INTRODUCTIONWPAN Technologies or proposed standardsA Criteria for evaluationRangeData RateSupport for VoiceSupport for LAN IntegrationPower ManagementSecurity Architecture.Trust ModelUntrusted ComponentsSecond Party ComponentsFirst Party ComponentsComponent InitializationProtocols for Manual AuthenticationMANA IIIPersonal Certification AuthorityV. Existing solutions OF PAN communication securityB Network Layer Solution:Disadvantages of IPsecPolicies and access controlPSD ControllerResource Sharing Using PSDForming a PSDBuilding on PSDs Using PolicyThe Contents of the PSDs Policy FileVendor specifications for SECURE SOFTWAREVendor specification of secure hardware.recommendationsReferencesSP 1 Security Services in Wireless Personal Area Networks 1Security Services In Wireless Personal Area Networks. (December 2003) Venkata Koonaparaju, Ramaseshan Iyengar, ECE Department, George Mason University. Abstract— The days of using a mobile device for organizing schedules and contacts have given way to applications that can connect to the corporate backbone via a number of different methodologies, both wired and wireless. A mobile device is now a powerful tool that not only delivers the power of the enterprise in hand, it also provides all of the same vulnerabilities in a much more portable format. This paper represents the security issues related to the use of wireless personal area network technology and recommends a number of key implementation guidelines to ensure the secure deployment of WPAN services. Initially, this paper compares the various implementations of WPANS and then looks at the different security threats for wireless networks. We then analyze the current protocols used in wired networks and test their compatibility with wireless networks. This paper then delves into the security requirements of current WPANS involving Personal Digital Assistants (PDA). The paper also gives an overview of typical wireless network security architecture and finally presents certain recommendations for the security services implementation. Index Terms—Imprinting, Link Layer Security, Network Layer Security, PAN Security Domain, Personal CA. I. INTRODUCTION new network paradigm concerning a short-range wireless connectivity attracts researchers and industrial attention in the last few years. Wireless personal area networks (WPANs) presents the person centered network concept, which allows a person to move, surrounded by its personal space (PS) and devices, and to communicate with them and through them with the outside world. The coverage area of WPAN is in the range of 10m radiuses. A standard communication method must be agreed between the hardware and software vendors to implement. II. WPAN TECHNOLOGIES OR PROPOSED STANDARDS The three candidates for use in WPAN systems are shares Shared Wireless Access Protocol – Cordless Access (SWAP – CA), Bluetooth and Infrared Data Association’s (IrDA) IrDA Protocol. The challenge in developing a wireless personal area network (WPAN) standard is that it must allow devices to communicate in a wireless environment while keeping in mind issues such as cost, power consumption, size and simplicity of use/deployment. Additional criteria such as communications range, data rate, LAN integration, and support for voice communications were also compared. A summary of the comparison of the three technologies is given below Table 1 Technical Summary of Home RF, Bluetooth, IrDA (Source of Table- Wireless Personal Area Networking Systems: Comparison of Bluetooth, IrDA Data and HomeRF by Aurangzaib Kaleem) A Criteria for evaluation The above technologies are compared on the following criteria. 1) Range The typical range requirement of the WPANs is 10 meters. Bluetooth supports this distance and when special transceivers are used distances up to 50 meters can be achieved. From the table its clear that SWAP – CA supports a distance which ASP 1 Security Services in Wireless Personal Area Networks 2exceeds the requirements of the WPANs and IrDA specification is far less than the required. Another limitation which impacts the range of IrDA Data is the use of Infrared, which is susceptible to blockage due to the objects or the angle between the two communicating devices, is off by 15°. IrDA could implement a protocol, which will meet the range of 10 meters but the cost, and power requirements of hardware would not meet the desired values of WPANs. 2) Data Rate Bluetooth allows for up to eight devices to operate in a single piconet and transmit data in symmetric mode (up to 432.6 kbps) or asymmetric (up to 721 kbps and 57.6 kbps) mode. The eight-piconet devices must share the bandwidth and cannot transmit at that rate simultaneously. SWAP-CA supports 1.6 Mbps using a CSMA/CA scheme, which provides a peak effective throughput of 1 Mbps under lightly loaded conditions. The IrDA provides the fastest data rate at 4 Mbps, which is more than enough for large file transfers, print jobs, or Internet sharing. In terms of data rate all three systems are satisfactory. It is difficult to place a number on what would be an adequate data rate for a WPAN. The concept of a WPAN is relatively new and applications for the technology have not matured enough to push the limits of the data rates available. The developers of SWAP-CA and IrDA both have hinted at support for higher data rates and it can be assumed that once an 802.15 standard is approved higher data rate versions of the standard will be development in the future. 3) Support for Voice Of the three protocols only SWAP-CA and Bluetooth provide adequate support for voice. SWAP-CA’s implementation of DECT and integration with the PSTN is very good. The only drawback is that a Connection Point must be used. For the purposes of home networking SWAP-CA is adequate where the existence of a Connection Point can be planned. For ad hoc networks having to need an additional device that provides the voice services is not ideal. Bluetooth provides the same services as SWAP-CA but without the need for a specialized device. In a Bluetooth WPAN a single node (master node) can act as the aggregator to the PSTN and support the communication needs of other piconet nodes. For the purposes ad hoc networking Bluetooth is a better choice for voice support. 4) Support for LAN Integration The three systems provide equal support for LAN integration. All three systems require some type of device
View Full Document
Unlocking...