Security Implementation and Requirements
These days, most of the companies uses wireless
network technology for the purposes of sending and receiving information. Wireless
network technology uses radio waves to connect several types of wireless
devices to the network. Despite the fact, that wireless network has many
advantages, it is vulnerable in numerous ways as well. The opportunity of malicious
hacking tries is growing. Companies should be aware of the security of their
networks, and that they need to protect them from any sort of attacks which
would possibly reveal their confidential information’s. Unlike, the wired
network that uses to move along a protected copper wire pair or optical link,
the wireless network makes use of singles to carry data and pass through the
outdoors which may be accessed by any wireless device. This option simply will
increase the risks of using wireless network technology, and that’s why
distinctive kinds of attacks can manifest (Chris Waters, 2006).
3.2 CASE STUDY
Bario clinic is located on a hill 100 meters far from the
telecentre and they want to upgrade their telecommunication infrastructure that
can benefit clinic and as well as people residing in the village. It is
difficult to get any telecommunication infrastructure, because the
infrastructure is in small and remote village. In this type of situation, our
group have been asked by society to enhance its network and make it more secure
also, so that it will advance their current system. The team has been pointed
as the network consultant specialist to install a wireless LAN to an existing
wired LAN. Subsequently, it will be far more convenient for doctors to save
their information online and people can also make reservations with the clinic.
3.3 DATA SECURITY
Companies are required to emphasize more on the
other parts of security basics which can assisted to provide a strong and
secure wireless network. They must focus on the securities that are assigned
with specific standards, so it could be free to be used by the people who are
authorized for that network. We are going to discuss some wireless network
attacks and few common methods to have a secure wireless network, and here we
are going to implement the Bario Society wireless network (Sean Wilkins, 2011).
Wireless Network Attacks
Man in the
It’s possible for hackers to trick communicating devices
into sending their transmissions to the attacker’s system. Here they can
record the traffic to view later (like in packet sniffing) and even change the
contents of files. Various types of malware can be inserted into these packets,
e-mail content could be changed, or the traffic could be dropped so that
communication is blocked (CESCA, 2016).
Encryption Hacking – WEP/WPA Attack:
wireless routers can be a huge problem. Older encryption standards are
extremely vulnerable, and it’s easy to gain the access code in this case. Once
someone’s on your network, you’ve lost a significant layer of security. APs and
routers are hiding your IP address from the broader Internet using Network
Address Translation (unless you use IPv6). This effectively hides your private
IP address from those outside your subnet and helps prevent outsiders from
being able to directly attack you. The keyword there is that it helps prevent
the attacks, but doesn’t stop it completely (CESCA, 2016).
Encryption can be defined as the process of converting the
electronic data to another form which can’t be easily understood by anyone
except for authorized people. Data which is encrypted is known as cipher
text, and data which is not encrypted is known as plaintext. The
main purpose of utilizing encryption mechanism is to prevent confidentiality of
digital data placed on the computer system or transmitted by the network. (Margaret Rouse, 2009).
Protected Access 2 – WPA2
For the secured wireless internet connection, we recommend
the clinic and telecentre to use WPA2, Wi-Fi Protected Access 2. WPA2 (Wi-Fi
Protected Access 2) is a network security technology commonly used on Wi-Fi
wireless networks. It’s an upgrade from the original WPA technology, which was
designed as a replacement for the older and much less secure WEP.
Protected Access 2
Dynamic Session Keys
Dynamic Session Keys
between different types of Encryption Methods:
(Sari and Karay, 2015)
WPA2 is used on all certified Wi-Fi hardware since 2006 and
is based on the IEEE 802.11i technology standard for data encryption combining
this WPA2 with the IEEE 802.1X port-based authenticated protocol for access
control should eliminate most security worries. When WPA2 is enabled, it uses,
AES (Advanced Encryption Standard) with its strongest encryption option, anyone
else within range of the network might be able to see the traffic but it will
be scrambled with the most up-to-date encryption standards (Mitchell, 2017).
WPA2 includes two authentication modes which is Personal and
Enterprise, for the WPA2-Personal it generates a 256-bit key from PSK
(Plain-Text Pass) or pre-shared key. The PSK form a mathematical basis for the
PMK (Pairwise Master Key) this is used to initiate a four-way handshake and
generate PTK (Pairwise Transient Key) or session key between the wireless user
device and access point. For the WPA2-Enterprise, WPA2 used control access on a
per-account based on authenticating username and password for credentials.
Authentication occurs between the station and central authentication server. To
manage this, framework 802.1x is required which supports user and machine
authentication with port based control that works for both wired switches and
wireless access points (Information Week, 2006).
TP-Link router supports WPA2 encryption standard, and that
is why our team has chosen it. With this router encryption protocols, Bario
Society will have a strongly secure wireless network.
It is a procedural method
which it is utilized to identify individuals based on the username and
password. This process would allow authorized users to access to the system
objects in term of their level of authorization. Authentication can help
for enhancing the security of wireless networks and wired Ethernet networks. It
is vital to deploy secure methods for authentication and encryption, so the
network can only be accessed by those people and devices which are authorized (Margaret Rouse, 2015).
Wi-Fi Alliance Security Mechanism
Open System or Shared Key
(WPA Pre-Shared Key)
802.1x / EAP
WPA2 Personal 802.11i
(WPA Pre-Shared Key)
CCMP (by default) / TKIP (optional)
AES (by default) /
802.1x / EAP
CCMP (by default) / TKIP
AES (by default) /
between different types of Authentication Methods:
Authentication Protocol (EAP):
EPA is known as a protocol for a wireless network, and
it is an extension of (PPP) Point-to-Point Protocol. EAP provides multiple authentication mechanisms, such as
smart cards, token cards one-time password, certificates, and public key
authentication. This method of authentication is mostly used by enterprises
because it gives the highest level of security to the wireless network. By
utilizing the Extensible Authentication Protocol (EAP) to be interacted with an
EAP-compatible RADIUS server, the access point associates a wireless user
device and the RADIUS server to perform mutual authentication and derive a
dynamic unicast WEP key. The
RADIUS server transmits the WEP key to the access point that utilizes the key
for all unicast data signals which the server transmits to or receives from the
user. The access point also encrypts its broadcast WEP key with the user’s
unicast key and transmits it to the user (Margaret Rouse, 2005).
in a way when The RADIUS server will send an
authentication challenge to the user, and the user will use a one-way
encryption of the user-supplied password to send that message to the RADIUS
server. By utilizing the information from the user database, the RADIUS server
will create its own message then compare that with the user message. When the
server will authenticate the user, the user will authenticate the server in a
reverse process. When mutual authentication will be completed, the server and the
user will set a WEP key which will provide the user with the suitable level of
does EAP authentication works?
The user will load they
key to use it for the logon session. While the logon session, the RADIUS server
will encrypt and transmit the WEP key, which is known as a session key, through the wired LAN to
the access point. The access point will encrypt its broadcast key via the
session key and transmit the encrypted broadcast key to the user, which
utilizes the session key to decrypt it. The user and access point will activate
WEP and utilize the session and broadcast WEP keys for all communications while
the remainder of the session. In simple words we can say that, when a client sends a request message for connecting
to a wireless network, the access point asks the client for identification
data, and that will be transmitted to an authentication server. Then, the
server will ask for a proof of the validity of the identification data from the
access point. When the access point has got the proof from the client, then it
will be sent back to the server to complete the authentication (Sean Wilkins, 2011).
This type of authentication is
commonly used by companies, and we will be implementing on the new wireless
network of Bario Society due to its high level of security mechanism.
As considering security implementations for wireless LAN, we
selected WPA2 due to its preference for protecting the network with
high-quality and its latest security protocol. With the use of AES (Advance
Encryption Standard) and its other characteristics, it becomes more secure with
the help of its encryption technique.
V. (2016). Types of Wireless Network Attacks. online phoenixts. Available at:
https://phoenixts.com/blog/types-of-wireless-network-attacks/ Accessed 16 Jan.
Waters. (2006). the importance of
wireless security, Available at:
Accessed: 16th Dec 2017.
Cisco. (2017). What Is a Network Switch vs. a Router? online Available at:
Accessed 19 Dec. 2017.
Information Week. (2006). Learn the Basic of WPA2 Wi-Fi Security. Available
Accessed 16th Dec. 2017.
Margaret Rouse (2009) encryption,
Available at: http://searchsecurity.techtarget.com/definition/encryption
(Accessed: 9th Jan 2018).
Margaret Rouse (2015) authentication,
Available at: http://searchsecurity.techtarget.com/definition/authentication
(Accessed: 9th Feb 2017).
Mitchell, B. (2017, November 13). Wi-Fi range extenders are a variation on bridging. Retrieved from https://www.lifewire.com/wireless-bridging-explained-816563
Sari, A. and Karay, M. (2015). Comparative Analysis of
Wireless Security Protocols: WEP vs WPA. International Journal of
Communications, Network and System Sciences, 08(12), pp.483-491.
Sean Wilkins (2011) WLAN Encryption
Methods, Available at:
(Accessed: 9th Jan 2018).