Wireless Device and Network level security


Published on

A Presentation I made at QIP Short Term Course On Wireless  Security

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Wireless Device and Network level security

  1. 1. Security at Device, Network & Server Levels QIP Short Term Course On Wireless  Security Chetan Kumar Shivakumar Protocol Engineering and Technology Unit, IISc. (Currently working at Alcatel Lucent India Limited) e-mail shivakumar.chetan@gmail.com
  2. 2. Organization <ul><li>Session 1 </li></ul><ul><ul><li>Mobile Device Security </li></ul></ul><ul><ul><li>Network Level Security-1 </li></ul></ul><ul><li>Session 2 </li></ul><ul><ul><li>Network Level Security-2 </li></ul></ul><ul><ul><li>Server Level Security </li></ul></ul>
  3. 3. Session 1 <ul><li>Device Level Security </li></ul><ul><ul><li>Security Requirements </li></ul></ul><ul><ul><li>Treats and solutions </li></ul></ul><ul><ul><li>OS Level security </li></ul></ul><ul><li>Network Level Security </li></ul><ul><ul><li>Security Challenges at network level </li></ul></ul><ul><ul><ul><li>Security issues in WLAN (part) </li></ul></ul></ul><ul><ul><ul><li>Cellular Network, Adhoc Network security </li></ul></ul></ul>
  4. 4. What is security <ul><li>Security is PAIN </li></ul><ul><ul><li>P rivacy </li></ul></ul><ul><ul><li>A uthentication </li></ul></ul><ul><ul><li>I ntegrity </li></ul></ul><ul><ul><li>N on-repudiation </li></ul></ul><ul><li>Security is Needed for... </li></ul><ul><ul><li>Privacy Reasons: </li></ul></ul><ul><ul><ul><li>People want to hide certain (culturally specific) things. </li></ul></ul></ul><ul><ul><li>Economic Reasons: </li></ul></ul><ul><ul><ul><li>People (and enterprises) want to protect their property. </li></ul></ul></ul>
  5. 5. Mobile Security specifics <ul><li>Dynamic connections over multiple access networks (partly untrusted)‏ </li></ul><ul><li>Restrictions in communication protocols </li></ul><ul><li>(bandwidth, latency,…)‏ </li></ul><ul><li>Restrictions in devices (power, performance)‏ </li></ul><ul><li>State of affairs: </li></ul><ul><li>Client-side technology is still very immature </li></ul><ul><li>Security management of wireless networks and devices is inherently complicated </li></ul><ul><li>Multiple Stake Holders </li></ul><ul><ul><li>Owner/Subscriber </li></ul></ul><ul><ul><li>Service Provider </li></ul></ul><ul><ul><li>Enterprise </li></ul></ul>
  6. 6. Need for Mobile Device Security <ul><li>Resources </li></ul><ul><ul><li>Mobile devices are becoming more powerful </li></ul></ul><ul><ul><ul><li>1Ghz processors are common !! </li></ul></ul></ul><ul><li>Portability </li></ul><ul><ul><li>Wireless devices are smaller in size and portable </li></ul></ul><ul><ul><li>Data in those devices require more protection than data on non-portable devices </li></ul></ul><ul><ul><li>Mechanisms to recover stolen or lost devices are important </li></ul></ul><ul><ul><li>Mechanisms for self-destruction of data is also important </li></ul></ul>
  7. 7. Need for Mobile Device Security <ul><li>Mobility </li></ul><ul><ul><li>Mobility brings even bigger challenges </li></ul></ul><ul><ul><li>Trust in infrastructure </li></ul></ul><ul><ul><ul><li>Wired networks assume certain level of trust in local infrastructure (we trust our routers). In wireless networks this is a weak assumption. </li></ul></ul></ul><ul><ul><ul><li>Would you put same level of trust on an Access Point in Airport as you put on your home AP? </li></ul></ul></ul><ul><ul><ul><li>Security mechanisms should anticipate these variances in trust Or, security mechanisms should be independent of location or infrastructure. </li></ul></ul></ul><ul><ul><li>Trust in location </li></ul></ul><ul><ul><ul><li>Wired networks implicitly assume network address is equivalent to physical location. </li></ul></ul></ul><ul><ul><ul><li>In wireless networks physical location is not tied to network address. Physical location may change transparent to end nodes. </li></ul></ul></ul>
  8. 8. Need for Mobile Device Security <ul><ul><ul><li>Services </li></ul></ul></ul><ul><ul><ul><ul><li>Multiple services are run on mobile devices </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>I can also talk using my phone !! </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>MultiMedia applications </li></ul></ul></ul></ul><ul><ul><ul><ul><li>CRM applications on mobile devices </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Mobile Sales force applications on mobile devices </li></ul></ul></ul></ul>
  9. 9. Important Data on mobile device <ul><li>Smart phones and PDA usage </li></ul><ul><ul><li>55.7% store confidential infor- mation on mobile device </li></ul></ul><ul><ul><li>54% of smart phones used for e-mailing confidential information </li></ul></ul><ul><ul><li>40% access bank account and credit card </li></ul></ul><ul><ul><li>10-15% of laptops are stolen with intent of data </li></ul></ul>
  10. 10. Mobile device security Threat <ul><li>Device lost by accident OR stolen </li></ul><ul><ul><li>Replacement cost </li></ul></ul><ul><ul><li>Cost of restoring data </li></ul></ul><ul><ul><li>Loss of confidential data </li></ul></ul><ul><ul><li>Cloning threat </li></ul></ul><ul><ul><li>Impersonation </li></ul></ul>
  11. 11. Mobile device security Threat <ul><li>Data damage by mobile malware </li></ul><ul><ul><li>Some intelligent free app can upload your banking pin !! </li></ul></ul><ul><ul><li>An easy way to transmit virus (during sync) </li></ul></ul>
  12. 12. Environmental Threats <ul><li>Rich interfaces in mobile device, which are software controlled </li></ul><ul><ul><li>Teathering with wifi !! </li></ul></ul><ul><li>Unauthorized mobile device in corporate environment </li></ul><ul><ul><li>Can act as sniffer </li></ul></ul><ul><li>Threat due to using device in busy environments </li></ul>
  13. 13. Few solutions for device security <ul><li>Allow only legitimate and valid users into network </li></ul><ul><ul><li>Network admission control (NAC) </li></ul></ul><ul><li>Data encryption and strong authentication management </li></ul><ul><li>Centralized device management </li></ul><ul><ul><li>Remove old devices in system </li></ul></ul><ul><li>Patch management for software on mobile devices </li></ul><ul><li>Network level management using </li></ul><ul><ul><li>Firewall, IDS, anti spyware etc. </li></ul></ul>
  14. 14. Policy enforced solutions <ul><li>Encrypts data transmissions to and from the device and encrypts data on the devices themselves. </li></ul><ul><li>Measures the trustworthiness of the hardware, OS and applications to detect an unauthorised configuration. </li></ul><ul><li>Allows IT staffers to deactivate, lock and/or wipe devices which have been stolen or lost. </li></ul><ul><li>Provides strong user authentication both to activate the device and to access the network. In the case of loss/theft, user authentication can slow or halt an attacker entirely. </li></ul><ul><li>Management functions on the device and on the back-end which allow users to centrally create, rollout, change and enforce their security policies. </li></ul><ul><li>Password protection on all devices at power-on. Most mobile devices ship with this feature. </li></ul>
  15. 15. OS Security Mechanism <ul><li>Capability model </li></ul><ul><ul><li>Provide access to recourses to only applications that have certain trust level </li></ul></ul><ul><ul><ul><li>Decided during installation </li></ul></ul></ul><ul><li>Data caging model </li></ul><ul><ul><li>Certain user get full access to vulnerable files. </li></ul></ul><ul><li>Password protection and CA based authentication </li></ul><ul><li>Remote wipe-out </li></ul><ul><li>Policy propagation mechanism </li></ul>
  16. 16. Network Level Security
  17. 17. Why do we need network security I can send mail to all news channels using wifi access from this building. No non-repudiation
  18. 18. Why do we need network security I can get the passwords now sitting outside this building Internet Banking is so easy with WiFi at home Eves dropping
  19. 19. Why security is more of a concern in wireless ? <ul><li>Two basic security problems in wireless </li></ul><ul><ul><li>Connecting to the network does not need physical access to the network </li></ul></ul><ul><ul><ul><li>Just stand outside a building, you can get connected to AP that is inside the building </li></ul></ul></ul><ul><li>The broadcast nature of radio communications </li></ul><ul><ul><li>WiFi network normally operate at 150mW, upto 300M radius </li></ul></ul><ul><ul><li>Have you ever tried wireshark (or tcpdump) ‏ </li></ul></ul>
  20. 20. Why security is more of a concern in wireless ? <ul><li>Other related security vulnerabilities </li></ul><ul><ul><ul><li>Anyone can generate transmissions, </li></ul></ul></ul><ul><ul><ul><li>which will be received by other devices in range </li></ul></ul></ul><ul><ul><ul><li>which will interfere with other nearby transmissions and may prevent their correct reception (jamming)‏ </li></ul></ul></ul><ul><ul><ul><li>Injecting bogus messages into the network is easy </li></ul></ul></ul><ul><ul><li>Replaying previously recorded messages is easy </li></ul></ul>
  21. 21. Why security is more of a concern in wireless ? <ul><li>Illegitimate access to the network and its services is easy </li></ul><ul><ul><li>Denial of service is easily achieved by jamming </li></ul></ul>
  22. 22. Network Level Security Challenges <ul><li>Transmission Security </li></ul><ul><ul><li>at physical, medium access and data link layers over wireless media. </li></ul></ul><ul><li>Communication Security </li></ul><ul><ul><li>message confidentiality, integrity, and end-point authentication </li></ul></ul><ul><li>Authorization and Access Control </li></ul><ul><li>Network Infrastructure Protection </li></ul><ul><li>Robustness </li></ul><ul><li>Efficiency </li></ul>
  23. 23. Wireless LAN Security <ul><li>Various Schemes in WiFi security </li></ul><ul><ul><li>Service Set ID (SSID) based </li></ul></ul><ul><ul><li>MAC Address based filtering </li></ul></ul><ul><ul><li>Wired Equivalent Privacy (WEP) ‏ </li></ul></ul><ul><ul><li>eWEP (Enhanced WEP) ‏ </li></ul></ul><ul><ul><li>Wireless Protected Access (WPA) </li></ul></ul><ul><ul><li>WPA 2 </li></ul></ul><ul><ul><li>IEEE 802.11i </li></ul></ul>
  24. 24. Service Set Identifier (SSID) ‏ <ul><li>SSID is used to identify an 802.11 network </li></ul><ul><li>It can be pre-configured or advertised in beacon broadcast </li></ul><ul><li>It is transmitted in clear text </li></ul><ul><ul><li>Provide very little security </li></ul></ul>
  25. 25. MAC Address Filtering <ul><li>MAC address filtering is another way people have tried to secure their networks. </li></ul><ul><li>NIC’s MAC address is a 12-digit hexadecimal number that is unique to each and every network card in the world. </li></ul><ul><li>Uniqueness allows you limit access to the AP to only those MAC addresses of authorized devices. </li></ul><ul><li>You can easily shut out everyone who should not be on your network. </li></ul><ul><li>However, MAC Address filtering is not completely secure and, if you solely rely upon it, you will have a false sense of security </li></ul>
  26. 26. Issues with MAC Address Filtering <ul><li>Someone will have to keep a database of the MAC address of every wireless device in your network. Keeping track of hundreds of MAC addresses, this will become a nightmare. </li></ul><ul><li>MAC addresses can be changed , so a determined attacker can use a wireless sniffer to figure out a MAC address that is allowed through and set his PC to match it to consider it valid. </li></ul><ul><li>Note that encryption takes place at about Layer 2 of the OSI LAYER, so MAC addresses will still be visible to a packet sniffer. </li></ul>
  27. 27. End of session 1 <ul><li>Let us break for tea.. </li></ul>
  28. 28. Session 2 <ul><li>Network Level Security </li></ul><ul><ul><li>Security issues in WLAN (part) </li></ul></ul><ul><ul><li>Cellular Network, Adhoc Network security </li></ul></ul><ul><li>Server Level Security </li></ul><ul><ul><li>Security Threat for server </li></ul></ul><ul><ul><li>Server Security Steps </li></ul></ul><ul><ul><li>Security Solutions </li></ul></ul>
  29. 29. WEP - Wired Equivalent privacy <ul><li>Part of the IEEE 802.11 specification </li></ul><ul><li>GOAL </li></ul><ul><ul><li>make the WiFi network at least as secure as a wired LAN (that has no particular protection mechanisms) ‏ </li></ul></ul><ul><ul><li>WEP has never intended to achieve strong security </li></ul></ul><ul><ul><li>(at the end, it hasn’t achieved even weak security) ‏ </li></ul></ul>
  30. 30. WEP - Wired Equivalent privacy <ul><li>There is a lot of misconception surrounding WEP , </li></ul><ul><li>WEP is not, nor was it ever meant to be, a security algorithm. </li></ul><ul><li>WEP is not designed to repel; it simply makes sure that you are not less secure because you are not keeping your data in a wire. </li></ul><ul><li>The problem occurs when people see the word “encryption” and make assumptions. </li></ul><ul><li>WEP is designed to make up for the inherent insecurity in wireless TX, as comparezd to wired TX. </li></ul>
  31. 31. WEP - Wired Equivalent privacy <ul><li>WEP makes your data as secure as it would be on an unencrypted, wired Ethernet network. </li></ul><ul><li>That is all it is designed to do, period. </li></ul><ul><li>WEP can be typically configured in three possible modes : </li></ul><ul><ul><li>No encryption mode </li></ul></ul><ul><ul><li>40-bit encryption </li></ul></ul><ul><ul><li>128-bit encryption </li></ul></ul>
  32. 32. What is WPA? <ul><li>Wi-Fi Protected Access (WPA) is a response by the WLAN industry to offer an immediate, a stronger security solution than WEP. </li></ul><ul><li>WPA was created by the Wi-Fi Alliance, an industry trade group, which owns the trademark to the Wi-Fi name and certifies devices that carry that name. </li></ul>
  33. 33. WPA in nut shell… <ul><li>WPA is designed for use with an IEEE 802.1X authentication server, which distributes different keys to each user. </li></ul><ul><li>Data is encrypted using the RC4 stream cipher, with a 128-bit key and a 48-bit initialization vector (IV). </li></ul><ul><li>One major improvement in WPA over WEP is the Temporal Key Integrity Protocol (TKIP) , which dynamically changes keys as the system is used </li></ul><ul><li>When combined with the much larger IV , this defeats the well-known key recovery attacks on WEP. </li></ul>
  34. 34. WPA in nut shell… ( Cont’d ) ‏ <ul><li>In addition to authentication and encryption, WPA also provides vastly improved payload integrity . </li></ul><ul><li>The cyclic redundancy check (CRC) used in WEP is inherently insecure ; it is possible to alter the payload and update the message CRC without knowing the WEP key. </li></ul><ul><li>A more secure message authentication code (usually known as a MAC, but here termed a MIC for &quot;Message Integrity Code&quot;) is used in WPA, an algorithm named &quot;Michael&quot;. </li></ul><ul><li>The MIC used in WPA includes a frame counter , which prevents replay attacks being executed. </li></ul>
  35. 35. WPA Modes <ul><li>Pre-Shared Key Mode </li></ul><ul><ul><li>Does not require authentication server. </li></ul></ul><ul><ul><li>“ Shared Secret” is used for authentication to access point. </li></ul></ul><ul><li>Enterprise Mode </li></ul><ul><ul><li>Requires an authentication server </li></ul></ul><ul><ul><li>Uses RADIUS protocols for authentication and key distribution. </li></ul></ul><ul><ul><li>Centralizes management of user credentials. </li></ul></ul>
  36. 36. In Summary <ul><li>Fixes all known WEP privacy vulnerabilities. </li></ul><ul><li>Designed by well-known cryptographers. </li></ul><ul><li>Best possible security to minimize performance degradation on existing hardware. </li></ul>
  37. 37. AdHoc Network Security issues <ul><li>Challenges in AdHoc Network </li></ul><ul><ul><li>Lack of infrastructure, absence of trusted third parties (TTPs) </li></ul></ul><ul><ul><li>The constraints of the devices and the communication channel </li></ul></ul><ul><ul><li>Bootstrapping security, providing authentication and key exchange </li></ul></ul><ul><ul><li>Enabling key revocation and key renewing in public key infrastructures (PKIs). </li></ul></ul>
  38. 38. Server Level Security <ul><li>Servers provide services to mobile devices </li></ul><ul><ul><li>DHCP/DNS/HTTP/File servers etc </li></ul></ul><ul><li>Messaging and file services are very critical part of mobile work force in enterprise. </li></ul>
  39. 39. Security Threats in Servers <ul><li>Malicious entities may exploit software bugs in the server </li></ul><ul><li>Denial of Service (DoS) attacks </li></ul><ul><li>Sensitive information transmitted unencrypted or weakly encrypted between the server and the client may be intercepted. </li></ul><ul><li>Malicious entities may gain unauthorised access to resources elsewhere in the organisation‘s network via a successful attack on the server </li></ul>
  40. 40. Securing the Servers <ul><li>Planning </li></ul><ul><ul><li>Identify the Purpose(s) of the Server </li></ul></ul><ul><ul><li>Install right firewall </li></ul></ul><ul><ul><li>Install NIDS </li></ul></ul><ul><li>Install, Configure, and Secure the Underlying OS </li></ul><ul><li>Install, Configure, and Secure the Server Software </li></ul>
  41. 41. Thank You <ul><li>We can address any questions that you had earlier hesitated to ask </li></ul><ul><li>'the security of a computer system degrades in direct proportion to the amount of use the system receives - (Farmer's Law) ' </li></ul>
  42. 42. Backup Slide <ul><li>Backup slides </li></ul>