Introduction
WLAN, Wireless Local Area Network, can generally be defined as a computer network architecture that allows communication between various localized (i.e. located over a short distance) computing devices making use of radio or infrared technology and hence eliminating the need to wire all the networked computers together. Today wireless LANs are widely deployed in places such as corporate office conference rooms, industrial warehouses, Internet-ready classrooms, and even coffeehouses.
Main text
“Wireless communication involves transmitting signals via radio waves through air and space. Signals are measured in frequency and amplitudes” (Harris, n.d.). The frequency determines the amount of data that can be carried. However higher frequencies are also prone to greater interference from the atmosphere as the distance from the source increases.
“A wide range of broadband wireless data transmission technologies are used in various frequency ranges. Broadband wireless signals occupy frequency bands that may be shared with microwave, satellite and radar, for example.” (Harris, n.d.) These technologies are used for television transmissions, cellular phones, satellite transmissions, spying, surveillance, and garage door openers etc.
WLAN uses a transceiver, called an access point (AP), which connects to an Ethernet cable; this cable links the wireless devices to the wired network.
The APs are in fixed locations throughout a network and work as communication beacons.
Typically, computers on a wireless LAN have a radio modem, MAC (Media Access Controller) controller, a host interface and the driver. The radio modem transmits data onto and receives data from the frequency band. The MAC controller mainly controls the data packet format, channel access mechanism etc. The driver is actually software that acts as an interpreter between the operating system and the hardware. Each device over the WLAN shares an allotted finite radio frequency spectrum with all other wireless devices within the same network. In order to avoid collision of data packets over this shared spectrum, one wireless device sends out a broadcast indicating that it is going to transmit data. This is received by other devices causing them to hold their transmissions off.
Standards are developed so that different vendors can create products that are capable of working seamlessly with other vendors’ products. The first WLAN standard was 802.11 developed in 1997. It outlines how wireless clients and APs communicate, lays out interface specifications, “dictates how signal transfer should take place and describes how authentication, association and security should be implemented.” (Harris, n.d.)
In order for a host to participate within a particular WLAN, it must be configured with the proper Service Set ID (SSID). “The SSID is a construct that allows logical separation of wireless LANs. In general, a client must be configured with the appropriate SSID to gain access to the wireless LAN. The SSID does not provide any data-privacy functions”; it does not truly authenticate the client to the access point either.
In order to be authenticated, a client broadcasts a ‘probe request frame’ on every channel. (A channel is a certain frequency within a given frequency band). All APs within the range responds to this with a ‘probe response frame’. The client decides the best AP for access and sends an authentication request to it. The access point sends an authentication response. If authentication is successful, the client sends an association request frame to the AP which then replies with an association response. After this response is received by the client, it can participate in the traffic through the AP.
To authenticate a device on the WLAN, the wireless standard 802.11 provides two methods i.e. Open System Authentication (OSA) and Shared Key Authentication (SKA). In OSA, the wireless device does not have a specific cryptographic key to allow for authentication with the AP. As such OSA is a “null-authentication algorithm” that allows any device network access. SKA on the other hand requires that the client configure a static key that is used to send an encrypted message to the AP. If the AP can decrypt this message, it responds with an authentication response that grants the client access.
Summary
Wireless LAN deployments should be made as secure as possible. Standard 802.11 security is weak and vulnerable to numerous network attacks which include sniffing data packets, collecting particular frames or coercing information from a WLAN to derive the key to gain authentication etc. A number of vendors offer solutions to prevent exploitation of these vulnerabilities, for example Cisco Wireless Security Suite which can augment 802.11 security to create secure wireless LANs.
References
- Harris, S. (n.d.) All In One CISSP Exam Guide. McGraw Hill/
- Tourrilhes, J. (2000). A bit more about the technologies involved… Web.
- Wireless LAN Security White Paper. Web.
- Configuration examples and TechNotes. Web.
- Wireless LAN. Web.
- What is Infrared Wireless LAN. Web.