This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
To establish a connection between the branches and headquarters, Starfruit Communications decided to implement Worldwide Interoperability for Microwave Access technology for the voice and data communication between headquarters and branches.
WiMAX is a telecommunication technology that transmitted the data wirelessly via types of transmission methods. Because this technology is a wireless system, it makes people worried and unsure about the security. Security is a very important consideration in wireless communication systems, so the company must have a very high level of security if they intend to built this wireless communication systems.
WiMAX was designed carefully with security concerns to avoid unauthorized use to the network services. It was done by using strong authentication and access control methods.
A well designed WiMAX security architecture should provide these requirements:
Privacy: To protect the network from eavesdropping when the data traverse over the air from source to destination.
Data integrity: To ensure the protection of the data and messages from being tampered while in transit.
Authentication: To verity and ensure that the given user/device that connecting to the network is the correct one.
Authorization: To verify that the user that tried to connect is an authorized user to use the network resources and services.
Access control: To ensure and only allowed authorized user to have access to the particular network resources and services.
WiMAX Security Functions
From the beginning, WiMAX technology was designed with robustness security. It had the methods to ensure user data privacy and preventing unauthorized access to the information with extra protocol optimization for mobility. WiMAX security has the following key aspects:
Support for privacy
The encryption method used to provide privacy is cryptographic schemes which had proven its robustness. All the user information that transmitted will be encrypted, either using Advanced Encryption Standard (AES) or Triple Data Encryption Standard (3DES). Most engineers will choose to use Advanced Encryption Standard (AES) because it is a new encryption standard that has been approved and it is easier to implement to the system.
Authentication in Wimax
Authentication is uses to prevent unauthorized user from accessing the network information. The authentication structure supports many types of identification process, e.g. username/password, digital certificates, and smart cards. WiMAX devices have built in digital certificates which contain a public key and MAC address of that device, so the operators can use the digital certificates for authentication of device, and using a username/password to authenticate their users.
Flexible key management protocol in Wimax
The Privacy and Key Management Protocol Version 2 (PKMv2) is used to ensure the security when exchanging all the keying material between base station and the mobile station and it also use to reauthorize and refreshing the keys from time to time.
Protection of control messages in Wimax
The control messages that traverse along from source to destination over the air is protected using message digest methods, such as Advance Encryption Standard (AES) based Cipher based Message Authentication Code (CMAS) or Message Digest 5 based Hash based Message Authentication (HMAC).
Support for fast handover in Wimax
WiMAX allow the mobile station to use pre-authentication with a specific target base station to make the reentry process to be faster and easier. To support fast handovers, a three way handshake model is supported to fulfill the re-authentication methods, while at the same time preventing the man in the middle attacks.
WiMAX Security Threats
Threats to the Physical layer
Physical layer is unsecure and unprotected from attacks because WiMAX security is apply in security sub layer above the physical layer. Below are the types of threats on physical layer:
Jamming or Blocking attack
It is an attack achieved by launching a source of strong noise to drastically decrease the capacity of the channel, thus denying of services (DoS) to all the stations. Jamming occurs either unintentional or malicious. This attack can be detected using radio spectrum monitoring equipment. Once it was detected, it can be avoided using spread spectrum scheme by increasing the power of signals. So, the chances it may affect the user and system on the network are very low.
Scrambling or Rushing attack
It is a type of jamming but it only took short periods of time and targeted to a particular WiMAX frames or some element of frames at the physical layer. Scramblers aim to affect normal operation on that network. Scrambling is more difficult to detect because the intermittent nature of the attack and it may happen due to natural sources of noise. This attack can be prevents by using a monitoring anomalies beyond performance criteria to detect the scramblers and scrambling activities.
Water torture attack
This attack consider as a typical attack in which an attacker forces a Subscriber Station to drain its battery or use up all computing resources by sending a series of fake frames. This attack is more critical than Denial-of-Service (DoS) attack because Subscriber Station is a portable device with limited resources. This attack can be prevents by discarding fake frames using a mechanism, so it will not drain the battery or computing resources.
Threats to the MAC layer
MAC layer is a connection oriented layer, there are lot of weaknesses on this layer. Identity plays a very important part in WiMAX, so all the threats regarding identity are consider as a very serious threats to it. Below are the types of threats on the MAC layer:
Threats to MAC management message in initial network entry
The initial network entry procedure is very important because it was the first thing needed to create a WiMAX connection.
The vulnerability of using Ranging Request-Response (RNG-REQ, RNG-RSP) messages: The attacker can stop the RNG-REQ process when it was sending a request to join a network and downgrading the service by changing the burst. The attacker can also change the ranging message to interrupt the network activity which may cause a denial of service to the network.
Threats to authentication
There are many types of threats which come from WiMAX authentication scheme:
Masquerading is an attack to the network device by impersonates the valid device identity by stay undetected. When the users connected to the fake device, the attacker will get all the access rights and gain access to the real devices. This attack does not have any security warning unless the attacker does something suspicious on the network. There are two methods to do masquerading attack:
Identity theft means the attacker stole the devices hardware address over the air and reprograms another device with the information that he stole. This was a well known problem for wireless communication, but it has been under control because it is illegal.
Rogue base station attack
Rogue base station attack using an attacker station which acts like an original base station, interrupt and confuse those subscriber stations or mobile stations while they are trying to get services from the original base station. The methods used to attacks are depending on the networks type. This attack is more complicated and difficult for the attacker because WiMAX is using Time Division Multiple Access model.
Attacks on the authentication protocols of basic PKM in 802.16 and its later version-PKMv2
Each subscriber station of a WiMAX networks must have X.509 digital certificate to recognize the subscriber. With X.509, the attacker will not so easy to fake and steal the subscribers identity. The PKMv1 protocol is very weak to main in the middle attack because of the mutual authentication problem. After some time, the PKMv2 was proposed with more powerful authentication process and lately it was found the possibility to attack by several kinds of new attacks.
Man in the middle attack
Man in the middle attacks occurs when attacker lure devices to log into a device which is a fake access point. After that, the attacker connects to a real access point using another wireless card offering a stable flow of traffic through the transparent hacking computer to the real network. If the base station always changes the public key, the attacker chances to hack the connection will be lower.
Denial of service attack
Denial of service attacks occur when an opponent causes a system or network resources become unavailable to legitimate users or causes services to be interrupted or delayed. This attack usually blocks everyone on the network including the attacker himself. This can be achieved by jamming the radio signal that sending out from the station. Denial of service uses IP address to flood the network and interrupt the communication between the users. By installing firewall and monitor the packets will help to solve this attack faster if it is happen.
(Trung Nguyen, 2009)
Client device security
Devices that connected to the WiMAX system must be really secure to ensure the security posture on the system. The security implementation on client device are based on the deviceâ€™s types, operating system, applications, the data that it handles and accesses, and possible threats that may appear on that devices.
Below are the security considerations for client device:
Personal firewalls are software that used to protect the client wireless network from attacker because wireless networks do not have the protection as wired networks. Personal firewalls can be configured according to the needs to detect new threats or any other problems that occurs on the networks.
Host-based intrusion detection and prevention system (IDPS)
Host based intrusion detection and prevention system are used to monitors and analyzes the packets that traverse along the network, it create a logs to make reports or block suspicious activity which is not on the logs.
Antivirus or antimalware software can prevent the viruses, worms or other malware to spread along the network devices. Each client devices must have appropriate software installed and simultaneously update to prevent from malware threats.
IEEE 802.16 radio management
Users should disable the IEEE 802.16 wireless radio by default when there is no business need of this radio signal.
Client device should be configured according to the policy to prevent it from connecting to more than one network at the same time.