Home: www.packetnexus.com
http://www.key3media.com/interop/thisweek/news/news101101_wireless.php Achieving wireless security By Veronica Williams As the value of information traveling wirelessly increases, security becomes a major concern. After all, there’s no need to tap into a cable or wire; a thief can simply pluck information from the air. So, how do you protect data that’s flying through the sky? Vulnerability Data is vulnerable when it can be accessed, and interpreted, in its entirety. This often takes place when data is in memory or when it is airborne. Data is often in raw form when it is in memory, where transformation/conversion takes place. It’s airborne between the portable device and the network access point, or the time between when data is created or reviewed until it reaches the network (infrastructure). The WAP gap, a security breach in the wireless access protocol (WAP), is such an example. The point of vulnerability is where wireless transport layer security (WPLS), which secures the link between the portable device and the WAP gateway, converts to a secure socket layer (SSL) connection between the AP gateway and the Web server. Flaws in the wired equivalent privacy protocol, intended to deliver wired level comparable security to wireless LANs, have been uncovered and confirmed by numerous parties. In addition to compromising data, access to a network can be prohibited by flooding the wireless access point with data. The IEEE reportedly has a group working on 802.11i, a new wireless standard with a focus on security. Solutions taking hold The current and planned introduction of m-commerce products and services by financial institutions is validation of their base-level confidence in security tools. Public key infrastructure (PKI), encryption and password protection are among the techniques used by numerous companies that offer security tools. Last July, Baltimore launched Telepathy QuickStart with industry heavyweights Ericsson, Siemens, Gemplus, Oberthur, SchlumbergerSema and Giesecke & Devrient. This solution for secure mobile commerce combines wireless PKI handsets and smartcard technologies in an integrated package, reducing deployment complexity and time. Certicom’s elliptic curve cryptography technology boasts a key size of 163 bits versus 1024 for RSA. Diversinet optimizes resource consumption by using a digital certificate format that is much smaller than the IEEE X.509 standard. Certificate caching takes place on the device to minimize the ability of thieves to penetrate. RSA’s recently released BSAFE Wireless Core product, however, doubles performance, achieving an impressive 40 signatures per second on COMPAQ’s IPAQ computer. Ideally, data should be secured at the time that it is created. It must remain secure until and after it is received and processed by the intended party. That means authentication and encryption must be employed to operate within the confines of the wireless computing environment. Many wireless networks have a perceived degree of inherent security. Wireless LANs spread transmission signals across a spectrum of frequencies according to a defined pattern (FHSS, DSSS, OFDM). Packet-based wide area wireless networks are the wave of the future. Messages are broken up into pieces that may take different routes through the network. Retrieving every packet needed to reconstruct a message can be daunting for the data thief. Nonetheless, many do achieve that feat. To reach an accepta