Wireless wonders target secure standards
21 April 2010
Short range wireless technology and security standards - how have
standards developed and where will they go in the future?
Daryl Miller assesses the situation
Over the past decade, wireless networks have played a key role in revolutionising access to technology in our society.
From the office to the home, wireless connectivity for most computing devices has become commonplace, but the appeal of wireless connectivity extends beyond these typical scenarios. Increasingly, users and manufacturers in physical security, healthcare, fleet management, retail, industrial automation and other businesses seek to improve the value of their products and services by adding untethered network connectivity.
However, designers who want to capitalise on the growing acceptance of wireless technologies must also consider factors such as wireless communications standards, certification and regulatory requirements, power usage, data throughput, data security and physical size when contemplating their design. Balancing these requirements with the need to bring products to market quickly can often pose a challenge for designers who are new to wireless implementations. To ensure customer acceptance, it is essential that companies understand the advances in today’s complex wireless landscape including security protocols and the standards that relate to them. This enables manufacturers to offer effective networking solutions that provide reduced installation and maintenance costs, mobility, and the data security that customers demand.
Wireless standards
Once a decision is made to deploy a wireless network, the overriding question then becomes one of standards. So what are the standards? Short range wireless technology includes networks with ranges of 100 metres or less.
A few of the relevant standards are detailed below:
IEEE 802.11 is a set of standards defining Wireless Local Area Network (WLAN) computer communication in the 2.4 and 5 GHz frequency bands. They are managed by the IEEE LAN/MAN Standards Committee (IEEE 802).
The 802.11 family includes over-the-air modulation techniques that use the same basic protocol. The most popular are those defined by the 802.11b and 802.11g protocols, and are amendments to the original standard.
802.11-1997 was the first wireless networking standard, but 802.11b was the first widely accepted one, followed by 802.11g and 802.11n (currently in draft). 802.11g boasts up to 54mbits/s net bit rate and 802.11n up to a huge 600mbits/s (your actual ‘mileage’ may vary).
Security was originally purposefully weak due to the export requirements of some governments, and was later enhanced via the 802.11i amendment after governmental and legislative changes. 802.11a and the soon to be finalised 802.11n standards allow for equipment in the 5 GHz frequency band.
This is exciting in many applications where the 2.45 GHz band is saturated. Hospitals, for example, look to segment their wireless traffic between these two bands depending on the application. For instance all computer platforms on 2.45 GHz; all medical devices on 5 GHz.
IEEE 802.15.4 is a standard which specifies the physical layer and media access control for Low-Rate Wireless Personal Area Networks (LR-WPANs). It is maintained by the IEEE 802.15 working group.
It is the basis for the Zigbee, WirelessHART and MiWi specifications, each of which further attempts to offer a complete networking solution by developing the upper layers which are not covered by the standard. Alternatively, it can be used with 6LoWPAN and standard Internet protocols to build a Wireless Embedded network.
IEEE standard 802.15.4 intends to offer the fundamental lower network layers of a type of Wireless Personal Area Network (WPAN) which focuses on low-cost, lowspeed (< 100kbits/s), low power communication between devices (in contrast with other, more end user-oriented approaches, such as Wi-Fi).
IEEE802.15.1 is another WPAN protocol which is found deployed in devices which are transient. It is ubiquitous in mobile phones and earpieces. It is also found in some HID (Human Interface Devices) products like keyboards, mice, and gaming controllers. It typically consumes more power than 802.15.4 devices and costs more per node but supports higher data throughput (1 to 3 mbits/s) and wider range.
Wireless security
Just like the doors of a building, a secure network requires at least one key to enter, or “authenticate” the user. Depending on the implementation, these keys may be static pre-shared keys or may be exchanged using a public key, private key method relying on certificates for authenticity. Once a ‘user/device’ is validated, encryption (AES, IPSec, etc) is used to obfuscate the data. So what methods are currently available to provide suitable protection from hackers?
Wired Equivalent Privacy (WEP) is a deprecated algorithm used to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping and cracking than wired networks. When introduced in 1997, WEP was intended to provide confidentiality comparable to that of a traditional wired network (thus the name).
Beginning in 2001, several serious weaknesses were identified by cryptanalysts with the result that today a WEP connection can be cracked with readily available software within minutes. Despite its weaknesses, WEP is still widely in use due to ease of setup and lack of knowledge.
Wi-Fi Protected Access (WPA and WPA2) is a certification program created by the Wi-Fi Alliance. WPA implemented a subset of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was being finalised. Specifically, the Temporal Key Integrity Protocol (TKIP) was included in WPA.
The later WPA2 certification mark indicates compliance with an advanced set of protocols which implement the full IEEE802.11i standard. Products that have successfully completed testing by the Wi-Fi Alliance for compliance with the protocol can bear the WPA certification mark.
Wireless isn't easy; modules help
Wireless technology is complex, which is why many developers turn to pre-engineered modules (such as those produced by Lantronix) in a drive to meet the aforementioned standards and security protocols. Most importantly these modules can cut product development time by 6-18 months and reduce time-to-market, a factor that is crucial in the current economic climate. One often overlooked benefit is the pre-certification these modules carry saving the implementer much time, money, and the headaches associated with agency (EN, FCC, IC, etc) testing.
What’s in store for the future?
Wireless standards are constantly evolving. Here is a quick overview of a few interesting standards on the horizon:
• IEEE 802.11k is an amendment to the IEEE 802.11-2007 standard for radio resource management. It defines and exposes radio and network information to facilitate the management and maintenance of a mobile Wireless LAN.
• IEEE 802.11r or fast BSS transition (FT) is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one access point to another managed in a seamless manner.
• IEEE 802.11s is a draft IEEE 802.11 amendment for mesh networking, defining how wireless devices can interconnect to create an ad-hoc network by communicating via one another.
Achieving Top-Notch Wireless Security
Today’s advanced data security methods allow companies to deploy wireless connectivity and embed remote monitoring applications in their end devices with confidence. The authentication and encryption embodied in products conforming to IEEE802.11i offer robust security and when layered with other secure protocols like SSH and SSL, implementers can feel confident that machines added to the wireless network are highly protected. Using modules which have implemented these standards allow companies creating wirelessly connected products to focus on their core competencies without the burden of integrating the security protocols and methods themselves. By coupling end-to-end device networking to secure remote monitoring applications, it is now possible to provide scalable, affordable, and secure options for virtually any situation.
DARYL R. MILLER is Vice President of Engineering at Lantronix
Contact Details and Archive...
Related Articles...
Most Viewed Articles...