Abstract
Wireless networks have been rapidly growing in popularity, both in consumer and commercial arenas, but their increasing pervasiveness and widespread coverage raises serious security concerns. Client devices can potentially migrate, usually passing through very light access control policies, between numerous diverse wireless environments, bringing with them software vulnerabilities and possibly malicious code. To cope with this new security threat we propose a new active third party authentication, authorization and audit/examination strategy in which, once a device enters an environment, it is subjected to security analysis by the infrastructure, and if it is found to be dangerously insecure, it is immediately taken out from the network and denied further access until its vulnerabilities have not been fixed. Encouraging results have been achieved utilizing a proof-of-concept model based on current technology and standard open source networking tools.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
IEEE 802.11i, Medium Access Control (MAC) Security Enhancements, Amendment 6 to IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 11: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications (July 2004)
Mishra, A., Arbaugh, W.A.: An initial securityanalysis of the IEEE 802.1X standard. Technical Report CS-TR-4328,UMIACS-TR-2002-10, University of Maryland (February 2002)
Ding, P., Holliday, J., Celik, A.: Improving the security of Wireless LANs by managing 802.1X Disassociation. In: Proceedings of the IEEE Consumer Communications and Networking Conference (CCNC 2004), Las Vegas, NV (January 2004)
Moore, T.: Validating 802.11 Disassociation and Deauthentication messages. Submission to IEEE P802.11 TGi (September 2002)
Ge, W., Sampalli, S., A Novel Scheme For Prevention of Management Frame Attacks on Wireless LANs (March 2005), http://www.cs.dal.ca/news/def-1341.shtml
He, C., Mitchell, J.: Security Analysis and Improvements for IEEE 802.11i. In: 11th Annual Network and Distributed System Security Symposium (NDSS 2005), San Diego (February 2005)
Nessus Security Scanner, http://www.nessus.org/
Nmap Security Scanner, http://www.insecure.org/
Snort, Open Source Network Intrusion Detection System, http://www.snort.org/
Soekris Engineering, http://www.soekris.com/
Open BSD, http://www.openbsd.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Palmieri, F., Fiore, U. (2006). Audit-Based Access Control in Nomadic Wireless Environments. In: Gavrilova, M., et al. Computational Science and Its Applications - ICCSA 2006. ICCSA 2006. Lecture Notes in Computer Science, vol 3982. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11751595_57
Download citation
DOI: https://doi.org/10.1007/11751595_57
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34075-1
Online ISBN: 978-3-540-34076-8
eBook Packages: Computer ScienceComputer Science (R0)