More and more applications are being accessed through wireless systems, including commerce, medical, manufacturing, and others. Wireless devices have become an extension of corporate databases and individuals.
Their security compromises are as serious as any attack to the corporate database and may have damaging effects on the privacy of individuals and the protection of assets of an enterprise. Wireless devices include cellular phones, two-way radios, PDAs, laptop computers, and similar.
These are normally portable devices with limitations of weight, size, memory, and power. The increase in functions in cellular devices creates new possibilities for attacks. Standard attacks against the Internet may now take new forms.
Lists of vulnerabilities are already available, showing flaws in many existing products. Communicating in the wireless environment has its own issues and challenges. It is characterized by relatively low bandwidth and data rates, as well as higher error rates, and the need for low power consumption (for mobile devices).
The mobility of the nodes in cases such as ad hoc networks adds another significant layer of complexity and unpredictability. There exist many different forms of wireless communications and networking. Some popular forms of wireless communications include:
- Satellite communication: It uses microwave links, and provides global connection of many network infrastructures. There are three basic classes of satellites: GEO (Geostationary Earth Orbit), MEO (Medium Earth Orbit), and LEO (Low Earth Orbit).
- Cellular networks: These are currently among the most widely used types of networks. The geographic area is divided into cells . Each cell is serviced by a base station (BS) and several base stations are served by a Mobile Telecommunications Switching Office (MTSO) or a similar structure.
The latter provides connection to the wired telephone infrastructure. The new generation of cellular networks uses digital traffic channels, encryption, error detection/correction, and allows channel access to be dynamically shared by all users. Global System for Mobile communication (GSM) standard is widely used.
- Cordless systems: They are used inside homes and buildings, and provide wireless communications between a cordless device such as a telephone and a base station. Typically, TDMA (Time Division Multiple Access) and TDD (Time Division Duplex) communication protocols are used in such systems.
- Wireless Local Loops (WLL): They are used to provide last mile connections from the end user to the local switching telephone center. They have an advantage over their wired counterparts in low cost and relative ease of installation which can be done selectively and on demand.
- Mobile Internet Protocol (Mobile IP): It provides nomadic access from different access points (APs) allowing the user to maintain connectivity as he or she moves from one access point to another. Mobile IP includes processes of registration, move detection, agent solicitation, and tunneling of data messages.
- Wireless Local Area Networks (WLANs): They have increased popularity due to their characteristics of mobility, convenience, rapid deployment, and cost effectiveness, in addition to the small size, and increased power and speed of wireless devices. Two standards are typically used: IEEE 802.11 (Wi-Fi) and Bluetooth.
There are four types of WLANs:
- LAN extensions: They allow connection between mobile wireless devices and a wired network. Some example applications are manufacturing, stock exchange, and warehouses.
- Cross-building interconnects: They allow fast wireless connections between buildings. Microwave communications with dish-shaped antennas are used. This type is a link more than it is a LAN.
- Nomadic access: It is used to allow communication between mobile devices such as laptops, and PDAs to existing fixed wired networks. For example, applications can use such systems to transfer data from wireless devices to the home, office, or campus network.
- Mobile ad hoc networks (MANETs): As mobile wireless computers and devices become increasingly smart, small, portable, and powerful, the need to interconnect these devices increases. MANETs allow such computing devices to establish networks on the fly without any pre-existing infrastructure.
Numerous applications exist using MANETs such as disaster recovery, military missions, classrooms, and conferences. Multi-hop routing is used to provide communication between nodes (e.g., laptops or computers inside moving vehicles) that are out of range of each other.
Each host provides routing capabilities to the mobile network. MANETs have dynamic topologies as nodes are allowed to move from one location to another, as well as join and leave the network at any time. Typically, these networks use Wi-Fi and Bluetooth.
The security of wireless systems can be divided into:
- Security of the application — this means the security of user applications and standard applications such as e-mail.
- Security of the devices — how to protect the physical device in case it is lost or stolen.
- Security of the wireless communication — how to protect messages in transit.
- Security of the server that connects to the Internet or other wired network — after this server the information goes to a network with the usual security problems of a wired network.