wireless security
Contents at a Glance
Part 1 Introduction to Wireless
Chapter 1 Welcome to a Wireless World 3
Chapter 2 Wireless Threats 47
Chapter 3 Introduction to Wireless Security Protocols and Cryptography 63
Chapter 4 Security Considerations for Wireless Devices 79
Part 2 Wireless Technologies and Applications 91
Chapter 5 Introduction to Cellular Networks 93
Chapter 6 Introduction to Wireless Data Networks! 35
Chapter 7 Wireless Standards and Technologies 169
Part 3 Wireless Deployment Strategies 189
Chapter 8 Implementing Wireless LANs: Security Considerations 191
Chapter 9 Enabling Secure Wireless Access to Data 215
Chapter 10 Real Examples from the Wireless World 237
Chapter 11 The Wireless Future 259
Chapter 12 Assessing Wireless Local Area Networks |LANs) 281
Appendix A Glossary of Wireless Terms 293 Index 3
Contents
Acknowledgments
About the Authors
Forword
Part 1 Introduction to Wireless
Chapter
1: History of Wireless Technologies 5 The 1970s—The First Wireless
Networks 7 The 1980s—Wireless Markets Start to Evolve 8 The
1990s—Wireless Networks Mature I I The Mid1990s—Other Wireless Networks
Emerge 1 The Late 1990s—The Wireless Internet Emerges 5 History of
Wireless Security 20 Eavesdropping and Jamming 1 The Wireless
Internet—Wireless Security Moves into the Mainstream 22 Wireless Value
Chain 23 State of the Wireless Industry.2001 29 North American Wireless
Industry,2001 30 European Wireless Industry.200! 7 Japanese Wireless
Industry.2001 40 Asian Wireless Industry.2001 3 Conclusion 44
Chapter
2 Wireless Threats 47 The Uncontrolled Terrain 47 Eavesdropping 48
Communications Jamming 50 Dental of Service (DoS) Jamming 5 Injection
and Modification of Data 1 ManintheMiddle fMITMJ Attacks 52 Rogue dent 5
Rogue Network Access Points 53 Attacker Equipment 6 Covert Wireless
Channels 59 Roaming Issues 60 Cryptographic Threats 2 Conclusion
Chapter
3 Introduction to Wireless Security Protocols and Cryptography 63
Removing the FUD 6 OSI Model 4 OSI Simplified 5 Internet Model 66
Wireless Local Area Network (LAN) Security Protocols 67 Cryptography 8
Secure Sockets Layer/ Transport Layer Security (SSL/ TLS) 69 Secure
Shell (SSH)? I Protocol or Program? 71 Terminal Access and File Transfer
7 Port Forwarding 2 A Word of Caution 73 ManintheMiddle [MfTM] of SSL/
TLS and SSH 7 WTLS 74 WEP 5 802 Ix IP Security (IPSec) 76 Conclusion 8
Chapter
4 Security Considerations for Wireless Devices 79 Wireless Device
Security Issues 79 Physical Security 80 Information Leakage 1 Device
Security Features 82 Application Security 3 Detailed Device Analysis
Laptops 84 Personal Digital Assistants (PDAs) 86 Wireless Infrastructure
88 Handsets 89 Conclusion 90
Part 2 Wireless Technologies and Applications 91
Chapter
5 Introduction to Cellular Networks 93 FDMA 94 TDMA 6 CDMA Spread
Spectrum Primer 99 Analogy 9 TDMA Versus CDMA 101 PDC 103 iDEN: An
Emerging Fourth Choice for American Consumers I05 Security Threats 106
Types of Cellular Fraud 107 Combating Fraud '08 General Security
Principles 110 Inside GSM 112 GSM Security 4 GSM Algorithm Analysis 119
Inside CDMA I 22 Why Not Use Public Keys for Cellular Authentication? 1
23 Cellular Network and Security—What Next? 128 The Future 132
Chapter
6 Introduction to Wireless Data Networks 135 Cellular Digital Packet
Data (CDPD) 137 CDPD Architecture 1 38 CDPD Security 39 Mobitex 142
Mobitex Architecture 14 Mobitex Security Architecture 14 3 General
Packet Radio Service |GPRS) 149 GPRS Architecture 152 GPRS Security
Issues 1 54 GPRS Security 155 Introducing the Wireless Application
Protocol |WAPJ 1 59 The WAP Device 1 6 I The WAP Gateway 162 WAP
Security Model 3 Conclusion 166
Chapter
7 Wireless Standards and Technologies 169 Current and Future
Technologies 169 Infrared 170 Radio Spread Spectrum 111 OFDM
X
Current and Future Standards! 72 IEEE 80273 802.11 17 The ABCs of 802.1
I 174 802 Mb 175 802.11a 7 802.11g 178 802 llj 8021 h and 56PP 179 802
lie 17 802 111 802 I If 179 IEEE 802180 IEEE 8023 IEEE 802 I x 184 ETSI
18 Bluetooth 5 HomeRF 186 Ultrawideband Radio (UWB) 18 Conclusion 187
Part 3 Wireless Deployment Strategies 189
Chapter
8 Implementing Wireless LANs: Security Considerations 191 Common
Wireless Network Applications 191 Physical Security Considerations 192
Network Security Considerations '95 Application Security Considerations
200 Enterprise Campus Designs 20 Enterprise Design 1 Enterprise Design 2
Enterprise
Guest Network 204 Enterprise PointtoPoint Configuration 205 Wireless
ISP Design 207 Retail and Manufacturing Designs 20 Kiosk/ Roaming Agent
Design 8 warehouse Design 210 Small Office/ Home Office Design |SOHO|
211 Conclusion
Chapter 9 Enabling Secure Wireless Access to Data 21
5
Planning for Wireless Data—Important First Steps 220 Potential Wireless
Application Scenarios 222 Wireless Policies 228 Wireless Logistics
Policies 229 Wireless Security Policies 230 Conclusion 234
Chapter
10 Real Examples from the Wireless World 237 Introduction to the Case
Studies 242 Case Study I 243 Case Study 2 4 Case Study 3 247 Case Study 4
9 Case Study 5 251 Case Study 6 2 Case Study Wrapup: Key
Characteristics 254 First Characteristic—Simplicity 25 Second
Characteristic—Flexibility 6 Third Characteristic—Scalability 25 Fourth
Characteristic—Holistic 6 Fifth Characteristic—Motivated User Base 257
Conclusion 258
Chapter
11 The Wireless Future 259 ThirdGeneration (3G) Networks 260 Worldwide
Status of 3G Networks as of 2002 262 What about EDGE? 264 What Lies
ahead for Wireless Operators? 265 But Wait.
There's
More—Introducing FourthGeneration (4G) Networks 267 What Lies
Ahead—Wireless Networking? 270 New Wireless Products 273 New Wireless
Networking Markets 27 Two Worlds Collide 274 Looking Ahead—Key Issues
275 Wireless WrapUp 277 Conclusion
Chapter
12 Assessing Wireless Local Area Networks (LANs) 281 Getting Started 28
Wireless Policy 3 Process 28 Information Gathering 28- 5 What to Look
For 28 Data Analysis 286 Organizing the Data 28 Mapping Out Coverage
Areas 286 Follow Up 287 Validating Data and Taking Action 288 Ongoing
Assessments 289 Emerging Markets 29 I Conclusion 291
Appendix A Glossary of Wireless Terms 293
Index 3
Acknowledgments
I
would like to give special thanks to the following individuals who have
been extremely important people for their tremendous support to my
career and personal life, making this book possible: DC Cashman, Henry
Chung, Mat Hughey, Aaron Keaton, David Kim, Theran Lee, Andrew Mehren,
Jay Mehren, Farrah and Paul Pollino Jr. , Eric Rafanan, Gilbert Ribet,
Steve Roge, Shelah Ryan, Mike Schiffman, Lois Spencer, Sean Stin son,
Joanna Tandaguen, and Joel Wallenstrom. I cannot forget the fol lowing
for their help with my wireless security research: Brian Hassick,
Michael Oh, Michael Stokes, and Sri Sundaralingam. —Dauid Pollino While
only two names only appear on the front cover of this book, count less
other individuals played an integral role in the successful completion
of this book.
Thankfully,
this section provides a vehicle to recognize those individuals whose
collective advice and support helped sustain the pro ject and enable it
to proceed smoothly.
First,
I would like to recognize the individuals at McGrawHill/ Osborne who
steered me the multistep process of producing this book. Emma Acker and
Jane Brownlow both ensured that project deadlines were met and provided
useful advice and encouragement throughout the entire process. Bettina Faltermeier helped with promotional and marketing activities.
Lastly,
credit is due to unnamed individuals in the art depart ment who
successfully translated my scribbled drawings into the dia grams
presented in this book. In addition to the McGrawHill/ Osborne people,
several other individ uals deserve mention. Fellow author Carlton Davis
provided useful tech nical reviews of the chapters and Beth Brown also
assisted in the page layout and review process.
Courtney
Flaherty at Brodeur Worldwide was also instrumental in procuring the
necessary product images of the Blackberry devices. Last, but certainly
not least, special gratitude is directed towards my extended family who
provided valuable support and, in some cases, nec essary nourishment.
The most significant supporters for this project were my wife Lefki and
our two children, Demetri and Cassandra. Despite the growing demands of
running her own business, Lefki was a beacon of inspiration and
encouragement for me and made the entire book writing process proceed
without a hitch. While my children are still too young to appreciate
what writing a book means, I hope they find this book useful someday as
their generation will undoubtedly witness amazing transfor mations in
wireless technologies in the coming decades.
Merritt Maxim
About the Authors
David
Pollino, Director of the Wireless Center of Excellence at @stake, Inc. ,
conducts leading research into wireless security issues. He is a
respected information security consultant with an extensive networking
background.
His wireless and network security expertise is published in magazines
and books. David speaks on security issues at several indus try events. Merritt Maxim is an experienced information security professional.
He
has spoken at numerous industry events on wireless security. He
provides security consulting to commercial clients on numerous security
topics and was previously a product manager for wireless security at RSA
Security Inc. Carlton Davis is doing research in wireless network
security for his Ph. D. degree in Computer Science at McGill University,
Montreal, Canada. Before returning to McGill, he held a number of
ITsecurity related positions, which provided handson experience with
various sys tem and network security applications and tools.
These
positions included Senior SE for Network Associates (Santa Clara,
California), Unix System Manager for Bell Canada {Montreal, Canada), and
System Administrator at the School of Computer Science, McGill
University (Montreal, Canada). Mr. Davis is also the author of IPSec:
Securing VPN, published by McGrawHill, April 2001. Brian Hassick is
currently the founder of ConsiliumIII, a research pro totype house that
explores various fields of wireless networking, de centralized networks,
and advanced antenna design.
Previously,
he was one of the founding researchers of @stake, Inc. , and one of the
principle developers of the Wireless Center of Excellence. Prior to
that, he spent five years at Bolt, Berenak, and Newmann, where he worked
on the GP1000, the TC2000, the NASA ACTS Gigabit Satellite Network, the
Gigabit SuperRouter, and the Safekeyper.
He
is also one of the founders of BAWIA, the Boston Area Wireless Internet
Association, and has been active in building communitybased wireless
networks since 1995. He has given talks on secure hardware design, and
wireless networking, and written articles on wireless threats and
countermeasures.
Michael Oh, MCSE, MCT is a technical instructor and consultant with ten
years experience in a wide area of information systems technologies. He
has a strong focus on messaging, networking, and Internet security
system such as firewalls, VPN's, IDS and monitoring systems. His cur
rent researc interests are in networking, wireless LAN's, and Linux.
Foreword
Welcome
to Wireless Security. This book is part of a continuing series of
titles published by RSA Press, the publishing arm of RSA Security Inc. .
While I believe all our publications are valuable and relevant to
organi zations seeking to bolster the security of their ebusiness
infrastructures and electronic resources, this book is different because
the wireless world is different. Wireless has distinct capabilities and
also presents distinct challenges from a security perspective.
For
this reason, I am proud that Wireless Security is the first book
entirely devoted to wireless security that has been written specifically
for IT professionals and other users. I think you will find the mix of
histori cal background, technical discussion, and market insight
extremely use ful as you begin to plan and implement a security strategy
for your wireless systems and technologies. The very term wireless
denotes something untethered and uncon strained.
This
contributes to the sense of freedom and mobility that wire less
technology brings to users. At the same time, wireless also connotes
something difficult to control and protect. All of these associations
are valid. Wireless does help people break through the geographical
bound aries of the wired world; yet it can also make information
transmitted through wireless networks vulnerable to unauthorized access
or attack.
This
is why organizations need to understand the range of security threats
endemic to wireless technologies, including eavesdropping, wire less
denialofservice attacks, and various encryption issues.
Wireless
Security was created to help IT professionals address these challenges.
The magnitude of potential problems that wireless may pose is discussed
in detail in Part 1, Chapter 2: “Wireless Threats. “ The broad
characteris tics of various cellular networks and long and mediumrange
wireless data network technologies are examined throughout Part 2:
“Wireless Technologies & Applications. “ This kind of valuable
information helps IT professionals appreciate the challenge of making
wireless devices and net works secure.
Of course, there are currently a number of wireless security protocols in use.
An
overview of these technologies, including Secure Sockets Layer (SSL),
Wireless Transport Layer Security (WTLS), and Secure Internet Protocol
(IPSec), is provided in Part 1, Chapter 3: “Introduction to Wireless
Security Protocols & Cryptography. “ The capabilities and limi
tations of these security methods, and the strategies for deploying them
Foreword
in a cohesive and comprehensive wireless security system, is discussed
in Part 3: “Wireless Deployment Strategies. “ Encompassing the
historical and technological evolution of wireless communications, from
Marconi's first wireless radio transmission in 1894 to today's wireless
Internet, Wireless Security will help you deploy secure wireless
technologies throughout your organization.
Using
this book as a guide, you will be able to enjoy all the benefits of
wireless, the freedom and the flexibility, while strongly mitigating its
inherent security risks. Mastering this information can help you
control and protect your wire less networks, and the critical
information they transmit. We hope that readers will benefit as much
from this book as from the other acclaimed titles previously released by
RSA Press.
We
always welcome your comments and your suggestions for future titles.
For more information on RSA Security Inc. , please visit our website at
rsasecurity. com; to learn more about RSA Press, please visit www.
Rsapress. Com. Scott T. Schnell Senior Vice President Sales, Marketing,
and Corporate Development
PART I Introduction to Wireless
CHAPTER I Welcome to a Wireless World
Ever
since Guglielmo Marconi transmitted the first wireless radio signal
through the Italian hillside in 1894, wireless technologies have trans
formed how people communicate and receive information. From the
amplitude modulation (AM) Radio sets of the 1920s to the multiple wire
less devices of the twentyfirst century, wireless technologies have
evolved dramatically, defining new industries in the process and
spawning a host of new products and services.
As
the twentyfirst century unfolds, wireless technologies have become an
increasingly important technology area and a vital catalyst for eco
nomic growth. Unfortunately, these new wireless technologies have been
coupled with confusion. Today's business and technology press are
replete with a myriad of terms and abbreviations including Code Division
Multi ple Access (CDMA), Global System for Mobile Communications (GSM),
Time Division Multiple Access (TDMA),802.11, Wireless Application Pro
tocol (WAP), third generation (3G), General Packet Radio Service (GPRS),
Bluetooth, imode, and so on.
The
sheer number of new technologies can be daunting to consumers and
enterprises alike. Will these technologies coexist? Are they mutually
exclusive? Are they globally availableThe sheer number of new wireless
technologies and services indicates that this is just the beginning of
the wireless revolution. Wireless devices and services are projected to
experience high growth rates in the foresee able future.
By
2004, over 1 billion people worldwide are expected to carry a cellular
phone, a 105 percent increase from 2000 (see Figure 1- 1). The market
projections for other wireless technologies such as wireless local area
networks (LANs) And Bluetooth are equally impressive.
Accord
ing to market researcher International Data Corporation (IDC), the wire
less LAN equipment market grew 80 percent in 2000 and is expected to
continue robust growth into the future as wireless networking is
installed in airports, hotels, academic settings, and corporations (see
Figure 1- 2). The forecast for Bluetooth, a new shortrange (less than
10m) Wireless technology for interconnecting devices and peripherals
like printers, per sonal digital assistants (PDAs), keyboards, and cell
phones is impressive as well (see Figure 1- 3). By 2005, nearly 1
billion Bluetoothenabled devices will be shipping worldwide, according
to Cahner's InStat Group.
Collectively,
this means that even with the astonishing advances in wire less
technology over the last 20 years, further technological advances will
still occur in the future. Figure 1- 1 Worldwide wireless phone users
1.400 1,200 (Millions) 600 400
Figure
1- 2 Wireless LAN market forecast,2000 to 2005 S3.5 S3.0 $2.5 Equipment
j 2 o Revenue (SB) $1.5 $1.0 $0.5 so. O Figure 1- 3 Bluetooth market
forecast,2000 to 2005 Bluetooth Enabled Equipment (Millions) 1,000 800
600 400 200 Calmers InStart Group, April 2001 History of Wireless
Technologies In order to understand where the wireless market is headed,
it helps to understand from where the wireless industry has come.
Wireless
technology started in the late nineteenth century with the development
of Marconi's wireless telegraphy. Patented in 1896 in Eng land, this
technology enabled the transmission of wireless radio waves across great
distances. However, Marconi's technology could only send the dots and
dashes of the Morse code; it was not capable of sending voice waves.
Thus, its initial user was limited to applications like shiptoship and
shiptoshore communicationOnce Marconi's invention demonstrated wireless'
potential, individuals and companies raced to develop technology to
send voice waves through the air. Following Marconi's success, American
inventor Reginald Fes senden completed the first true radio broadcast in
1906 and the wireless revolution commenced in earnest.
By
the 1920s, companies such as General Electric (GE), AT&T, and the
newly created Radio Corporation of America (RCA) Were aggressively cre
ating the first real wireless industry: the AM radio. The results were
stag gering and eerily similar to the growth of the Internet 70 years
later. “Overnight, it seemed, everyone had gone into broadcasting,
newspa pers, banks, public utilities, department stores, universities
and colleges, cities and towns, pharmacies, creameries, and hospitals,
among others. “ 1 As radio content grew, so did the consumer demand for
radio.
By
1929, over 6 million radios were in use in the United States, providing
con sumers with a new mechanism for receiving content and information.
In just over 20 years, radio technology had reached 25 percent of the
popu lation. At that time, it was the fastest adoption of any massmarket
tech nology (see Figure 1- 4). Wireless technologies expanded despite
the global depression of the 1930s, as other new technologies such as
frequency modulation (FM) Radio and television were developed. The
advent of World War II further accel Figurc 1- 4 Household Electricity
(1873) Comparative adoption of massmarket technologies Telephone (1875)
Radio (1906) TV (1925) VCR (1952) PC (1975) Cell Phone (1983) 0 10 20 30
40 50 Years to Reach 25% of US Population 'Tom Lewis, Empire of the
Air, New York: Harper Collins,1991,162- 163 erated wireless development
as the military provided significant resources to further product
development. Following World War II, the development of new massmarket
wireless technologies stalled.
The Soviet launch of the Sputnik satellite in 1957 changed everything.
Overnight,
the United States and the former Soviet Union raced to put a man on the
moon, throwing massive amounts of human capital and money into new
spacerelated technologies. Commu nicating with spaceships required
advanced wireless communication sys tems, and vendors raced to develop
new wireless systems. These efforts generated information that would
prove useful to the design of future wireless systems. The 1970s—The
First Wireless Networks The first wireless phone systems appeared in the
United States in the 1970s. Based on technology developed at AT&T's
Bell Labs in the late 1940s, these systems were analog, operated in a
limited frequency range, and could only handle a low volume of
simultaneous calls.
Initial
uses were in law enforcement and public safety. A key limitation of
these systems was that they did not support communication continuity
during movement from one cell to another.2 Demand for mobile voice grew
during the 1970s, requiring the devel opment of methods to support more
users in a single cell and mobility between cells. Using cell sites of
less than 1km in diameter, operators designed systems that, for the
first time, enabled calls to be transferred from cell site to cell site,
enabling true mobile voice. The first system of this type to be
installed was AT&T's Advanced Mobile Phone Service (AMPS), which was
deployed in Chicago in 1979. Similar systems were installed in Europe
and Japan in the early 1980s. These systems are now referred to as
firstgeneration networks. The firstgeneration networks were hardly
indicative of the future potential of wireless technology. Demand for
mobile telephony started to outstrip available network bandwidth,
leading to dropped connections. In 1981, the New York City system could
only handle 24 simultaneous calls and the network operators limited the
total subscriber base to only 700 2 Sami Tabane, Handbook of Mobile
Radio Networks, Boston: Artech,2000,206users! 3 The limited capacity
restricted mobile phone usage to an elite group of people.
Plus,
the early mobile handsets were large and heavy. Nev ertheless, demand
and interest in the mobile phone only increased. Net work operators
eagerly upgraded networks to meet the growing demand. The biggest hurdle
to further network development was the wireless radio frequency.
Previously, governments allocated radio spectrum pri marily for military
and law enforcement purposes. Government regula tion of wireless
spectrum was not a highly visible public policy issue. Faced with these
emerging wireless technologies, governments around the world needed
policies and procedures to allocate additional wireless spec trum in an
appropriate manner. In the 1980s, the United States and the rest of the
world took divergent policies to promote the development of new wireless
networks.
In
Europe and Asia, the policy thrust was driven toward the development of
a single wireless voice standard (GSM), while there were competing
standards in the United States. These will be discussed in more detail
in the next sec tion. At the time, these differences did not warrant
much attention from policy makers and technologists alike.
Only
in the twentyfirst century would these differences manifest themselves.
By this time, the wireless market had evolved and growing interest had
created the need for a true global wireless network. Unfortunately,
these differences would prove to make that dream difficult to achieve in
the short term. The 1980s—Wireless Markets Start to Evolve Following
the success of the AMPS systems, pressure grew on the U. S. government
to allocate additional radio spectrum for wireless communi cation.
The
Federal Communications Commission (FCC) Was tasked to regulate the
market, through licensing new radio spectrum. In the spring of 1981, the
FCC announced its intention to allocate 40 MHz of spectrum in the major
metropolitan markets in the United States. This was a sig nificant step
forward in capacity. This spectrum enabled 666 channels for cellular
communication in each major metropolitan market. Compared to the 44
channels that had been previously allocated to cellular service, this
was a quantum leap in capacity..... Download Security Wireless
Nhận xét
Đăng nhận xét