WiMAX security issues - Network World

Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Wireless & Mobile

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Q&A: Firetide CEO Bo Larsson. Listen now!

Network World Panorama

Wireless mesh standard gets boost; New BlackBerry debuts. Listen now!

Network World 360

Additional Resources

RSS

FEATURED WHITEPAPERS

Endpoint Security: Data Protection for IT, Freedom for Laptop Users Absolute Software

The movement towards laptop computers has fueled an unprecedented number of data breaches. For IT and Information Security, encryption and training has proven ineffective against careless users and insider threats. This paper discusses these limitations and explains how endpoint security allows remote deletion of sensitive data, tracking of computers outside the network and the physical recovery of missing computers. Learn how you can ensure mobile data protection regardless of end-user interference.

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

RSS

FEATURED WEBCASTS

Discover how to Create an Orchestrated Data Center through Virtualization Novell

IT professionals like the idea of consolidating hundreds of servers into only a few, but it takes a lot more to cost effectively consolidate and virtualize servers. Watch this six-chapter webcast, "Reduce Complexity and Cost - Windows Server Consolidation with Virtualization" to learn how to effectively consolidate your Windows environment. One of the themes explored includes the characteristics of an orchestrated data center, which includes: Resource management, dynamic provisioning, job management, policy management, accounting and auditing and real-time availability. Learn more about orchestration and much more today. Register below to learn more and be entered to win an Archos 605 Portable Media Player.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

botnets dont make ur comp slow- Anonymous

Join the Discussion

WiMAX security issues

Wireless Security By Joshua Wright , NetworkWorld.com , 12/11/2006
  • Social Web 
  • Email 
  • Feedback 
  • Close

What are the possible security risks associated with deploying and using WiMAX?

WiMAX is the much-anticipated broadband wireless access mechanism for delivering high-speed connectivity over long distances, making it attractive to Internet and telecommunications service providers. Designed by the IEEE 802.16 committee, WiMAX was developed after the security failures that plagued early IEEE 802.11 networks. Recognizing the importance of security, the 802.16 working groups designed several mechanisms to protect the service provider from theft of service, and to protect the customer from unauthorized information disclosure.

Authentication

A fundamental principle in 802.16 networks is that each subscriber station (SS) must have a X.509 certificate that will uniquely identify the subscriber. The use of X.509 certificates makes it difficult for an attacker to spoof the identity of legitimate subscribers, providing ample protection against theft of service. A fundamental flaw in the authentication mechanism used by WiMAX's privacy and key management (PKM) protocol is the lack of base station (BS) or service provider authentication. This makes WiMAX networks susceptible to man-in-the-middle attacks, exposing subscribers to various confidentiality and availability attacks. The 802.16e amendment added support for the Extensible Authentication Protocol (EAP) to WiMAX networks. Support for EAP protocols is currently optional for service providers.

Encryption

With the 802.16e amendment, support for the AES cipher is available, providing strong support for confidentiality of data traffic. Like the 802.11 specification, management frames are not encrypted, allowing an attacker to collect information about subscribers in the area and other potentially sensitive network characteristics.

Availability

WiMAX deployments will use licensed RF spectrum, giving them some measure of protection from unintentional interference. It is reasonably simple, however, for an attacker to use readily available tools to jam the spectrum for all planned WiMAX deployments. In addition to physical layer denial of service attacks, an attacker can use legacy management frames to forcibly disconnect legitimate stations. This is similar to the deauthenticate flood attacks used against 802.11 networks.

1 | 2 |  Next >
Comments (1)
Login
Forgot your account info?

WiMAX security issuesBy Anonymous on December 11, 2006, 4:26 amI found it fascinating and so useful. I think more details were needed here to be discussed about. Anyway, I believe it can help a lot. Ali Saghaeian antoni_maximilliano@yahoo.com http://wimax.persianblog.com Re:...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code