Product SiteDocumentation Site

Chapter 4. Security

4.1. Unique Challenges
4.2. Wired Equivalent Privacy (WEP)
4.3. Wi-Fi Protected Access (WPA)
4.4. Wireless Security Myths
4.5. Best Practices
This chapter covers the security concerns and features of IEEE 802.11 WLANs, including the unique challenges presented by using a wireless access medium; the encryption mechanisms; wireless security myths; best practices when configuring and using a WLAN; and several resources for further reading.

4.1. Unique Challenges

As described in Section 1.5, “Considerations”, a WLAN uses an unbounded medium. This introduces several challenges to effective security. The standard security model known as CIA, or Confidentiality, Integrity and Availability can be applied to the unique elements of wireless data transmission. This three-tiered model is a general framework for assessing risks to sensitive information and establishing security policy. The following describes the CIA model as it applies to WLANs:
  • Confidentiality - This part of the CIA model states that sensitive information must be available only to a set of pre-defined individuals, and unauthorized transmission and usage of information should be restricted. This element of the CIA model is worthy of attention when using a WLAN simply because the radiated signal can easily travel beyond the traditional borders of the network, through walls and other fixtures, and can become available to unauthorized users much more easily. This is especially true when using no encryption, weak encryption or if the network has other design flaws.
  • Integrity - This part of the model states that information should not be altered in ways that render it incomplete or incorrect, and unauthorized users should be restricted from the ability to modify or destroy sensitive information. Much like the confidentiality element, affording unauthorized users a greater opportunity to intrude on the network can compromise the level of integrity of data. Data integrity checks are also integrated into the communication and encryption mechanisms used.
  • Availability - This part of the CIA model states that information should be accessible to authorized users any time that it is needed. Availability is a warranty that information can be obtained with an agreed-upon frequency and timeliness. This element applies to all networking equipment - that a network service is available when needed, and it is no different for wireless equipment. Sufficient knowledge of the hardware and how a wireless LAN operates at a low level is important in order to provide reliable, timely network capabilities, especially in a complicated environment and where reliability is crucial.