Access control and availability aspects using wireless solutions based on IEEE 802.11 technologies, providing access to classified networks

摘要

Wireless networking is among the fastest growing trends in technology. For militaryobjectives wireless networks are effective and flexible ways of communicating, and importantelements in operating quick, accurate and independent. Over the last year’s commercialtechnology, based on the wireless IEEE 802.11 standard has grown to be low-cost productsoffering cheap and easy ways to establish rapid communication services. For all that, lackingelements of security, increased availability, weak mechanisms and capabilities in order toprotect and safeguard private wireless networking, concerns costumers which require highassurance communication facilities. To comply with physical security, high-end wirelesssecurity requirements and protection mechanisms are required to fully ensure the wirelessenvironment and control the enterprise. Wireless networks has not been considered secureenough to be implemented as part of high assurance communication systems which haveaccess to classified information networks. This thesis considers security aspects of wirelessnetworking related to access control and availability, which means that a wide range ofsecurity issues will be discussed. Based on availability, the thesis will focus on requirementsand mechanisms related to authentication, confidentiality, integrity and authenticity.The thesis has indicated through two problem scenarios that high-end requirements signifiescomplexity and that security mechanisms must be implemented through adoption andadjustment of the available security protocols IEEE 802.1X and IEEE 802.11i. Still, the thesishas shown that security protocols such as IEEE 802.1X and 802.11i does not solve all securityproblems. Additional wireless protection systems are required to supervise and control statesecurity in order to protect the wireless network environment. In addition, network-layersecurity is required to oblige end-to-end security control. The conclusion brings security inwireless network into comprehensive challenges that require fully control to analyze data andoperations to consolidate the wireless environment.Considering wireless protection systems which operate as integrated parts of high assurancewireless system, the thesis has investigated mechanisms and ways to actively protect thewireless network environment. The thesis has shown that wireless monitor and honeypotnetworks introduce potential solutions to meet availability aspects in turns of automaticdetection, protection and prevention