Chapter 2
Wireless Security
Wireless networks broadcast their network data using radio signals. Unlike wired networking technologies such as Ethernet, it is difficult to control access to the wireless networking media. For example, with wired networks you must have physical access to a network jack. If you use wireless networks, you do not even need to be in the building; you can access the wireless network from across the street. The difference between wired and wireless networks is illustrated in the following comparison:
With wired networks, the medium is private. You do not have to worry about who is connecting because the assumption is that unauthorized users cannot gain access to a network plug. You also do not have to ensure that the traffic is made confidential because the traffic is sent over a private cabling system that is not accessible to unauthorized users.
With wireless networks, the medium is public. Anyone with the proper wireless equipment that is within association range can connect. The network traffic must also be made confidential because the unauthorized user can receive wireless frames without being present in physically securable areas.
Therefore, for wireless LANs, security is a required element of the technology, its implementation, and its deployment. Properties of secure communications for wireless networks consist of the following:
Before being allowed to exchange data traffic with the wireless network, the wireless network node must be identified and (depending on the authentication method) must submit credentials that can be validated.
Before sending a wireless data packet, the wireless network node must encrypt the data to ensure data confidentiality.
Before sending a wireless data packet, the wireless network node must include information in the packet so the receiver can determine that the contents of the packet were not modified in transit.