WiFi and WiMAX Secure Deployments

Wireless Broadband offers incredibly fast, "always on" Internet similar to ADSL and sets the user free from the fixed access areas. In order to achieve these features standardisation was achieved for Wireless LAN (WLANs) and Wireless Metropolitan Area Networks (WMANs) with the advent of IEEE802.11 and IEEE802.16 family of standards, respectively. One serious concern in the rapidly developing wireless networking market has been the security of the deployments since the information is delivered freely in the air and therefore privacy and integrity of the transmitted information, along with the user-authentication procedures, become a very important issue. In this article, we present the security characteristics for the WiFi and the WiMAX networks. We thoroughly present the security mechanisms along with a threat analysis for both IEEE 802.11 and the 802.16 as well as their amendments. We summarise in a comparative manner the security characteristics and the possible residual threats for both standards. Finally focus on the necessary actions and configurations that are needed in order to deploy WiFi and WiMAX with increased levels of security and privacy.

[1]  Michel Barbeau WiMax/802.16 threat analysis , 2005, Q2SWinet '05.

[2]  Sheila E. Frankel,et al.  Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i , 2007 .

[3]  Derrick D. Boom,et al.  Denial of service vulnerabilities in IEEE 802.16 wireless networks , 2004 .

[4]  John C. Mitchell,et al.  Security Analysis and Improvements for IEEE 802.11i , 2005, NDSS.

[5]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[6]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[7]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[8]  Nj Piscataway,et al.  Wireless LAN medium access control (MAC) and physical layer (PHY) specifications , 1996 .

[9]  William Stallings,et al.  Cryptography and network security , 1998 .

[10]  A T Karygiannis,et al.  Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .

[11]  William A. Arbaugh,et al.  An Initial Security Analysis of the IEEE 802.1X Standard , 2002 .

[12]  David Johnston,et al.  Overview of IEEE 802.16 security , 2004, IEEE Security & Privacy Magazine.

[13]  Voon Chin Phua,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1999 .

[14]  Chin-Tser Huang,et al.  Attacks on PKM Protocols of IEEE 802.16 and Its Later Versions , 2006, 2006 3rd International Symposium on Wireless Communication Systems.

[15]  Ieee . Wg Part11 : Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, Higher-Speed Physical Layer Extension in the 2.4 GHz Band , 1999 .

[16]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[17]  Todor Cooklev,et al.  Air Interface for Fixed Broadband Wireless Access Systems , 2004 .

[18]  Dan Simon,et al.  PPP EAP TLS Authentication Protocol , 1999, RFC.

[19]  M. Looi,et al.  A trivial denial of service attack on IEEE 802.11 direct sequence spread spectrum wireless LANs , 2004, 2004 Symposium on Wireless Telecommunications.