Book contents
- Frontmatter
- Contents
- Preface
- Acknowledgements
- 1 Security basics
- 2 Network system architecture basics
- 3 Cryptographic algorithms and security primitives
- 4 Wireless IP network access control
- 5 Local IP subnet configuration and address resolution security
- 6 Security for global IP mobility
- 7 Location privacy
- References
- Index
4 - Wireless IP network access control
Published online by Cambridge University Press: 06 July 2010
- Frontmatter
- Contents
- Preface
- Acknowledgements
- 1 Security basics
- 2 Network system architecture basics
- 3 Cryptographic algorithms and security primitives
- 4 Wireless IP network access control
- 5 Local IP subnet configuration and address resolution security
- 6 Security for global IP mobility
- 7 Location privacy
- References
- Index
Summary
Private wired access networks, such as a local area network deployed by a company typically require a user to be located in a particular physical facility for the terminal to access a physical data port. Physical access to the premises is therefore required for network access; so many companies depend on physical access control to regulate wired network access. With private wireless access networks on the other hand, access to a specific physical location is not always necessary for network access. The radio signals from wireless access points typically cover a roughly circular area of best reception. If part of the area of best reception lies outside of the physical space controlled by physical access control devices such as keys and key cards, it is possible for an attacker to gain access to an unprotected network by simply setting up a terminal in the parking lot. Modifying a wireless access deployment to confine wireless signal reception to the inside of a building is not usually possible. Radio propagation is difficult to control and some wireless signal is always available outside the area of best reception. An attacker could even take advantage of a weak signal to gain unauthorized access. Wireless private networks, unlike wired networks, therefore require some kind of network access control system to verify the identity of prospective network users.
- Type
- Chapter
- Information
- Wireless Internet SecurityArchitecture and Protocols, pp. 57 - 92Publisher: Cambridge University PressPrint publication year: 2008