IEEE 802.11 i Security and Vulnerabilities

Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates

Auditing the data confidentiality of wireless local area networks

Wireless Local Area Networks (WLANs) provide many significant advantages to the contemporary business enterprise. WLANs also provide considerable security challenges for network administrators and users. Data confidentiality breaches (ie, unauthorized access to data) are the major security vulnerability within WLANs. To date, the major IT security standards from the International Standards Organisation (the ISO/IEC 17799) and the National Institute of Science and Technology (the Special Publication or SP suite) have only a superficial coverage of WLAN security controls and compliance certification strategies. The clear responsibility for WLAN managers is to provide network users with best practice security strategies to mitigate the real risk of unauthorized data access. The clear responsibility for IT auditors is to ensure that best practice security practices are in place and that operational compliance is consistently achieved. This paper describes a newly researched software auditing artifact for the evaluation of the data confidentiality levels of WLAN transmissions – and therefore by extension for the evaluation of existing security controls to mitigate the risk of WLAN confidentiality breaches. The paper describes how the software auditing artifact has been evolved via a design science research methodology, and pivots upon the real time passive sampling of data packets as they are transmitted between mobile users and mobile transmission access points. The paper describes how the software auditing artifact uses these sampled data packets to produce a very detailed evaluation of the levels of data confidentiality in effect across the WLAN. This detailed evaluation includes specific identification (for network managers) of the types of software services operating across the WLAN that are not supported with the appropriate data confidentiality controls. The paper concludes by presenting an analysis of the results achieved during beta testing of the auditing artifact within a university production WLAN environment

Wi-Fi Enabled Healthcare

Focusing on its recent proliferation in hospital systems, Wi-Fi Enabled Healthcare explains how Wi-Fi is transforming clinical work flows and infusing new life into the types of mobile devices being implemented in hospitals. Drawing on first-hand experiences from one of the largest healthcare systems in the United States, it covers the key areas associated with wireless network design, security, and support. Reporting on cutting-edge developments and emerging standards in Wi-Fi technologies, the book explores security implications for each device type. It covers real-time location services and emerging trends in cloud-based wireless architecture. It also outlines several options and design consideration for employee wireless coverage, voice over wireless (including smart phones), mobile medical devices, and wireless guest services. This book presents authoritative insight into the challenges that exist in adding Wi-Fi within a healthcare setting. It explores several solutions in each space along with design considerations and pros and cons. It also supplies an in-depth look at voice over wireless, mobile medical devices, and wireless guest services. The authors provide readers with the technical knowhow required to ensure their systems provide the reliable, end-to-end communications necessary to surmount today’s challenges and capitalize on new opportunities. The shared experience and lessons learned provide essential guidance for large and small healthcare organizations in the United States and around the world. This book is an ideal reference for network design engineers and high-level hospital executives that are thinking about adding or improving upon Wi-Fi in their hospitals or hospital systems

Design and initial deployment of the wireless local area networking infrastructure at Sandia National Laboratories.

A major portion of the Wireless Networking Project at Sandia National Laboratories over the last few years has been to examine IEEE 802.11 wireless networking for possible use at Sandia and if practical, introduce this technology. This project team deployed 802.11a, b, and g Wireless Local Area Networking at Sandia. This report examines the basics of wireless networking and captures key results from project tests and experiments. It also records project members thoughts and designs on wireless LAN architecture and security issues. It documents some of the actions and milestones of this project, including pilot and production deployment of wireless networking equipment, and captures the team's rationale behind some of the decisions made. Finally, the report examines lessons learned, future directions, and conclusions

Design, Development, and Implementation of a Wireless Local Area Network (WLAN): The Hartford Job Corps Academy Case Study

Wireless Local Area Networks (WLANs) offer flexibility, mobility, and scalability to educational institutions. Students are increasingly expecting anywhere, anytime access to online resources. Secondary school administrators, who serve a similar population as the National Job Corps Program (NJCP), realize that student success in the 21st century workplace depends upon the student\u27s ability to use new and emerging technologies, including wireless technology. Computer access anytime and anywhere is crucial to the success of students today. Wireless technology has been broadly deployed at educational institutions, such as the Hartford Job Corps Academy (HJCA), but little is known about how these networks are deployed and used, specifically at a Job Corps center. HJCA deployed a WLAN in 2005. Information about the core aspects of the design and implementation of anytime, anywhere initiatives, such as wireless solutions in education, is needed to complement the current research. The NJCP does not have a model for standardizing, organizing, and maintaining wireless networks. The goal of this investigation was to develop a model for planning, designing, and implementing a wireless solution for the Job Corps system. The case study findings from the investigation and the systems development life cycle (SDLC) provided the framework for structuring WLANs at other Job Corps centers. This framework also facilitated the investigation and a determination of the significance of the case study findings, and the analysis and development of the WLAN implementation model for the NJCP. The findings of the HJCA investigation from multiple sources are presented. Using the SDLC framework and the findings from the case study, the NJCP WLAN implementation model is presented. The NJCP WLAN implementation model may be used to facilitate the deployment of WLANs at government-operated, education and training facilities, such as the NJCP

Energy Efficient Security Framework for Wireless Local Area Networks

Wireless networks are susceptible to network attacks due to their inherentvulnerabilities. The radio signal used in wireless transmission canarbitrarily propagate through walls and windows; thus a wireless networkperimeter is not exactly known. This leads them to be more vulnerable toattacks such as eavesdropping, message interception and modifications comparedto wired-line networks. Security services have been used as countermeasures toprevent such attacks, but they are used at the expense of resources that arescarce especially, where wireless devices have a very limited power budget.Hence, there is a need to provide security services that are energy efficient.In this dissertation, we propose an energy efficient security framework. Theframework aims at providing security services that take into account energyconsumption. We suggest three approaches to reduce the energy consumption ofsecurity protocols: replacement of standard security protocol primitives thatconsume high energy while maintaining the same security level, modification ofstandard security protocols appropriately, and a totally new design ofsecurity protocol where energy efficiency is the main focus. From ourobservation and study, we hypothesize that a higher level of energy savings isachievable if security services are provided in an adjustable manner. Wepropose an example tunable security or TuneSec system, which allows areasonably fine-grained security tuning to provide security services at thewireless link level in an adjustable manner.We apply the framework to several standard security protocols in wirelesslocal area networks and also evaluate their energy consumption performance.The first and second methods show improvements of up to 70% and 57% inenergy consumption compared to plain standard security protocols,respectively. The standard protocols can only offer fixed-level securityservices, and the methods applied do not change the security level. The thirdmethod shows further improvement compared to fixed-level security by reducing(about 6% to 40%) the energy consumed. This amount of energy saving can bevaried depending on the configuration and security requirements

Secure and efficient routing in highly dynamic WLAN mesh networks

Recent advances in embedded systems, energy storage, and communication interfaces, accompanied by the falling prices of WLAN routers and a considerable increase in the throughput of a WLAN (IEEE 802.11), have facilitated the proliferation of WLAN Mesh Network (WMN) applications. In addition to their current deployments in less dynamic community networks, WMNs have become a key solution in various highly dynamic scenarios. For instance, WMNs are intended to interconnect self-organized, cooperative, and small Unmanned Aerial Vehicles (UAVs) in a wide range of applications, such as emergency response, environmental monitoring, and ad-hoc network provisioning. Nevertheless, WMNs still face major security challenges as they are prone to routing attacks. Consequently, the network can be sabotaged and, in the case of UAV-WMN-supported missions, the attacker might manipulate payload data or even hijack UAVs. Contemporary security standards, such as the IEEE 802.11i and the security mechanisms of the IEEE 802.11s mesh standard, are vulnerable to routing attacks, as experimentally shown in this research. Therefore, a secure routing protocol is indispensable for making feasible the deployment of WMNs in critical scenarios, such as UAV-WMN-assisted applications. As far as the author of this thesis knows, none of the existing research approaches for secure routing in WMNs have gained acceptance in practice due to their high overhead or strong assumptions. In this research, a new approach, which is called Position-Aware, Secure, and Efficient mesh Routing (PASER), is proposed. This new proposal defeats more attacks than the IEEE 802.11s/i security mechanisms and the well-known, secure routing protocol Authenticated Routing for Ad-hoc Networks (ARAN), without making restrictive assumptions. It is shown that PASER achieves —in realistic UAV-WMN scenarios— similar performance results as the well-established, nonsecure routing protocols Hybrid Wireless Mesh Protocol (HWMP) combined with the IEEE 802.11s security mechanisms. Two representative scenarios are considered: (1) on-demand ubiquitous network access and (2) efficient exploration of sizable areas in disaster relief. The performance evaluation results are produced using an experimentally validated simulation model of WMNs, realistic mobility patterns of UAVs, and an experimentally derived channel model for the air-to-air WMN link between UAVs. The findings of this evaluation are justified by the route discovery delay and the message overhead of the considered solutions