Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network and Internet Security

Published byAmi Riley Modified over 8 years ago

Similar presentations

Presentation on theme: "Network and Internet Security"— Presentation transcript:

1 Network and Internet Security
Wireless Network Security

2 Wireless Network Security
IEEE is a standard for wireless LANs. Interoperable standards compliant implementations are referred to as Wi-Fi IEEE i specifies security standards for IEEE LANs, including authentication, data integrity, data confidentiality, and key management. Interoperable implementations are also referred to as Wi- Fi Protected Access (WPA) The Wireless Application Protocol (WAP) is a standard to provide mobile users of wireless phones and other wireless terminals access to telephony and information services, including the Internet and the Web WAP security is primarily provided by the Wireless Transport Layer Security (WTLS), which provides security services between the mobile device and the WAP gateway to the Internet There are several approaches to WAP end-to-end security. One notable approach assumes that the mobile device implements TLS over TCP/IP and the wireless network supports transfer of IP packets Hi-Fi (High Fidelity)

3 IEEE IEEE 802 is a committee that has developed standards for a wide range of local area networks (LANs) A new working group was formed IEEE , with a charter to develop a protocol and transmission specifications for wireless LANs (WLANs). Wireless Ethernet Compatibility Alliance (WECA) later renamed as Wi-Fi (Wireless Fidelity) Alliance certifies interoperability for b products The Wi-Fi Alliance is concerned with a range of market areas for WLANs, including enterprise, home, and hot spots the Wi-Fi Alliance has developed certification procedures for IEEE security standards, referred to as Wi-Fi Protected Access (WPA) The most recent version of WPA, known as WPA2, incorporates all of the features of the IEEE i WLAN security specification

4 IEEE 802.11 Protocol Stack Physical Layer Medium Access Control
Includes such functions as encoding/decoding of signals and bit transmission/reception Includes a specification of the transmission medium Defines frequency bands and antenna characteristics Medium Access Control On transmission, assemble data into a frame, known as a MAC protocol data unit (MPDU) with address and error-detection fields. On reception, disassemble frame, and perform address recognition and error detection Govern access to the LAN transmission medium

5 IEEE 802.11 Protocol Stack Logical Link Control
Responsible not only for detecting errors using the CRC Recovering errors by retransmitting damaged frames

6 IEEE 802.11 Extended Service Set

7 IEEE 208.11 Services Distribution of message within DS
Integration Association related services Association Reassociation Diassociation No Transition BSS transition ESS transition

8 IEEE 208.11i Wireless LAN Security
Characteristics of wired LAN that are not inherent in a wireless LAN To transmit over a wired LAN, a station must be physically connected to the LAN. With a wireless LAN, any station within radio range of the other devices on the LAN can transmit [Authentication] In order to receive a transmission from a station that is part of a wired LAN, the receiving station also must be attached to the wired LAN [privacy] The original specification included a set of security features for privacy an authentication that were quite weak For privacy, defined the Wired Equivalent Privacy (WEP) algorithm The Wi-Fi Alliance promulgated Wi-Fi Protected Access (WPA) as a Wi-Fi standard The final form of the i standard is referred to as Robust Security Network (RSN)

9 IEEE i Services Authentication: A protocol is used to define an exchange between a user and an AS that provides mutual authentication and generates temporary keys to be used between the client and the AP over the wireless link Access control: This function enforces the use of the authentication function, routes the messages properly, and facilitates key exchange. It can work with a variety of authentication protocols. Privacy with message integrity: MAC-level data (e.g., an LLC PDU) are encrypted along with a message integrity code that ensures that the data have not been altered.

10 IEEE 802.11i Phases of Operation
Two wireless stations in the same BSS communicating via the access point (AP) for that BSS. Two wireless stations (STAs) in the same ad hoc IBSS communicating directly with each other. Two wireless stations in different BSSs communicating via their respective APs across a distribution system. A wireless station communicating with an end station on a wired network via its AP and the distribution system.

11 IEEE 802.11i Phases of Operation

12 Wireless Application Protocol (WAP)
A universal, open standard developed by the WAP Forum to provide mobile users of wireless phones and other wireless terminals WAP is designed to work with all wireless network technologies (e.g., GSM,CDMA and TDMA) WAP is based on existing Internet standards, such as IP, XML, HTML and HTTP The WAP specification A programming model based on the WWW Programming Model A markup language, the Wireless Markup Language, adhering to XML A specification of a small browser suitable for a mobile, wireless terminal A lightweight communications protocol stack A framework for wireless telephony applications (WTAs)

13 WAP Insfrustucture The WAP architecture is designed to cope with the two principal limitations of wireless Web access: the limitations of the mobile node (small screen size, limited input capability) and the low data rates of wireless digital networks. Even with the introduction of 3G wireless networks, which provide broadband data rates, the small hand-held mobile nodes continue to have limited input and display capabilities. Thus,WAP or a similar capability will be needed for the indefinite future.

14 Wireless Transport Layer Security
Provides security services between the mobile device (client) and the WAP gateway Based on the industry-standard Transport Layer Security (TLS) Protocol, which is a refinement of the Secure Sockets Layer (SSL) protocol To provide end-to end security WTLS is used between the client and the gateway TLS is used between the gateway and the target server WAP systems translate between WTLS and TLS within the WAP gateway

15 Wireless Transport Layer Security
WTLS provides the following features Data integrity: Uses message authentication to ensure that data sent between the client and the gateway are not modified. Privacy: Uses encryption to ensure that the data cannot be read by a third party. Authentication: Uses digital certificates to authenticate the two parties. Denial-of-service protection: Detects and rejects messages that are replayed or not successfully verified.

16 Wireless Transport Layer Security
WTLS Sessions and Connections Secure connection: A connection is a transport (in the OSI layering model definition) that provides a suitable type of service For SSL, such connections are peer-to-peer relationships The connections are transient Every connection is associated with one session Secure Session An SSL session is an association between a client and a server Sessions are created by the Handshake Protocol Sessions define a set of cryptographic security parameters, which can be shared among multiple connections Sessions are used to avoid the expensive negotiation of new security parameters for each connection Between any pair of parties (applications such as HTTP on client and server), there may be multiple secure connections. In theory, there may also be multiple simultaneous sessions between parties, but this feature is not used in practice.

17 Wireless Markup Language
Text and image support: Formatting and layout commands are provided for text and limited image capability. Deck/card organizational metaphor: A card specifies one or more units of interaction (a menu, a screen of text, or a text-entry field). A WML deck is similar to an HTML page in that it is identified by a Web address (URL) and is the unit of content transmission Support for navigation among cards and deck WML includes provisions for event handling, which is used for navigation or executing scripts

18 Reference books Cryptography and Network Security Principles and Practices William Stallings Network Security PRIVATE Communication in a PUBLIC World Chalie Kaufman, Radia Perlman, Mike Speciner

Download ppt "Network and Internet Security"

Similar presentations

Mobile IP and Wireless Application Protocol

Mobile IP and Wireless Application Protocol
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols

Internet Security Protocols
Cryptography and Network Security Chapter 17 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 17 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Protocols and the TCP/IP Suite Chapter 4 (Stallings Book)

Protocols and the TCP/IP Suite Chapter 4 (Stallings Book)
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite
WAP-Wireless application Protocol

WAP-Wireless application Protocol
Mobile IP and Wireless Application Protocol

Mobile IP and Wireless Application Protocol
WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.

WAP: Wireless Application Protocol Mike Mc Ardle ACSG April, 2005.
Chapter 8 Web Security.

Chapter 8 Web Security.
IEEE Wireless LAN Standard

IEEE Wireless LAN Standard
Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.

Wireless Application Protocol (WAP) Reference: Chapter 12, section 2, Wireless Communications and Networks, by William Stallings, Prentice Hall.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
 An electrical device that sends or receives radio or television signals through electromagnetic waves.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.

Similar presentations

Ads by Google