You are on page 1of 3

Part Three

Mobility and Security


The recent developments in electronics, networking, and microprocessing as
well as the driving needs of enterprise operations and the contemporary ways of
personal entertainment have fostered a widespread deployment of mobile
equipment. Consequently the market for wireless communications has enjoyed
tremendous growth, since mobile equipment can provide a variety of services,
including, but not limited to, communication with remote systems, connections
with devices in a local environment, access to networks and services and
provision of services traditionally offered by wired systems.Wireless technology
now reaches or is capable of reaching virtually every location on the face of the
earth, and hundreds of millions of people exchange information every day using
cellular telephones and other wireless communication products.
The security measures that were identified and analyzed in the previous
parts are valid and necessary in a mobile environment as well. Thus, access
control techniques, the need for data encryption, the design of efficient and
responsive firewalls, the enforcement of intrusion prevention and protection
methodologies as well as the need for user authentication are also necessary in a
mobile environment. The lack of physical access control, though, exaggerates
the above mentioned problems and also creates new ones. The use of mobile
devices rows makes eavesdropping data theft and alteration of available
information easier to be achieved. Thus, it is necessary to introduce additional,
to the logical security measures, protective mechanisms against physical
attaches.
Various communication protocols have been implemented in order to satisfy
the needs of this emerging new area of mobile and wireless
telecommunications. The Institute of Electrical and Electronics Engineers
(IEEE) standard for wireless local area networks (WLANs) is 802.11. Originally
designed for 1–2 Mbps data rate, protocol extensions IEEE 802.11a, IEEE
802.11b, and IEEE 802.11g allow faster data rates of 11 and 54 Mbps. The
development and application of wireless local networks produce a number of

Network Security: Current Status and Future Directions, Edited by C. Douligeris and D. N. Serpanos
Copyright © 2007 the Institute of Electrical and Electronics Engineers, Inc.

271
272 Part Three Mobility and Security

problems. In general, the risks associated with WLANs can be grouped into two
categories. First, data transfers from one endpoint to another are not constrained
to a cable; therefore, any device within the range of the transmitter of the
wireless signal can intercept data transmissions. Second, several protocol
weaknesses unique to the 802.11 standard can be exploited to allow
unauthorized access or cause denial-of-service attacks on a wireless local
network.
The Bluetooth protocol is designed for wireless communication between
Bluetooth-enabled equipment. Several issues arise with respect to the security
of communications between such machines. Bluetooth is criticized for not being
secure, and as it is used in a large number of mobile phones, security holes
might allow illegal access to personal information like phone books or business
cards. It might even be possible for an attacker to get phone or data calls on
another subscriber’s account. It is clear that the weaknesses in specifications as
well as implementation mistakes might cause severe damage to the users.
Moreover, while in the traditional mobile computing environment
communication is performed through static infrastructures, with base stations
that support the communication between wireless end nodes, mobile ad hoc
networks (MANETs) are a paradigm for mobile communication in which
wireless nodes do not rely on any underlying static network infrastructure for
services such as packet routing, name resolution, node authentication, or
distribution of the computational resources. The communication medium is
broadcast and the nodes can be regarded as wireless mobile hosts with limited
power, range, and bandwidth. Nodes in range communicate in a direct peer-to-
peer manner. Nodes out of range establish routing paths dynamically through
other nodes when possible. Such networks can be set up and deployed rapidly
anywhere, anytime.
The deployment of MANETs is now considered for several applications.
Examples include emergency deployments, disaster recovery, search-and-rescue
missions, sensor networks, and military (battlefield) operations. Other
applications involve home-area wireless networking, distributed networking,
dynamic group communication, on-the-fly conferencing applications, and
communication between mobile robots. Since the network nodes are mobile, the
network topology frequently changes. Communication links are established or
broken as nodes move and the network may get partitioned with the
connectivity restricted to the partitions.
The primary concern with ad hoc networks is their unpredictable topology
and their bandwidth limitations. As a result it may be much harder (or even
impossible) to establish security associations and find secure routes between
Part Three Mobility and Security 273

nodes. Indicative security issues related to ad hoc networks involve node


authentication, insider attacks, key agreement, and intrusion detection.
Sensor networks are an another technology emerging for monitoring
physical processes. Sensor networks have quite different characteristics that
affect network design. Security requirements are rather strict and hard to meet
in such systems, while a wide range of applications is envisioned.
However, as mobile devices proliferate and their diversity grows, few are
appropriately secured against the risks associated with potential sensitive data
exposure. As new protocols and standards for wireless communication are
introduced and applied, more security holes and hazards are discovered and
exploited by malicious users. In the new emerging communication era, where
clients are connecting to ever-growing networks, sometimes even in an ad hoc
fashion, where data transfer is carried out using wireless devices and nodes are
no longer stationed in a fixed place, security is of paramount importance.
The next chapters address the security problems and considerations that
arise when communication is achieved through mobile or wireless nodes.
Chapter 16 presents matters related to mobile terminal security. Chapter 17
presents IEEE 802.11 and the security risks arising from its application in
WLANs. Chapter 18 introduces the Bluetooth standard and describes ways to
secure communication based on it. In Chapter 19 the security framework of the
advanced mobile telecom networks is presented and analyzed, while in Chapter
20 MANETs are introduced and described and an overview of current security
solutions for MANETs is presented as well as several security models for ad
hoc networks. Finally, in Chapter 21 wireless sensor networks are described
together with security matters arising from their use.

You might also like