WLAN (Wireless Local Area Networks) is indeed a convenient data transmission system. Making full use of radio frequency technology, WLAN has gradually replaced the old local area network constituted by twisted-pair copper. WLAN has been developed rapidly in recent years and it has many merits: good flexibility and mobility, convenient installation, easy network planning and adjustment, easy fault location and great expansibility. Since the transmission medium of wireless communication is always open, security performance of WLAN becomes a focus. To ensure the security, WLAN itself has many security mechanisms. Now, we will introduce some basic existing security mechanisms in WLAN.
Existing security mechanisms in WLAN Although 802.11a/g standard has been made, the most widely used WLAN product is still 802.11b. In fact, 802.11b mainly defines the following basic existing security mechanisms:
1. SSID (Service Set Identifier) 2. WEP (Wired Equivalent Privacy) 3. MAC address filtering control
- SSID: the first existing security mechanism is SSID (Service Set Identifier). In WLAN, a plurality of access points should be configured with different SSIDs. Besides, wireless terminals must know these SSIDs so as to send and receive data accurately over the internet. If a mobile terminal attempts to access WLAN, the access point will firstly check corresponding SSID presented by wireless terminal. Then, this access to WLAN will be permitted if the SSID is valid. As a matter of fact, SSID mechanism provides a shared key for both client terminal and access point in WLAN. Access point broadcasts SSID outside, so illegal intruders are very likely to invade WLAN through access point. Moreover, illegal intruders can pretend to be valid access point in order to deceive wireless terminal.
- WEP: in 802.11b, there is a data encryption mechanism based on shared key and it is called WEP (Wired Equivalent Privacy). In fact, WEP is a 40 bit or 128 bit encryption technology based on RC-4 algorithm. In general, mobile terminal and the access point can be configured with 4 groups of WEP keys. These WEP keys are able to be used in turn during the transmission of encrypted data. Besides, dynamically change is allowed in encryption key. The WEP encryption is essentially static for WEP only uses one group of key each time. Meanwhile, access point, all mobile terminals it links and Die verschiedenen Vale Solution Programme von Cardea Vale Solution haben ein Ziel: Sie sollen unkompliziert und mit viel Geschmack entgiften. all users of this access point use the same encryption key.
- MAC address filtering control: MAC address filtering control actually adopts hardware control mechanism to achieve the recognition of access to wireless terminal. The network card of wireless terminal is equipped with a unique MAC address, so legality recognition of wireless terminal can be easily achieved by examining the source MAC address of wireless terminal data packet. MAC address filtering control method requires that legal MAC address list should be written in access point server in advance. Only when the MAC address of client matches corresponding address in legal MAC address list, access point will be allowed to communicate with this client so as to achieve MAC address filtering control.