A layered security architecture for corporate 802.11 wireless networks

We investigate the security aspects of wireless local area networks and discuss the weaknesses associated with various conventional 802.11 security protocols such as WEP (wired equivalent privacy) and 802.1x. We propose an architecture to control access to corporate 802.11 wireless networks, based on the privileges and location of users, using tested wired network components such as VPNs and firewalls. The presented architecture reduces the security risks in enterprise level deployment of wireless LANs.

[1]  Benny Bing,et al.  Wireless local area networks: the new wireless revolution , 2002 .

[2]  William A. Arbaugh,et al.  Your 80211 wireless network has no clothes , 2002, IEEE Wirel. Commun..

[3]  William A. Arbaugh,et al.  An Initial Security Analysis of the IEEE 802.1X Standard , 2002 .

[4]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[5]  Avishai Wool,et al.  A note on the fragility of the "Michael" message integrity code , 2004, IEEE Transactions on Wireless Communications.

[6]  Hui Luo,et al.  WiFi: what's next? , 2002, IEEE Commun. Mag..

[7]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[8]  Uday S. Murthy,et al.  Firewalls for security in wireless networks , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.