- New attack fells Internet Explorer
- Steve Jobs is a man of a few words
- Oddball gifts for uber geeks
- Global warming research exposed after hack
- Google adding IPv6 to YouTube
The Wi-Fi Alliance has expanded its WPA2 certification program to include a tool for secure handoffs between Wi-Fi and 3G networks, as well as an authentication system that uses multiple secured tunnels.
WPA2 (Wi-Fi Protected Access 2) is the most advanced security standard for Wi-Fi. The WPA2 certification program already included five other EAP (extensible authentication protocol) methods. The Wi-Fi Alliance tests routers, access points and client devices for interoperability using certain protocols and certifies them with its logo.
The newly added protocols, EAP-AKA (Authentication and Key Agreement) and EAP-FAST (Flexible Authentication via Secure Tunneling), are designed to better secure enterprise Wi-Fi LANs.
EAP-AKA was developed by the 3GPP (Third-Generation Partnership Project), the main standards body for 3G networks, and has been in use for a few years on both UMTS (Universal Mobile Telecommunications System) and CDMA2000 (Code-Division Multiple Access) networks. It allows for the handoff of calls between cellular and Wi-Fi networks using a single user identifier. As more mobile phones are equipped with Wi-Fi and more laptops and netbooks gain cellular data capability, having a standard way to shift calls from paid carrier networks to free Wi-Fi could be valuable, especially in enterprises that have rolled out Wi-Fi across their offices.
Cisco Systems created EAP-FAST several years ago as a replacement for its LEAP (Lightweight EAP), which was found to be vulnerable to certain types of attacks. Those included "dictionary" attacks, so-called because they generate a series of likely guesses at the network's decryption key or passphrase. EAP-FAST is now an open international standard.
For the next 90 days, support for the two newly added EAP types will be optional in WPA2-certified products, said Edgar Figueroa, executive director of the Wi-Fi Alliance. After that, WPA2 certification will require support for all seven EAP types, except in certain special cases. Any product that gets a firmware upgrade after the grace period will have to be re-certified under the new requirements, Figueroa said.
Partner Content
www.bmc.com
Gartner 2009 Magic Quadrant for Job Scheduling
Gartner has positioned BMC CONTROL-M in the Leaders Quadrant of their "2009 Magic Quadrant for Job Scheduling." The report assesses the ability to execute and completeness of vision of key vendors in the marketplace. Read a full copy today, courtesy of BMC Software.
Download whitepaper
Dell's SMART Approach to Workload Automation
Read a compelling case study by EMA, Inc. to learn how Dell uses BMC CONTROL-M to cut cost and increase productivity with workload automation.
Download whitepaper
Workload Automation Cost Savings 2 Minute Video
A major computer manufacturer uses BMC CONTROL-M and just four people to schedule and run over 85,000 jobs every month. By switching to BMC CONTROL-M, they more than quadrupled the workload without adding a single staff member. See how in this 2-minute video overview.
Go to video
Comment