How it Works
Nokia
Loading...
C111
User Manual [de]
11 pgs395.84 Kb0
User Manual
72 pgs1.26 Mb0
User Manual [sv]
67 pgs1.26 Mb0
User Manual [pt]
72 pgs1.25 Mb0
User Manual [no]
66 pgs1.22 Mb0
QUICK NETWORK Manual
4 pgs102.4 Kb0
User Manual [es]
10 pgs402.07 Kb0
DATA Security Manual
10 pgs173.08 Kb0
User Manual [nl]
10 pgs387.07 Kb0
INSTALLATION Manual
6 pgs712.09 Kb0
User Manual
67 pgs1.17 Mb0
User Manual [de]
74 pgs1.26 Mb0
User Manual [no]
10 pgs391.05 Kb0
DATA SECURITY
10 pgs278.63 Kb0
INSTALLATION GUIDE
11 pgs396.32 Kb0
User Manual [fi]
66 pgs1.23 Mb0
User Manual [sv]
10 pgs395.6 Kb0
User Manual [it]
72 pgs1.21 Mb0
User Manual [da]
66 pgs1.23 Mb0
User Manual [nl]
71 pgs1.19 Mb0
User Manual [es]
69 pgs1.23 Mb0
Security Manual [de]
11 pgs192.37 Kb0
Security Manual [it]
10 pgs183.54 Kb0
Security Manual [da]
10 pgs184.98 Kb0
Security Manual [nl]
11 pgs266.15 Kb0
Security Manual [pt]
10 pgs190.58 Kb0
Security Manual [fi]
10 pgs272.03 Kb0
Security Manual [es]
11 pgs191.37 Kb0
Security Manual [sv]
10 pgs190.28 Kb0
Security Manual [no]
10 pgs182.6 Kb0
User Manual [cz]
10 pgs502.36 Kb0
User Manual [el]
10 pgs341.44 Kb0
User Manual [it]
10 pgs391.07 Kb0
User Manual [da]
10 pgs393.99 Kb0
User Manual [pt]
10 pgs393.44 Kb0
User Manual [fi]
10 pgs395.59 Kb0
Table of contents
Loading...

Nokia C111 DATA Security Manual

Data Security

INTRODUCTION

Wireless local area networks are experiencing rapid growth. A continuously changing business environment requires greater flexibility from people and their working equipment. Therefore, enterprises of all sizes are starting to realise the importance of wireless connectivity inside the office premises. At the same time, the IEEE 802.11 and IEEE 802.11b industry standards for wireless LANs have opened up new possibilities for implementing wireless LAN solutions. With new interoperable wireless LAN products on the market, all enterprises and organisations are able to enjoy the convenience of wireless LANs. Many of these enterprises handle highly confidential data, and therefore security issues are often considered to be very important.
A wireless LAN is a flexible data communication system implemented as an extension to a wired LAN within a building or campus. Using radio frequency (RF) technology, wireless LANs transmit and receive data over the air, minimising the need for wired connections. Wireless LAN provides users with mobile access to a wired LAN in its coverage area. Wireless LAN has recently gained popularity in a number of vertical markets, including health care, retail, manufacturing, warehousing, and universities. These industries have profited from the productivity of using handheld devices and laptop computers to transmit real-time information to centralised hosts for processing. The demand to use LAN facilities wherever you are, and to work without complicated installations and cables, is also increasing in the everyday office environment. Standardisation of wireless LAN technologies makes it more attractive to extend or replace a part of a traditional LAN with a wireless solution.
When planning networking architecture, security issues should be carefully considered and all necessary security measures should be taken to ensure the confidentiality and integrity of data in both wired and wireless local area networks. Unlike telecommunication networks, LAN networks with IP traffic and access to the public Internet do not provide high reliability or guarantees of security. Without adequate precautions, any LAN, wired or wireless, may be vulnerable and subject to security risks and problems. For example, network data can be accessed or even altered by a hostile outsider who wishes to cash in by selling confidential business information to competitors. In the last couple of years, these risks have been complicating the full-scale use of wireless LANs containing confidential data, because users typically have strict requirements and policies for security and data integrity.
1

OVERVIEW OF DATA SECURITY

Security threats

Computer systems and networks face severe security threats, which may cause serious damage to a system, its services, or its information. A security attack is an action that compromises the security of information owned by a company, whereas a security threat is the possibility of execution of such an attack. Some commonly known threats are denial of service, interception, manipulation, masquerading, and repudiation.
Denial of service means that a system or network becomes unavailable for authorised users, or that the communication is interrupted or delayed. This situation could be caused by overloading a network with illegal packets, for example. In the case of wireless LAN, it can be caused by deliberate interference to operating radio frequencies, which disturbs the wireless network.
Interception can mean identity interception, in which the identity of a communicating party is monitored for the purposes of later misuse, or it can refer to data interception, in which an unauthorised user monitors user data during a communication session. This is an attack on confidentiality, and an example would be where an attacker listens in on the wireless - or wired - medium and captures the transmitted data.
Manipulation refers to a situation where data is replaced, inserted, or deleted in a system. This is an attack on data integrity and can be either unintentional (due to a hardware error) or intentional, where an attacker listens in on data communication and modifies user data.
Masquerading takes place when an attacker pretends to be an authorised user in order to gain access to information or to a system. An example of this in a wireless LAN would be when an unauthorised user tries to gain access to the wireless network.
Repudiation means that a user denies having done something that may be harmful for the system or communication. For example, users may deny that they have sent certain messages or used a wireless LAN system.

Security services and mechanisms

In order to protect against the above security threats, various security services and mechanisms need to be used. Security services enhance the security of information system and data transmissions. Security mechanisms, on the other hand, are the active measures that are used to provide security services. Encipherment is an example of a mechanism that can be used with different security services.
Authentication is a service that confirms the identity of an entity, such as a user or a device, or confirms the originality of a transmitted message. Authentication is typically needed to protect against masquerading and modification. In current wireless systems, for example, access points need to authenticate wireless devices to prevent unauthorised access to the network. Closely related to authentication is the access control service, which limits and controls access to network systems and applications. Entities must first be identified, or authenticated, before granting them access to a system.
2
Data confidentiality is the protection of transmitted data from interception. In wireless communications, this could mean that the data transferred between a wireless device and an access point in the air interface is kept private. Naturally, not all data is considered confidential, but critical information should not be transmitted unless security measures have been taken.
Data integrity is an important security service that proves that transmitted data has not been tampered with. Authenticating the communicating parties is not enough if the system cannot guarantee that a message has not been altered during transmission. Data integrity can be used to detect and protect data from being manipulated.
Non-repudiation prevents an entity from denying something that actually happened. This usually refers to a situation where an entity has used a service or transmitted a message, and later claims to not have done so.

SECURITY AND IEEE 802.11

Various security protocols and solutions exist that enable the protection of transmissions in computer networks. These can also be applied to wireless LANs where traffic needs to be protected from eavesdroppers. This section introduces the solutions that can be used to solve security problems in wireless LANs.
The IEEE 802.11 wireless LAN standard was ratified in 1997. The standard was developed to maximise interoperability between different brands of wireless LAN products as well as to introduce a variety of performance improvements and benefits. The IEEE 802.11 standard defines three PHY layer options: FHSS, DSSS, and IR. DSSS has some benefits compared to the other two PHY layer options. DSSS has the highest potential data rates (up to 11 Mbit/s), and it provides a greater coverage area than the FH and IR options. DSSS systems were originally used in military communication. DSSS-based radio systems are also very robust against interference.
The existing IEEE 802.11 wireless LAN standard defines two authentication services:
• Wired equivalent privacy (WEP) based shared key authentication
• Open system authentication (simply announces that a wireless device desires to associate with another wireless device or access point)

Wired equivalent privacy - WEP

The stations in an IEEE 802.11 wireless LAN can prevent eavesdropping by implementing the optional WEP algorithm, which is also used in the shared key authentication scheme. The WEP algorithm utilises the RC4 algorithm with an up to 128-bit secret key. When the wireless devices in a wireless LAN wish to communicate using WEP, they must have the same secret key in possession. The standard does not dictate how the keys are distributed to the wireless devices.
From a cryptographic point of view, the key length and the protection provided by the algorithm are important, whereas from a systems architecture point of view, the manner in which the WEP keys are distributed and managed is essential since security is based on keeping the secret keys unexposed. WEP expects that the shared
3
Loading...
+ 7 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use