
    • Wireless technologies have limitations
    • Does not supplant need to install copper and fiber network cabling in new buildings
  • 42. Wireless Coverage
    • Varies according to building characteristics
    • Works best in open areas
    • Book stacks often too dense and can present barriers
  • 43. Configuration issues
    • Most use DHCP
      • Dynamic Host Configuration Protocol
    • Session initiation and configuration usually completely transparent
  • 44. Session Set ID
    • Unique name given to an access point
    • Should all access points in the organization’s WLAN have the same SSID?
    • Should the SSID be broadcast?
  • 45. Exercise
    • Configure Linksys Access point
  • 46. Linksys basic Settings
  • 47. Web Security administration
  • 48. Mac Address Filter
  • 49. Windows XP Wireless LAN wizard
  • 50. Windows XP WLAN properties
  • 51. Cost Issues
    • Wireless access points slightly more expensive than Ethernet Hubs
    • Wireless NICs slightly more expensive then Ethernet cards ($100+)
    • Cabling needed only to the Access point
  • 52. Access Point Installation Electrical Power Electrical Power Electrical Power Electrical Power Electrical Power Electrical Power Ethernet Connection Electrical Power Access Point Omni-directional Antenna
  • 53. Wireless Enterprise Infrastructure
    • WLAN Switches
    • WLAN Gateways
    • 802.1x Authentication
      • RADIUS
      • LDAP
  • 54. Wireless Security Issues Implementing a wireless LAN without compromising your network
  • 55. Security concerns
    • Eavesdropping a major concern
    • Unprotected wireless access points are an easy of entry for mobile hackers
    • Many rogue Wireless LANS were put up in corporate networks without IT support or adequate security
    • War Driving / War Chalking
    • Some war driving / freeloading happens in residential settings
  • 56. Positioning your wireless network
    • Wireless LANs generally exist on the network edge point
    • Wireless LANs should be considered untrusted
    • Positioned outside the organization’s firewall
    • Hardened core remains protected
  • 57. Router Ethernet Switch Access Point Public Access Workstations Library Staff Workstations Ethernet Switch Ethernet Switch Router / Firewall Library Network With Public / Staff Separation
  • 58. Rogue Access Points
    • Wireless networks must fit within the overall network design
    • Unofficial or Rogue access points can jeopardize the security of the rest of the network
    • Efforts must be taken to detect and remove rogue access points or bring them in to the official networks
    • Rogue Access Points usually a symptom of unresponsive IT departments.
  • 59. Encryption necessary to ensure security
    • Sensitive data must be encrypted when transmitted across any untrusted network
    • Most Encryption algorithms uses a secure key to encode the data and decode it after transmission
    • The longer the key, the more difficult it is to use brute force to decrypt the message
    • WEP uses 40, 64, or 128 (WEP2) bit keys
  • 60. Wired Equivalency Privacy
    • Optional Encryption scheme part of the 802.11b specification
    • RC4 encryption
    • Single key encrypts all traffic
    • No system for key management
    • Hackers can easily recover the key
    • WEP often not enabled
    • WEP can be defeated by sophisticated hackers
    • Provides a barrier to most potential intruders
  • 61. Wireless Hacking tools
    • At least two open source tools are available for recovering 802.11 WEP keys:
    • WEPCrack
      • http://wepcrack.sourceforge.net/
    • AirSnort
      • http://airsnort.shmoo.com/
  • 62. 802.11i
    • Security Standard for the 802.11 arena
    • Includes WPA and RSN (Robust Security Network)
    • Relies on 802.1x specification for port-based user and device authentication
    • Ratified June 2004
    • Marketed as WPA2
  • 63. WPA
    • Wi-Fi Protected Access
    • Enhanced security over WEP
    • TKIP
    • Available now
    • Backwardly compatible with WEP – requires only a firmware upgrade.
  • 64. Temporal Key Integrity Protocol (TKIP)
    • 128 bit encryption keys
    • Each packet encrypted with a different key based on a 48-bit serial number, incremented with each use.
    • Avoids replay attacks
    • Relies on a base key with is generated when a device associates with the base station
    • Ideally unique base keys transmitted during 802.1x authentication
    • Pre-shared keys used otherwise
  • 65. WPA2
    • WPA + AES = WPA2
    • Advanced Encryption Standard instead of TKIP
    • Stronger encryption algorithm
    • Not guaranteed to be backwardly compatible with existing WEP equipment
    • Personal version uses pre-shared key
    • Enterprise version uses 802.1X authentication through RADIUS server.
  • 66. WPA/802.1x Diagram
    • See:
    • http://www.infoworld.com/infoworld/img/20FEwifi_in-x.gif
  • 67. Wi-Fi Security Services
    • SecureMyWiFi ( http://www.witopia.net/ )
    • RADIUS authentication and security key distribution service
    • Operates with AP’s that support WPA-Enterprise or WPA2-Enterprise
    • $29 annual fee
  • 68. Virtual Private Networks (VPN)
    • A technology that offers strong security
    • Common approach for remote users that rely on accessing organizational resources through the Internet
    • Applicable to wireless users on premises
    • Enhances security / adds inconvenience.
  • 69. Ethernet Switch Remote Host with VPN Server Component Encrypted Tunnel provided by a Virtual Private Network Access Point Router Router Remote Laptop with VPN Client Traffic is encrypted along the entire path from client to host
  • 70. Ethernet Switch Remote Host Scope of Encryption Provided by WLAN Security Access Point Router Router Wireless LAN with WEP or WPA Traffic is encrypted only between the Wireless NIC and the Access Point
  • 71. Avoid wireless technologies for sensitive networks
    • Not appropriate for networks that carry confidential or sensitive information
    • Protect core network services with internal firewalls
  • 72. Library Applications Using wireless technology in libraries
  • 73. Library vs Commercial Wi-Fi service
    • Fee-based or Free?
  • 74. Wireless Access Policies
    • Open unauthenticated access?
    • Display appropriate use click-through page?
    • Filter?
    • Require authentication by library card number?
  • 75. Part of campus wireless infrastructure
    • It is becoming increasingly expected that students will have wireless access to their laptop computers throughout the campus.
      • Dorms, Classrooms, Labs, Libraries.
  • 76. Classrooms
    • Vision of fully connected classroom can be fully realized inexpensively
      • Expensive to provide wired connectivity in classroom setting
    • Mixed blessing (Cliff Lynch observations)
  • 77. Wireless laptops
    • Provide access to library resources to laptops brought into the library by patrons
    • Library supplied laptops can supplement public access workstations
    • Offer library users more flexibility and convenience in access resources throughout the library
  • 78. Computer labs
    • Mobile labs can be used for training an outreach sessions outside the library
    • Training labs in the library that can be set up and dismantled on demand.
  • 79. Staff applications
    • Remote circulation tasks
    • Tracking in-library use of materials without having to take them to a circulation desk
    • Inventory
    • PDA’s can be used instead of PCs or Laptops
  • 80. Cell Phones
    • Many have Internet access
    • Libraries may see future demand to make their services available to cell phone and other small wireless devices
    • Current demand limited
  • 81. Interfacing with Cell Phone services
    • WAP – Wireless Application Protocol
    • WAP Gateways part of wireless provider’s infrastructure
    • WML: Language used for delivering web pages to wireless users.
      • Ulta-light HTML
  • 82. Library-Specific Wireless Products and Services
  • 83. WAP access to Library Catalogs
    • Some vendors offering support
    • Examples:
      • Innovative Interfaces offers AirPAC
  • 84. Polaris Wireless Access Manager
    • Product from Polaris Library Systems to authenticate user access to the WLAN using the patron database using SIP2. Specifically supported for Polaris, but works with any other ILS that supports SIP2.
    • Introduced January 2004.
  • 85. TLC Wireless.Solution
    • Wireless.Solution offers libraries a secure setup fire-walled from the library's network, with up to ten simultaneous VPN connections for staff functions.
    • Wireless.Solution Pro offers the same security as Wireless.Solution, along with managed access to control bandwidth per user, the flexibility to provide access free or fee-based or a mixture of the two, and a personalized interface for the library.
  • 86. Dynix Horizon Wireless Gateway
    • Dynix offers Horizon Wireless Gateway, a comprehensive high-speed wireless networking solution for libraries that uses Bluesocket equipment and technology.
    • Horizon Wireless Gateway comes with tools for patron authentication and encryption, bandwidth management, regulatory compliance, network scheduling, Web-based network management, and centralized status and usage reporting.
  • 87. Sirsi Wireless services
    • Sirsi offers two new network consulting services for libraries interested in installing wireless and IP telephony technologies.
    • Technology partners for these services include Cisco Systems; Global Solutions Group, providing information technology design; and Bluesocket Inc., the leading vendor of open-systems wireless local area network (WLAN) systems to secure and manage wireless access to networks and the Internet.
  • 88. Sirsi PocketCIRC
    • PDA Circulation Client
    • Wireless connectivity
  • 89. Open Source options
  • 90. ZoneCD from PublicIP
    • Open source hotspot solution
    • Features:
      • Redirect users to a splash page
      • Optional or required authentication
      • Content filtering
    • Bootable Linux CD; does not install on PC but runs from the CD
    • See: http://www.publicip.net
    • Free software, but donations appreciated
  • 91. Other Wireless Technologies
  • 92. WiMax
    • 802.16 standard
    • Worldwide Interoperability for Microwave Access
    • A WAN technology
    • Last-mile alternative to DSL
    • Recent strong support by Intel corporation which developed a chip supporting WiMax.
  • 93. Bluetooth
    • Wireless protocol for connecting PDAs and peripherals to PCs
    • Not part of the 802.11 family
    • 2.45 GHz spectrum
    • Low bandwidth (~1mb/sec)
    • Short distance (10 meters)
    • Recent security concerns
  • 94. RFID
    • Radio Frequency Identification
    • 13.56 MHz band
    • Manufacturers: TAGSYS, Checkpoint Systems, Texas Instruments
    • ISO 15693
    • ISO 18000
      • Mode 1: Backward compatible with ISO 15693
      • Mode 2: Next Gen. High-speed communications with multiple tags.
  • 95. Resources
    • http://wirelesslibraries.blogspot.com/
    • http://www.networkworld.com/topics/wireless.html
    • http://www.wi-fi.org
    • http://wi-fiplanet.com/
  • 96. Summary
    • Wireless networking offers network access to many new environments and applications
    • An increasingly important supplement to existing network infrastructure
    • Not a panacea for all network communications needs