Abstracts:
This paper starts with an overview of a wireless network. And then focuses on its security issues, as this is one of the most important issues concerning with a wireless network.Security is vital to any network, and wireless is no exceptional. There are four parts in this essay:
Introduction
's Wireless LANs can be used for both indoor peer-to-peer networks as well as for outdoor point-to- point and point-to-multipoint remote bridging applications. Wireless LANs can be designed to be modular and very flexible. They can also be optimized for different environments. For example, point-to-point outdoor links are less susceptible to interference and can have higher performance if designers increase the "dwell time" and disable the "collision avoidance" and "fragmentation" mechanisms. Wireless LANs allow workstations to communicate and to access the network using radio propagation as the transmission medium. The wireless LAN can be connected to an existing wired LAN as an extension, or can form the basis of a new network. While adaptable to both indoor and outdoor environments, wireless LANs are especially suited to indoor locations such as office buildings, manufacturing floors, hospitals and universities. These are some of the advantages that a wireless network has. But it does not mean that a wireless LAN has no troubles, put it more precisely, questions or possible weaknesses. And one of the most frequently asked questions is, "What about security?" This is our primary topic today, and let us begin with a thorough view of the skeleton of a wireless LAN, or you may want to put it as wireless network. Major issues on a wireless networkWireless LAN technology is becoming increasingly popular for a wide variety of applications. After evaluating the technology, most users are convinced of its reliability, satisfied with its performance and are ready to use it for large-scale and complex wireless networks. Wireless communication can be divided into two parts, one is wireless LAN communication and another one is wireless mobile communication. In this essay, we will emphasize on the first one, talking about the major issues concerning wireless network, esp. its security. Originally designed for indoor office applications, today
There are some major issues when people considerng a wireless network. They are:
The Wireless LAN Topology
Cell, the basic building block of the wireless LAN, is the area in which the wireless communication takes place. The coverage area of a cell depends on the strength of the propagated radio signal and the type and construction of walls, partitions and other physical characteristics of the indoor environment. PC-based workstations, notebook and pen-based computers can move freely in the cell. Each Wireless LAN cell requires some communications and traffic management.An Accesss Point (AP), communicating with each wireless station in its coverage area, coordicates with the cell. Wireless stations also communicate with each other via the AP, so, in some way, we can say that the AP functions as a relay, extending the rage of the system. When there are overlapping cells inside a building, each wireless station automatically establishes the best possible conncection with one of the Access Points.And here comes the roaming. Roaming allows mobile users with portable stations to move freely between overlapping cells, constantly maintaining their network connection. As roaming is seamless, a work session can be maintained while moving from one cell to another. More overlapping APs on one point, the better possible connection you have. Why?Because you have more choices, the stations there can continuously searching for the best AP. What we should pay attention to is the following points:
- Load balancing: Areas with many users and heavy traffic load per unit need a nulti-cell structure. Stations inside the common coverage area automatically associate withte AP that is less loaded and provides the best signal quality. Traffic should be equally divided between the APs in order to make a better performance and service;
- Dynamic rate switching: According to the received signal quality, the date rate of each station is automatically adjusted. Performace is maximized in this way, increasing the date rate and ddecreasing re-transmissions. But this point is more important for mobile applications than stilled outdoors.
The Wireless LAN's Stability (its robustness)
In general, a wireless LAN is very stable, after its setup. The stability is closely related with its structure and performance. Either of them can cause trouble to network stability. Just like the security issues.
The Wireless LAN's performance
Nowadays, good network management is vital to a network's performance. But, there are still some points we should keep in mind::
- Avoide collision To avoid collisions with other incoming calls, a RTS/CTS is used between each station and the AP. If some better methods and/or algorithms are utilized, the better the performace;
- Media access This is very important esp. when many users in one same place. Now, we use CSMA and CA mechanism before starts to transmit.
- Fragmentation The shorter fragments of packets, the more overhead for protocol. This is an extra burden for protocol efficiency, on condition that no errors happened. But no fragmentation or longer fragment length add overhead and reduce efficiency in case of errors and re-transmissions.
The Wireless LAN's Security
In this day, it is necessary for network administrators to be concered about security, given all the attention it's getting in the press. And there are more and more changes from many directions, such as hackers, viruses, industrial espionage and some other forms of destruction. In next section, we will discuss in more detail aboutsecurity risks and issues:
- Attachks from within the network's user community
- Unauthorized users gaining access
- Eavesdropping from outside the company or work group
Analysis and comparison
People might be complacent about security when using a wired LAN but as soon as the data packets begin traveling through "the air", they become concerned. Because the wired network is physically inside the company's office.Actually, any network, inculding a wired one, is subject to the threatens mentioned above. But, there are ways to combat these security holes and leaks for the networks. In addition, the wireless LAN segments come with some built-in security features too. Site managemnet Generally speaking, the biggest threat to a company's network is from within the company itself.Without the necessary security measures deployed, anyone on the network can access data that he has no relation to.This kind of accidents happened a lot. So, network administrators should manage the network properly and have the right security devices for their company's computing environments. Different kind of users need different security levels and different accessing ability to the data on the network. And modify the security process regularly for effectiveness. Internet access If users from inside of a network can get out to the Internet, then users from outside can get into your network too, on condition of no proper precautions ever utilized. This is another aspect of security concern. And Internet is not the only one that applys for. Any other capabilities youmight have that allow users to come in from the ouside, such as off- office dial-up, on-site websites, "Extranet". Firewall is one of the products that are available to help netowrk administrators secure their networks from the above threats. User anthentication and authorrization is provided by most network operating systems, and can be enhanced by adding third party products. Packet filtering, proxy servers, and user-to-session aware filtering are often used by these products. Data packet-level security concerns The most difficult threat is someone just looking at the data packets. Most Ethernet adapters on the market now offer a "promiscuous mode" that enables them to capture every packet on the network. And the software is cheap, and can be run on virtually any PC on the net. With these software, you can read, capture, and display any type of packet data on the net. The method to deal with this is to use encryption. Data encryption The last and highest level of security is achieved by the addition of an encryption product on the network as a whole. People can do this via hardware or software, scrabling the data in the packetsbefore it is sent over the network. Only those who has the correct decryption key can unscramble and read the data. Encryption can be taken as the best way to security issues. Some network OS has the capabilities, and you can just buy some software to do this, and it is very cheap.
Conclusion
In general, a certain level of security is a must in most local area networks, regardless of whether or not there are wireless segments. Even wired networks are vulnerable to insider curiosity, outsider attack, and wire-tapping. No one wants to risk having the LAN data exposed to the casual observer or open to malicious mischief. But if the data is very confidential, some more measures should be taken to ensure this.