A Layered Approach to Security for Wireless Networks


By Richard C. Grosser
OCTOBER 23, 2002
 

Secure wireless data communications has been a problem since World War II. With the advent of the IEEE 802.11 specification in 1997, the transmission of data by wireless has become ubiquitous and the problem more intense. We are now faced with the additional problem of securing the connection as well as the data.

Unfortunately, like any new technology, there is an element of "FUD" (fear, uncertainty and doubt) involved. The most common objection to the use of wireless networks involves security. Many managers take a "What I don't understand can hurt me" attitude. In most cases, these reservations are entirely unwarranted.

If someone leaves a car with the doors open and the key in the ignition, it will probably be stolen. The solution to this problem isn't to abandon the use of cars, but instead to use simple layered security procedures, like locking the ignition, steering wheel and doors and perhaps installing an alarm or tracking system. A similar layered approach works to secure pervasive wireless or wireline networks.

A recent informal survey of about 20 businesses that I undertook showed that most of them simply took their wireless access points out of the box and turned on without any regard to the setup procedures. This means the Service Set Identifier (SSID), which allows a 802.11-compliant station to join its group, is either the name of the access point manufacturer or something like "Default." This allows people, in some cases up to a mile away, to connect to your wireless network, apply cracking tools to gain further access, decrypt your message packets and possibly gain access to your wireline infrastructure through a gateway.

A good approach to solving this problem is to take a layered access control strategy, starting with the SSID, and then creating additional authentication and encryption layers, each raising its own barrier to intrusion. Most access points broadcast their SSID by default, but this can be easily changed so that stations must know the SSID in advance to initiate communication. This adds a level of shared secret authentication, though not enough by itself to secure a system. Next, if you dynamically allocate IP addresses as part of the device discovery process, then the Media Access Control (MAC) hardware addresses of stations seeking access to your network can be authenticated against a list of devices belonging to authorized users. While MAC addresses can be spoofed, this still adds another barrier to unauthorized access.

Once the MAC address is authenticated, the Wired Equivalent Privacy (WEP) protocol is invoked and a session key is exchanged, establishing an encrypted session. There are many documented attacks on the WEP protocol, and numerous cracking tools have been published on open-source hacker Web sites. It takes a hacker approximately 15 to 30 minutes to crack a 128-bit WEP key. Changing the key every 10 minutes will thwart this attack by effectively establishing a new session before the hacker has enough time to crack the key. The Lightweight Extensible Authentication Protocol system advanced by Cisco Systems Inc. provides dynamic WEP initialization for users and sessions, and manages the session keys to enhance the integrity of the 802.11 channel encryption.

As a final line of defense, some middleware infrastructure systems for mobile workers provide additional in-channel end-to-end encryption, such as Secure Sockets Layer or Elliptic Curve Cryptosystem. Additionally, a traditional virtual private network can be used. This technique adds a level of security. Mobility middleware can also provide authentication and access privilege levels for specific users in the organization, and user and device administration and provisioning capabilities. There are also hardware firewall devices specifically designed for use with wireless access points.

It has been said that if you don't know where you're going, you can't get lost. But in truth, you can, so know what level of security you need, then make a plan and stick to it. This may sound like a lot of work, but security in pervasive systems is really within fairly easy reach using current technology. Conscientious planning during the architecture-definition and development phases, as well as continuing security administration for the lifetime of the system, can allow safe, secure and effective pervasive systems to be deployed. Some precautions are as simple as reading the manuals, and following their security recommendations when setting up the wireless infrastructure.