Mumbai University > Information Technology > Sem 7 > Wireless Technology

Marks: 10M

Year: May 2016

To be able to secure a wireless network, the 802.11 standard includes a set of security features: Service Set Identifier (SSID) which is used to control access to an Access Point (AP), the Access Control List (ACL) to prevent unauthorized access, and the Wired Equivalent Privacy (WEP) protocol intended to provide data security.

1. Service Set Identifier (SSID)

   From a layered defense concept, the SSID is the first security level provided by the 802.11 standard to control the wireless network access. The SSID is a unique identifier up to 32 characters attribute to the network or a domain at network set up time. Every wireless client and Access Point belonging to the same network must use the same SSID. When a wireless client tries to connect to an AP, the SSID acts as a password device must provide to be authorized to join the network. Contrary to other security features, the SSID mechanism is mandatory and cannot be disabled. Each 802.11 device manufacturer provides a default identifier value. Below is a table of the major manufacturer’s SSID.

2. ACL

   The Access Control List (ACL) is another way to control access to the wireless network, still based on the layered defense concept. The network administrator can allow or deny access to the Access Point by configuring ACL on the AP itself. ACL relies upon a MAC addresses table stored on the AP to authenticate individual clients requesting access to the Access Point. This feature increases the security of the wireless network by preventing unauthorized access to the Access Point. Contrary to the SSID, the ACL is an optional feature.

3. WEP

   To give wireless networks an equivalent security level as the wired network, the 802.11 standard defined the Wired Equivalent Privacy (WEP) protocol. This protocol is used to protect wireless communication from eavesdropping through encryption and to prevent unauthorized access to the wireless network with authentication. Both encryption and authentication mechanisms rely on a secret key shared between a mobile station and the Access Point. Note that WEP is defined by the standard as optional and neither Access Points nor wireless devices are obliged to use it. It is also possible to have a wireless device using the authentication feature but not the encryption one and vice versa.

The ultimate requirements of wireless security can fall into two categories:

• Encryption and Data Privacy – The aim of encryption is to provide a mechanism to provide data privacy and integrity. The data should not be decrypted by any unauthorized means. All transmitted packets should be originated from the senders. The security mechanism should enforce the integrity of data under any circumstances.
• Authentication and Access Control – Authentication should be mutual, enabling wireless device clients and access points to authenticate each other. A framework should be introduced in order to facilitate the transmission of authentication messages between clients, access points and authentication servers. From the perspectives of access points, a mechanism should be introduced to validate client credentials in order to grant right level of access to the requested