1 / 7

Remedies

Remedies. Use of encrypted tunneling protocols (e.g. IPSec , Secure Shell ) for secure data transmission over an insecure network WEP2 A stopgap enhancement to WEP, implementable on some (not all) hardware not able to handle WPA or WPA2, based on: Enlarged IV value

jtartt
Download Presentation

Remedies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Remedies • Use of encrypted tunneling protocols (e.g. IPSec, Secure Shell) for secure data transmission over an insecure network • WEP2 • A stopgap enhancement to WEP, implementable on some (not all) hardware not able to handle WPA or WPA2, based on: • Enlarged IV value • Enforced 128-bit encryption • Remains vulnerable to known WEP attacks — at most it will just slow an attacker down a bit • WEPplus • A.K.A WEP+. A proprietary enhancement to WEP by Agere Systems that enhances WEP security by avoiding "weak IVs". It is only completely effective when WEPplus is used at both ends of the wireless connection. As this cannot easily be enforced, it remains a serious limitation. It is possible that successful attacks against WEPplus will eventually be found. It also does not necessarily prevent replay attacks. • WPA and WPA2 • Either is much more secure than WEP. To add support for WPA or WPA2, some old Wi-Fi access points might need to be replaced or have their firmware upgraded.

  2. Mobile Wireless/Personal NW

  3. Mobile Wireless/Personal NW • Roaming personal network: such as PDA, mobile phone, laptop, health monitoring devices, etc.-roaming personal network, as the user might carry this network with him and roam from one public network to another.􀂃 Home personal network: devices and components that belong to a userand are located at a remote site. -might include home appliances such as TV or washing machine, music directory, VoIP server, Email server and other services and devices. -could also be the business environment of the user such as data repository andcalendar manager.􀂃 Foreign personal network: devices and services that might complement theusers’ devices and services but do not belong to them. -such as a large display screen that might be used by a roaming user as an extension to her personal network.􀂃 Public network: networking infrastructure that connects the user to the Internet and thereby to her home (personal) network as well as to foreign (personal) networks

  4. Service Discovery& Security • Existing service discovery protocols are Jini, Salutation, UPnP, SLP and the Bluetooth Service Discovery Protocol. • Two protocols that stand out here are Splendour and Secure Service Discovery Service. • have built in security. The latter also handles mobility. • Any PN will involve separate PANs communicating over shared infrastructure – be it a wired Internet, a WLAN or an UMTS cellular network. • Internet security schemes like RADIUS and DIAMETER • Security features offered by WLANs and UMTS. • RADIUS • is a client server protocol between an access server and a central RADIUS server. • Provides hop-by-hop security and a variety of authentication methods. • DIAMETER • is based on RADIUS, • but it also provides end-to-end security and a mechanism for congestion control. • Security in the IEEE 802.11 family of protocols • has been bolstered by the introduction of the 802.1x and the 802.11i standards • UMTS provides mutual authentication between mobile terminal and base station. • KASUMI algorithm provides encryption and data integrity in a UMTS network • Concept of “sabdbox” to contain download/imported apps.

  5. Security in Roaming • 􀂃 Secure device-to-device communication: This involves the case when a certain device wants to join an ad hoc network, for instance, a Bluetooth device requesting to join a piconet. Since there is no infrastructure in ad hoc networks, it will be difficult to make a decision regarding the trust of other parties. The communication between devices also needs to be encrypted in order to preserve confidentiality. • 􀂃 Secure network communication: After establishing a personal network consisting of various devices one needs to ensure that the networking aspects such as routing and addressing are handled securely. This involves detecting false routing entries, denial of service attacks on the networking layers and so on. • 􀂃 User to device authentication: This involves the secure authentication and authorisation of a user before accessing a device belonging to the personal network. Here the issue of userdevice interaction and authentication methods such as SIM cards, biological prints, etc. must be addressed. • 􀂃 Secure application level communication: This involves addressing the security aspects of the inter-application interaction. Here issues such as providing secure messaging or VoIP communication are to be addressed. This is especially important as many applications use centralised control points such as a VoIP server or a naming server. With personal networks providing intelligent and advanced services in an ad hoc manner, such services and the AAA aspects related to them must be distributed.

  6. Credentials Provided to An Identity Provider

  7. RFID Security • Types of RFID Tags • Types of Attacks

More Related