|
|
Programming Help |
Homework Help |
Counseling Astrology Advice | Tarot Advice | Parenting Dating Advice | Love Advice | Divorce Advice Legal Advice | Debt Advice | Career Advice W IRELESS N ETWORK S ECURITY 4-7 security is not possible without providing higher layer security solutions on top of Bluetooth. In the example provided, security services are provided between the PDA and the printer, between the cell phone and laptop, and between the laptop and the desktop. Briefly, the three basic security services defined by the Bluetooth specifications are the following: ! Authentication--A goal of Bluetooth is the identity verification of communicating devices. This security service addresses the question "Do I know with whom I'm communicating?" This service provides an abort mechanism if a device cannot authenticate properly. ! Confidentiality--Confidentiality, or privacy, is another security goal of Bluetooth. The intent is to prevent information compromise caused by eavesdropping (passive attack). This service, in general, addresses the question "Are only authorized devices allowed to view my data?" ! Authorization--A third goal of Bluetooth is a security service developed to allow the control of resources. This service addresses the question "Has this device been authorized to use this service?" As with the 802.11 standard, Bluetooth does not address other security services such as audit and nonrepudiation. If these other security services are desired or required, they must be provided through other means. The three security services offered by Bluetooth and details about the modes of security are described below. Also worthwhile to note, Bluetooth provides a frequency-hopping scheme with 1,600 hops/second combined with radio link power control (to limit transmit range). These characteristics provide Bluetooth with some additional, albeit small, protection from eavesdropping and malicious access. The frequency- hopping scheme, primarily a technique to avoid interference, makes it slightly more difficult for an adversary to locate the Bluetooth transmission. Using the power control feature appropriately forces any potential adversary to be in relatively close proximity to pose a threat to the Bluetooth network. 4.3.1 Security Features of Bluetooth per the Specifications Bluetooth has three different modes of security. Each Bluetooth device can operate in one mode only at a particular time. The three modes are the following: ! Security Mode 1--Nonsecure mode ! Security Mode 2--Service-level enforced security mode ! Security Mode 3--Link-level enforced security mode In Security Mode 1, a device will not initiate any security procedures. In this nonsecure mode, the security functionality (authentication and encryption) is completely bypassed. In effect, the Bluetooth device in Mode 1 is in a "promiscuous" mode that allows other Bluetooth devices to connect to it. This mode is provided for applications for which security is not required, such as exchanging business cards. In Security Mode 2, the service-level security mode, security procedures are initiated after channel establishment at the Logical Link Control and Adaptation Protocol (L2CAP) level. L2CAP resides in the data link layer and provides connection-oriented and connectionless data services to upper layers. For this security mode, a security manager (as specified in the Bluetooth architecture) controls access to services and to devices. The centralized security manager maintains polices for access control and interfaces with other protocols and device users. Varying security polices and "trust" levels to restrict access may be defined for applications with different security requirements operating in parallel. Therefore, it is possible |
Find more freelance jobs
|
