350 rub
Journal Highly available systems №3 for 2013 г.
Article in number:
Detection of the security policies violation when operating with WiFi networks in the locations with the limited access
Authors:
S.A. Makarenkov - Ph.D. (Eng.), Senior Research Scientist. E-mail: serg@no-problem.cc
V.V. Starichkov - Senior Research Scientist. E-mail: vstar@mail.ru
S.E. Buslenko - Senior Research Scientist. E-mail: sebuslenko@yandex.ru
V.V. Starichkov - Senior Research Scientist. E-mail: vstar@mail.ru
S.E. Buslenko - Senior Research Scientist. E-mail: sebuslenko@yandex.ru
Abstract:
Data transmission over wireless local area network (WLAN) has become one of the major trends in the communication technology development. The networks of the IEEE 802.11a/b/g (WiFi) family of standards in some cases have such advantages as: installation simplicity, network infrastructure portability, possibility of portable users - devices usage. Thus, the usage of WiFi technology as a corporate network segment is represented as quite inviting. Locations and areas with the limited access appear in the WiFi network area in increasing frequency. Moreover, WiFi systems are actively used inside the limited access locations.
Examples of the typical situations, which can result the leakage of the information over the Wi-Fi network channel:
unauthorized disrupter connection to the access point of the organization;
connection of the employee of the organization from the secure location to the outside network access point.
Traditionally, the security policies controlling the usage of WiFi devices in the limited access location restrict the possibilities of outside removing of the WiFi devices, outside WiFi network connection and the connection to the corporate WiFi network points of users, who are outside the limited access location. Radio and organizational support of such security policies are not always effective. It should be noted, that we cannot always reliably register the information security incidents and to accumulate the reliable incidents - conformations with the usage of the methods specified.
Let us consider the possibility of special-purpose system for the stated problems - solving and define their opportunity requirements.
Special-purpose system must provide:
signal search of WLAN of IEEE 802.11a/b/g standards;
identification of the topology of WLAN and the signal registration with the fixed time, power level, address set describing the connection (addresses of sender, recipient, retransmitter);
network device localization according to signal characteristics and address features (location identification);
users - devices and access points IFF (identification, friend or foe) classification;
unhindered functioning support for the devices, which are classified as "friend";
self-acting or at the command of operator blocking/disturbance of the operating mode of the users - devices and access points classified as "foe";
real-time registered traffic record and processing;
taped messages selection according to structural and address features (net identifier, MAC-addresses, key words);
transmission of the taped data into DLP systems over network interface Ethernet or its record on built in sensors information tanks;
disclosure of the information security incidents concerned with informational exchange, which is crossing the controlled perimeter;
accumulation of the internet security incidents in the protected storage.
Self-contained portable sensors and automated workstation of control must be the main components of the special-purpose technical facility.
It is possible to build complex information security facilities for WiFi WLAN on the basis of engineering solutions, which implement the given requirements.
Pages: 79-83
References
- Adzhemov S.S., Vinogradov A.N., Lebedev A.N., Makarenkov S.A., Tereshonok M.V., Chirov D.S. Metody' intellektual'nogo analiza slabostrukturirovanny'x danny'x i upravleniya kompleksami monitoringa. M.: Insvyaz'. 2009. 210 s.
- Roshan P., Leary J. 802.11 Wireless LAN Fundamentals. Cisco-Press. 2007. 693 s.
- Durgin G., Rappaport T.S., Xu H. Measurements and Models for Radio Path Loss and Penetration Loss in and Around Homes and Trees // IEEE Transactions on Communications. 1998. V. 46(11). P. 1484-1496.
- Converting Signal Strength Percentage to dBm Values. WildPacket Inc., Application Note 20021217-M-WP007. 2002. 11 c.
- Popov L. A Hybrid Approach to WiFi Localization and Tracking of Mobile Devices. Massachusetts Institute of Technology. 2008. 60 c.