This paper examines the IEEE 802.11b wireless LAN standard, tracing its development from the original 802.11 specification through subsequent iterations including 802.11a and 802.11g. It surveys the technical characteristics, benefits, and limitations of wireless networking compared to wired alternatives, with particular emphasis on security vulnerabilities inherent to the 802.11b standard. The paper reviews protective measures such as WEP encryption, virtual private networks, firewalls, MAC filtering, and RADIUS authentication. It also discusses current and emerging trends in wireless technology adoption across business, education, and consumer markets, drawing on a range of industry and academic sources to assess the state of WLAN security and future directions for the technology.
A relatively new standard introduced by the Institute of Electrical and Electronics Engineers (IEEE), known as 802.11b, has been gaining significant momentum in the marketplace and is poised to change the nature of telecommunications (Patrick 2001). With approval from the Standards Board Review Committee of the IEEE in September 2002, a veritable "Wi-Fi" (wireless fidelity) revolution has been taking place in portions of the unlicensed spectrum, based on the IEEE 802.11b standard. "Products equipped with 802.11g Wi-Fi capability have been on the market for some time now, but a green light from the IEEE is a huge step for 802.11g that could usher in a high-speed wireless networking standard" (Yo! G. September 2003). This new technology is threatening to undermine parts of the business plans of traditional telephone companies; further, such Wi-Fi technology may be an enabler for a future "killer app" (Anderson, Bikson, Hundley & Neu 2003). Two new standards have been established: 802.11a, which extended the speed of 802.11 to 54 megabits per second (though it is not backwards compatible with 802.11b); and 802.11g, which operates at 20 megabytes per second and is compatible (Patrick 2001). Nevertheless, Driscoll (2002) suggests that until there is a pressing need for ultra-high-speed Internet access, or for a proprietary high-speed Ethernet network to allow the exchange of very large files, 802.11b will likely remain the primary standard in most public places for the next several years.
According to Driscoll (2002), 802.11b is the wireless Ethernet standard created in 1997 by the IEEE with the goal of creating unified technology standards. The original 802.11 provided wireless Ethernet and Internet access with top speeds of one to two megabits per second (Mbps); however, in reality it was frequently much slower. The letter "b" was added to the nomenclature in 1999 as a new standard extending the theoretical top speed of 802.11 to 11 Mbps, with an actual speed typically between three and six Mbps. Driscoll suggests this level of processing speed "is plenty fast enough for virtually all of today's broadband applications" (2002, p. 31). The signals for 802.11b are transmitted on the 2.4 gigahertz (GHz) frequency range of the broadcast spectrum; the technology quickly became the de facto wireless Internet standard of choice, with more than 11 million consumers already having some form of 802.11b access, according to a CNN study. Today, 802.11b exceeds wireless application protocol (WAP), 3G (third-generation wireless), and Bluetooth; further, the 802.11b standard can be used with virtually any type of laptop and many PDAs as well (Driscoll 2002).
Unlike WAP and 3G, 802.11b is not restricted to tiny cell phone screens; rather, any laptop, PDA, or desktop computer can be equipped with an 802.11b-compatible card for access to the Internet. In addition, 802.11b has far greater range than Bluetooth, providing 11 Mbps, on average, at 75 feet from a transmitting source (known as an "access point" or "node") and slowing down to 1 Mbps at a maximum distance of about 1,500 feet. By sharp contrast, Bluetooth's transmission distance is approximately 100 feet; however, it should be noted that Bluetooth may be especially useful in fixed devices such as Internet-enabled appliances or wireless connections from PCs to printers (Driscoll 2002).
The flexibility, reliability, and retrofitability of 802.11b have also made it an extremely popular choice for home networking and for retrofitting older buildings where Category-5 local area network cables would be difficult or impossible to install. A local area network (LAN) is a configuration of interconnected computers that can share data, applications, and resources such as printers. Computers in a LAN can be separated by distances of up to a few miles but are typically used in offices or across university campuses. A LAN provides fast and effective transfer of information within a group of users and reduces operational costs as well (Spurgeon 1997). Each computer network can be categorized as either a LAN or a wide area network (WAN). A LAN configuration generally consists of a fairly limited number of computers in a single building or building complex. A WAN, on the other hand, may connect an enormous number of machines on a global basis; in fact, by connecting a number of existing networks, the Internet was born. "Today, the Internet is a worldwide combination of WANs and LANs involving millions of machines. Each network in the Internet is connected to another network by a machine called a router" (Brookshear 2000, p. 142).
The closing decade of the 20th century witnessed the Internet connecting millions of computers all over the world. During these earlier years of development, a number of commercial computer network and data services also provided at least indirect connection to the Internet. These technologies provide the ability for more than one computer to communicate within a defined network: "A LAN is defined as a privately owned data communications system that usually covers a limited territory, hence the term 'local area'" (Spurgeon 1997, p. 17). All such networks employ so-called "protocols" — simply a set of rules by which computers exchange information through a single shared connection. These protocols allow the transmission of data without "collisions," which can be caused by the simultaneous transmission between two or more computers; computers on most LANs today use protocols known as Ethernet or Token Ring (Spurgeon 1997). In 2000, for example, the University of California at Berkeley identified security flaws in the Wired Equivalent Protocol encryption standard used by 802.11 cards and access points, making them vulnerable to decryption by hackers. The IEEE is working on an improved specification that will authenticate users in response to this need for security and standardization in wireless LAN access.
According to the guide for the 802.3 Ethernet system (and the 100BASE-T Fast Ethernet segments which are part of that system), there are two LAN standards that can carry Ethernet frames at 100 Mbps. When the IEEE standardization committee met to begin work on a faster Ethernet system, two approaches were presented. The first was to speed up the original Ethernet system to 100 Mbps while maintaining the original CSMA/CD medium access control mechanism — an approach called "100BASE-T Fast Ethernet." The second approach was to create an entirely new medium access control mechanism based on hubs that controlled access to the medium using a "demand priority" mechanism. This new access control system transports standard Ethernet frames using a new medium access control mechanism, and was further extended to allow it to transport token ring frames as well; as a result, this approach is now called 100VG-AnyLAN. The IEEE decided to create standards for both approaches. The 100BASE-T Fast Ethernet standard is part of the original 802.3 standard, while the 100VG-AnyLAN system is standardized under IEEE 802.12 (Spurgeon 1997, p. 17). The IEEE 802.11b working group created a set of protocols for wireless Ethernet local area networks in 2.4 GHz bandwidth space, describing IEEE 802.11b as "a way to connect our computers and other gadgets to each other and to the Internet at very high speed without any cumbersome wiring — or a significant price tag" (IEEE 802.11b Working Group 2000, p. 5).
Generally speaking, the benefits of installing a WLAN for enterprises and individual consumers include the following:
Flexibility. In older buildings, re-wiring is not always an option due to physical restraints of the building; existing space may also not allow for additional cabling.
Ease of use. Installing a WLAN requires less physical work than installing or adding to a LAN. WLANs have also increased communication and encouraged spontaneity.
Growth capability. WLANs can expand in size and functionality; access points can be added and upgraded. WLANs can start off small and grow in size and complexity as needed.
Mobility. WLANs allow users to move freely around the room, to wherever access points are in operation.
Cost. For general use, a WLAN does not save a great deal of money. The cost of network interface cards increases from about $67 for a standard card to about $180 for a wireless type; however, the overall investment in a WLAN is less expensive than retrofitting cables into old buildings (Charp 2002).
Despite these clear benefits and advantages in terms of ease of use and cost-effectiveness, there are certain risks associated with wireless networking, which are discussed in detail below.
The applications for wireless communication technology continue to develop and expand; today, 802.11b is the standard of choice for wireless router communication used with network installation (Gonzales & Higby 2003). "The integrity of the transmitted data is a valid concern at the 2.4 GHz wavelength medium, where the propagation of wavelength maintains strong connectivity" (Gonzales & Higby 2003, p. 30). The technology of WLANs actually dates back to the mid-1980s, during which time the Federal Communications Commission (FCC) freed up radio frequency (RF) to the industry. "Initially, this was viewed as a broadcast reception procedure and very little thought went to broadcast transmission" (Gonzales & Higby 2003, p. 30). Early innovations in RF transmission at a local network level were fairly slow; however, in the latter part of the 1990s, the IEEE introduced a new standard that would fuel growth in RF transmission technologies. The key standard was 802.11, which increased bandwidth enormously (Gonzales & Higby 2003).
According to Gonzales and Higby, the IEEE first developed the 802.11 standard in 1997, thereby providing a base for WLANs. The goal of the IEEE at this time was to design a standard that would support Ethernet networks used for medium-range, higher data-rate applications. This concept was immediately adapted to deliver a standard for mobile and portable stations. Continued improvements included designing 802.11a, which provides high-speed connectivity to WLANs operating on the 5 GHz band and supporting speeds up to 54 Mbps; the application of orthogonal frequency division multiplexing (OFDM) has allowed 802.11a to deliver such high speeds (Gonzales & Higby 2003).
In 1999, the IEEE promulgated another standard, known as 802.11b. This newer standard operated in an unlicensed area on the 2.4–2.8 GHz band, transmitted in direct sequence spread spectrum (DSSS), and supported up to 11 Mbps. The IEEE 802.11b is the dominant standard for current WLAN systems because it can deliver sufficient speeds for the majority of applications in use today. "Unfortunately, due to 802.11b's popularity, the standard has been unintentionally exposed to many security weaknesses. These issues are now a high priority and are being addressed by several research-and-development teams" (Gonzales & Higby 2003, p. 31).
Other IEEE research standards currently under development include 802.1x, 802.11g, and 802.11i. All of these initiatives focus on the identified security issues and faster transmission rates being brought to bear on the technology. The first, 802.1x, was a port-level access control protocol that provided a security framework for Ethernet LANs and WLANs under the IEEE standard. The 802.1x standard provided a framework that supported stronger user authentication as well as a centralized security management model that included a client machine, an authenticator, and a Layer 2 device providing a physical port to the network, an access point, or a switch. "802.1x supports an important part of network access by verifying user credentials and providing key management. Several authentication methods have included a server or database service for user authentication including remote authentication dial-in user service (RADIUS), Microsoft's Active Directory, Windows NT Domains and Trusts, and an LDAP directory" (Gonzales & Higby 2003, p. 31). Standard 802.11i was specifically designed to address the identified security concerns involving WLANs; however, this initiative remained in the early development phase. Gonzales and Higby report that this standard addresses wired equivalent privacy (WEP) vulnerabilities with improvements to 802.11 equipment.
All of this effort is not being driven in isolation from the marketplace. Consumers and businesses are confronted with a wide range of newer mobile devices — such as laptops, cell phones, and personal digital assistants (PDAs) — that have been the source of the recent increased demand for wireless mobility. These new devices provide users with the ability to take full advantage of innovative technologies, and people are exploring even more ways to use them. The key advantage of wireless communication involves reduced costs compared with the expense of wired installations. Recent improvements to laptop specifications in RAM, CPU speeds, and hard disk storage have also facilitated wireless communication. Today, a number of computer manufacturers are developing mobile devices with built-in wireless connectivity supporting 802.11b and 802.11g. The advantages to users include increased productivity during travel. "The emergence of wireless broadband provides a good alternative to wired networks in terms of cost of implementation and feasibility of retrofits in situations involving inaccessible wiring. In many instances, wired infrastructure would prove quite impractical" (Gonzales & Higby 2003, p. 32).
While wireless broadcasting does have some constraints, the technology continues to enjoy widespread popularity across the United States and other countries, such as Korea and Japan. The hardware required to establish a wireless infrastructure has been dropping in price, and a number of companies are providing wireless routers, hubs, switches, and network adapters that support out-of-the-box functionality. For example, Gonzales and Higby point out that a competitive price for a wireless router with one wide area network port (WAN) and four CAT5 ports was just $124 — a product that would have sold for more than twice that amount not long before, likely with less functionality. Furthermore, in infrastructure mode, a maximum of 2,048 wireless nodes can be supported; in ad-hoc mode, the number decreases significantly to 256, due mostly to additional overhead and lower available bandwidth. Nevertheless, the increasing demand for these innovative products has resulted in increased production and lower prices for consumers. "The wireless network interface card that supports 802.11b costs about $60 in the U.S." (Gonzales & Higby 2003, p. 32). These authors suggest purchasing a card that supports 802.11g because of integrated compatibility with 802.11b and the benefit of increased bandwidth of 54 Mbps; however, compatibility concerns have recently emerged concerning roaming between wireless access points that include standards 802.11b and 802.11g (Gonzales & Higby 2003).
According to Gonzales and Higby, the "hot spot" is a most interesting phenomenon. "We have noticed that wavelength propagation is stronger in some areas than in others. A very strong wireless signal is called a hot spot. Sometimes, we cannot control the restrictions to wireless transmission/reception, but we can move our access point within the environment to find better reception" (Gonzales & Higby 2003, p. 31). Industry consultant Steve Alexander reports that within a radius of 9–90 meters (30–300 feet) from a hot spot's antenna, computers equipped with Wi-Fi circuit cards or chips can connect to the Internet without visible communications links. Two commonly used versions of Wi-Fi, 802.11b and 802.11g, enabled wireless transmission speeds of 11 million bits per second (bps) or 54 million bits per second respectively. "Next-generation Wi-Fi standards being developed held out the promise of speeds of 200 million bps or more" (Alexander 2004, p. 7). A number of businesses, such as Starbucks coffee shops and McDonald's restaurants, have implemented charges for customers using their Wi-Fi services; other companies have elected to offer the service for free in order to attract customers. "Free service was practical because Wi-Fi equipment was relatively inexpensive and because many businesses already had high-speed connections to the Internet that also could handle the added Wi-Fi traffic" (Alexander 2004, p. 7). In 2004, Intel introduced its new Centrino microchips that provided laptops with built-in Wi-Fi capability; further, new Wi-Fi accessories for videogame consoles simplified playing games over the Internet by connecting game machines in the living room to a high-speed Internet connection in another part of the home (Alexander 2004).
Despite these distinct advantages, Wi-Fi remained in its early stages, and for-pay hot spots were expected to generate no more than $20 million–$60 million in annual revenue in the U.S. Nevertheless, some analysts estimated that Wi-Fi revenue could reach $1 billion or more in the U.S. by 2008. Cellular telephone companies appeared to represent the most significant Wi-Fi providers; T-Mobile was identified as an early entrant offering service in more than 2,500 bookstores and coffee shops. Conventional wired telephone companies viewed Wi-Fi as an extra service they could use to retain digital subscriber line (DSL) customers. For instance, Alexander points out that Verizon Communications, the largest U.S. local telephone company, continued to add hot spots in parts of New York City, offering free use to customers of its wired DSL service (Alexander 2004, p. 8).
As the medium gained acceptance and expanded, Wi-Fi also created new security problems for consumers who were not prepared for the new environment. "People using public hot spots might have their e-mail communications intercepted by others, and home and business owners of Wi-Fi networks did not always know they should encrypt their network traffic to safeguard it from passersby with laptop computers" (Alexander 2004, p. 8). Furthermore, skilled hackers are sometimes able to intercept data, user names, and passwords, as well as obtain free Internet access through Wi-Fi networks (Alexander 2004).
The original IEEE 802.11 standard specified eleven different channels (or frequencies) on which wireless communications were allowed to operate. In order to avoid excess noise that would adversely impact network performance, users can establish a number of low-range overlapping cells. These access points should be connected on the same network to allow users to roam effortlessly in the hot spot. Because these channels are spread-spectrum operating with 22 MHz of bandwidth, Gonzales and Higby suggest that the ideal installation would separate each radio or access point by five channels. "This method will produce zero overlap. A good combination would consist of 1, 6, 11, or 2, 7, 12. While this is the ideal solution, more and more areas (e.g., cities, apartments, and schools) are becoming saturated with wireless access, which makes this option less attractive" (Gonzales & Higby 2003, p. 31). It is common for people using wireless to roam or search for the best reception; as a result, if users require extra transmission strength, they might only have to move a few feet in either direction to locate a greater concentration of data transmission (Gonzales & Higby 2003).
Today, wireless communication is the fastest-growing networking technology on the market. This newest form of communication has provided a wide range of new opportunities for businesses and individuals; however, the increased popularity of WLANs has also expanded the need to institute new security practices. There are a number of security procedures that will enhance the level of privacy when deploying a WLAN (Gonzales & Higby 2003). Some of the basic techniques include:
— Changing the default SSID;
— Wired equivalent privacy (WEP);
— Virtual private networks (VPNs);
— Firewalls;
— Media access control (MAC) filtering; and
— Remote access dial-up service (RADIUS) authentication and authorization (Gonzales & Higby 2003, p. 32).
WEP encryption technology has allowed secure communication between a remote user and a wireless access point. "When configuring a wireless router, we strongly recommend activating WEP because most wireless routers, by default, will have this setting turned off. Recent exposures and vulnerabilities in the WEP algorithm have hackers smiling from ear to ear, but the time and effort it takes to crack the algorithm is definitely a deterrent" (Gonzales & Higby 2003, p. 33). There are other security features being introduced that will help overcome some of the vulnerabilities identified to date as well.
For instance, the implementation of VPNs will protect remote access between users and corporate networks. According to Gonzales and Higby, the process is created by a secure virtual tunnel from the remote user's computer, through the user's access point, then onto the Internet, and finally to the network's servers and systems. "The remote computer uses an encryption scheme that enables safe passage for the data, with little to no chance of interception. The image of hiding or invisibility seems very attractive when discussing security" (Gonzales & Higby 2003, p. 32). Firewalls can hide a user's computer from unauthorized access, and hardware and software tools available today provide the functionality of a firewall that can control the flow of data in and out of a wired or wireless network. "We recommend network address translation (NAT), an advanced firewall or gateway, when configuring a wireless router. It provides enhanced capabilities of a normal firewall" (Gonzales & Higby 2003, p. 32).
Media access control (MAC) filtering is a component of the 802.11 standard that takes advantage of a unique number allocated by the manufacturer of the wireless router's network interface card. According to Gonzales and Higby, the MAC address filters out undesired access by accepting only selected addresses to the network. "MAC filtering is similar to call blocking on your telephone line, which blocks unwanted calls. While a laborious task on a large corporate network, MAC filtering should be used in setting up a home network" (Gonzales & Higby 2003, p. 32). One constraint identified to date is the ability of a hacker to "spoof" the MAC address by intercepting the address and broadcasting it as its own (Gonzales & Higby 2003).
In addition, remote access dial-up service (RADIUS) has introduced the functionality of using a username and password scheme to enable access by approved users to the network. "RADIUS has several different levels of authority control that provide many classes of access. One option gives blanket-type access to the Internet. Another gives permission to use the Internet and e-mail communication. The last account class option gives access to the Internet, e-mail, and secure servers" (Gonzales & Higby 2003, p. 33).
In a special report from 2003, R. Marion Bliss reported that in the 1960s, high-fidelity ("hi-fi") became the standard for homes outfitted with the latest high-powered audio equipment. "Fidelity had to do with clear signals providing crisp music from the home stereo and turntable. Today, some home buyers and owners are interested in fidelity of a different sort" (Bliss 2003, p. F30). By using technology based on high-frequency two-way radio signals, roughly 10% of American homeowners are already enjoying short-range data transmission through clear airwave signals called wireless fidelity — "Wi-Fi." The Institute of Electrical and Electronics Engineers (IEEE) worked to standardize the technology, referred to as 802.11b, 802.11a, or 802.3 when referring to a network (Bliss 2003). In home-based applications, IEEE 802.11b allows users to receive signals from a fixed-base station or router installed near the home computer. "The fixed-base station then receives signals from either a home's cable modem or digital subscriber line (DSL). These signals travel invisibly through walls and people to nearby laptop or desktop computers equipped or adapted with a plug-in card" (Bliss 2003, p. F29). According to the Wi-Fi Alliance, Wi-Fi-equipped computers are able to receive signals from 80 to 350 feet from the hub, using the same or similar frequency as cordless phones. The signals, however, are not impervious to interference. "Concrete, steel and masses of people have been known to weaken the signal" (Bliss 2003, p. F30). Some observers have cautioned that such signals may not be secure against intruders who might attempt to steal critical data such as Social Security or credit card numbers. Today, Wi-Fi is protected by secure encryption. When Wi-Fi equipment is installed, the user enters a secure encryption code, which means that all computers on the Wi-Fi LAN can then communicate only with each other.
"Speed, interference, and structural obstacles to WLANs"
"Industry adoption, product developments, and 802.11g emergence"
Wireless networking based on the IEEE 802.11b standard has transformed the way individuals and organizations connect to the Internet and to each other. The rapid growth of Wi-Fi adoption across homes, businesses, and public spaces has brought enormous benefits in terms of mobility, cost savings, and ease of deployment. At the same time, the very popularity of the standard has exposed significant security vulnerabilities, including weaknesses in WEP encryption, susceptibility to MAC address spoofing, and the risk of data interception at public hot spots.
You’re 63% through this paper. Sign up to read the remaining 2 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.