End-to-end secure communication environment for wireless mobile devices

by

Acknowledgement

I would take this opportunity to thank my research supervisor, family and friends for their support and guidance without which this research would not have been possible.

DECLARATION

I, [type your full first names and surname here], declare that contents of this dissertation/thesis represent my own unaided work, and that dissertation/thesis has not previously been submitted for academic examination towards any qualification. Furthermore, it represents my own opinions and not necessarily those of University

Signed __________________ Date _________________

Abstract

In this paper, we will study two end-to-end security sustained protocols. A commerce applied security protocol, Wireless Transfer Layer Security (WTLS), and a learned suggested security protocol, Integrated Transfer Layer Security (ITLS) will be introduced. The present specification of WTLS does not supply total end-to-end security because WTLS-enabled entrance will leak plaintext throughout facts and numbers transmission to server. ITLS was conceived founded on repairing WTLS security holes. An evaluation of ITLS and WTLS illustrates that ITLS presents more powerful defence in entrance and boasts a more protected conduit than WTLS. Unlike in WTLS, where server trusts entrance, purchasers are ITLS security colleague of server in ITLS. All encryption and decryption will be increase two-fold on client-side. Due to restricted asset on purchaser edge (mobile devices), ITLS will present slower than WTLS. We suggest a changed ITLS that will boost ITLS presentation in supplement to supplying identical security grade as present ITLS. An implementation for WTLS is furthermore presented subsequent in paper.

Table of Contents

Chapter 1: Introduction6

Wireless Security8

Identifying Assets and Vulnerabilities to Known Threats13

Overview of Wireless Technologies13

Wireless Technologies and Standards14

Chapter 2: Literature Review16

Security Features of IEEE 802.1122

Identifying Likely Attack Methods, Tools, and Techniques22

Establishing Proactive and Reactive Strategies23

Testing23

For Each Type of Threat24

Threats to networks24

Method of Attack24

Proactive Strategy25

Determine Possible Damage Resulting from an Attack25

IEEE 802.11 Security17

Strength and Weakness of Security standards19

Chapter 3: Methodology27

Security Wireless Ad Hoc Network27

Routing Protocols27

Proactive Routing Protocols28

Wireless Routing Protocol (WRP)29

Cluster Gateway Switch Routing Protocol (CGSR)29

Global State Routing (GAR)29

Fisheye State Routing (FSR)29

Associativity-Based Routing (ABR)30

Routing Protocol Security30

Encryption30

Authentication31

Authentication-Encryption31

Exposure Of Wireless Devices31

Different Types Of Encryption Wireless Lan32

Chapter 4: Conclusion34

Security Risks and Technical Challenges35

Secure Your Wireless Network35

SSID (Service Set Identifier)36

Assessing Threat37

Defaults39

Denial-of-service40

References42

Chapter 1: Introduction

While it may be difficult to imagine a world without Blackberries, iPhones, or latest Bluetooth device, many IT departments are still playing catch-up in terms of security policies surrounding use of wireless technologies and mobile devices in workplace. In fact, according to a 2007 study by research firm Coleman Parkes, more than 60 percent of chief information officers interviewed report an increased use of company-supplied mobile devices. However, these organizations are having a hard time managing use of these applications. This article provides a high-level overview to help internal auditors understand terminology, environment, and some of potential areas of concern when performing an audit involving wireless technologies.

It establishes a foundational background to assist in developing deeper technical knowledge necessary to audit wireless environments. HOW WIRELESS ACCESS WORKS There are numerous modes to attach wirelessly to Internet and its diverse enterprise and individual networks — from utilising low-frequency wireless ...