WEP and WPA

Posted by on Apr 30, 2011 in Information Technology, Security

Clutterbuck, Rowlands, and Seamons offer a number of confidentiality ideas for improving data security on wireless local area networks (WLANs). Small to medium enterprises (SMEs) use WLANs as a means to for deployment of new assets and to communicate with the employees that are roaming.

As with any wireless technology, there are a number of vulnerabilities intrinsic with the service. Wireless systems rely heavily on the IEEE standards as a means for handing data and with the standard comes a built-in solution for security known as wired equivalent privacy (WEP). WEP is a simple way for deploying a shared method of authentication.

But obviously this may cause issues as the WEP key is shared with users. Another form of protection with Wi-Fi Protected Access (WPA) has a higher level of security but was closely similar to WEP.

The authors also discuss a number of additional link-layer encryption one being Temporal Key Integrity Protocol (TKIP) and the other is CBC-MAC Protocol (CCMP). In the technical design of the network, the wireless security is only as strong as the wires and system it runs along. It is recommended to use HTTP security as a redundant method for protecting the data as it runs through the network.

Clutterbuck, P., Rowlands, T., & Seamons, O. (2007). Auditing the data confidentiality of wireless local area networks. Electronic Journal of Information Systems Evaluation, 10(1), 45-56.

A. Chris TurnerAbout the Author: Chris Turner is also known as ChocolateSEO. CSEO is Chris' Nashville search marketing and consulting service offering a variety of services to help you, your company and any website maximize web-based marketing opportunities. He is the father of three girls, one boy (finally) and husband to the wonderful Savannah. Join the author's circle: Chris Turner on Google+.