www.internetnews.com/wireless/article.php/1464431
By Seng Li Peng September 17, 2002 Some, such as research firm IDC, have called wireless local area network (WLAN) as the "Next Disruptive Technology". According to IDC, revenues from wireless LAN sales in Asia (excluding Japan) will reach US$350 million by 2005, up from US$45 million in 2000, with a Compound Annual Growth Rate (CAGR) of 51 percent. This is not pure hype as many vendors including Gemtek Systems Inc., a company that designs and builds wireless infrastructure for Public Access providers, have observed that "organizations all over the world are increasingly looking at implementing WLAN," says Bonnie Cheong, its vice president of communications. "In Asia, Japan and Korea have the highest WLAN adoption rate. While Japan is often at the forefront of new technologies, Korea sees WLAN as the easiest way to bring the last mile of broadband into the home," she adds. The benefits associated with WLAN, designed to co-exist with wired networks rather than to replace them, are abundant. One of which is it eliminates the labor costs associated with cabling and maintenance. The other is "ease of use" and it "allows users to be connected anytime and anyway ... enabling a true mobile workforce," Cheong says. She adds that the WLAN connection in her office is also faster than her ADSL connection at home. "This is one of the key success factors for WLAN while another is that it enables multiple users to simultaneously share the same medium."
Key Weaknesses Security threats are one of the top barriers for some corporations. As the current generation of WLANs is predominantly based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11b, the authentication mechanism is based on the knowledge of a shared pre-installed key. "Unfortunately, pre-shared authentication keys are not a robust security mechanism and are susceptible to security attacks," says Mohan Atreya, technical consultant, Systems Engineering, Developer Solutions Group, RSA Security. He adds: "Despite that an encryption mechanism called WEP (Wired Equivalent Privacy) has been defined for use in IEEE 802.11b-enabled WLANs, the secret key used for encrypting the session can be easily retrieved by sniffing a number of encrypted packets sent over air." Generally, WLAN, whether or not it is based on 802.11 standards, is an easier target for a hacker when compared to wired ones. Data on most handheld devices are not encrypted and information can be stolen during the transmission process. "While buildings provide a physical first line of defense for wired networks, the signals transported by WLAN pass right through the walls and are transmitted into the public places such as the car parks or streets, making it vulnerable to attacks," Atreya comments. To make matters worse, some organizations view WLAN as secondary to the wired LAN and therefore have not put in place the stronger security needed, he adds.
What Can Be Done Another setback of VPN is that it may lower the performance of the wireless networks. In addition, VPN requires users to manually re-authenticate and set up a new VPN tunnel every time they roam between access points. This can prove cumbersome and users may avoid and ignore the VPN policies, Atreya explains. Under such circumstances, users may look to Encrypted File Protection, a solution that entails simple encryption process with a password, as an alternative. This is a common method used to encrypt sensitive information on corporate laptops and can be extended to handheld devices and PDAs accessing the WLANs. Another way of protecting information from being 'stolen' is not to provide sensitive information in the offline mode, Atreya advices. But whenever possible, "companies need to put security policies in place that require road warriors to use VPN clients and two-factor authentication when connecting to enterprise network form public hotspots. Without strong authentication, there is no way to distinguish between legitimate users and intruders who have stolen their laptops or handhelds," says Atreya. Currently, RSA Security, together with Cisco and Microsoft, are working together on the new Protected Extensible Authentication Protocol (PEAP) to tackle the roaming and authentication issues on WLAN. This protocol will enable roaming users to authenticate themselves via different mechanisms, including RSA SecurID tokens, smart cards, x.509 digital certificates and even passwords. More insightful issues surrounding WLAN in Asia will be discussed during the 802.11 Planet Conference & Expo that will be held on October 2 and 3 at The Pan Pacific Hotel, Singapore. Go to www.jupiterevents.com/80211/singapore02/index.html for more details.
Related articles on this site: |