Abstract
Wireless access points—whether fixed, mobile, or hybrid—have proliferated in the 21st century. Using them responsibly is essential to ensure the confidentiality, integrity, and availability of our communications content and networks.
Successful communication over wireless devices relies on common understanding about the processes or layers involved in interconnection, defined as the open systems interconnection reference model. It also relies on agreement over the rules of engagement, which correspond generally to the way we negotiate the spoken or written language rules: the allocation of radio spectrum frequency bands, identification of devices sending or receiving communications, message packet formation and syntax, and so forth.
A number of standards the organizations operate at the global, country, and industry-specific levels. The organizations with particular significance for wireless communications are discussed here, in addition to the family of standards currently used for wireless interconnectivity.
Keywords
Interconnectivity; wireless; wireless communications; 802.11; wireless security; international standards; Wi-Fi; Bluetooth; SCADA; OSI; NIST; ITU; IEEE; 3GPP; ETSI; Wi-Fi Alliance
The Wonder of Wandering Signals
Alien Harry Solomon (played by French Stewart) experienced minor convulsions whenever the chip implanted in his brain started to transmit an “Incoming message from the Great Big Head” in the TV show 3rd Rock from the Sun. How 20th century! The March 2012 South by Southwest (SxSW) Interactive Conference in Austin, TX, introduced homeless human beings as wireless access points. Encountering challenges with your wireless signal? Just “log onto” a human wearing a T-shirt that says, “I’m a 4 G hotspot.” No alien force needed. How 21st century!
Outrageous? Yes. These human wireless access points anticipated receiving $2 per 15-minute signal negotiation (the recommended donation). How many of us would choose to become wireless access points for $8 an hour? How many of us would mindlessly opt to become transmitters for convenience? How many of us already have?
Any device that transmits and receives data wirelessly is, by definition, a wireless access point or transceiver. Consider the number of transmitters we use. There are, of course, the usual suspects: mobile phones, laptops, US passport cards (since 2008), digital navigation systems, printers. On top of that, applications for Bluetooth and Radio Frequency Identification (RFID) technologies continue to multiply: athletic shoes, heart rate monitors, fitness sensors, cameras, printers, headsets, and so on. Gartner, Inc. forecast a 30% increase in the number of connected things from 2014 and 2015, to 4.9 billion, with another 20 billion coming online by 2020.1 Even more exuberantly, Juniper Research published a report forecasting that 2020 would actually see more than 38 billion attached units.2 Cisco has suggested 50 billion attachments, generating some $8 trillion worldwide in value at stake through “innovation and revenue ($2.1 trillion), asset utilization ($2.1 trillion), supply chain and logistics ($1.9 trillion), employee productivity improvements ($1.2 trillion), and enhanced customer and citizen service ($700 billion).”3 The Internet of Things (IoT), possibly even the Internet of Everything (IoE), belongs among the top 10 critical IT trends into the next decade.
Industrial, governmental, and individual applications are proliferating—as are concerns about how to protect applications and users—especially given links of connections and ad hoc data connections created unintentionally. It is one thing to transmit information about one’s own identity or behavior. It is more concerning when we transmit information about or from others, especially if that transmission is unconscious. By essentially leaving our personal or our organization’s Internet access open—for example, by not implementing sufficiently strong security on wireless routers, by leaving Bluetooth devices in a discoverable mode, or by allowing bridging traffic between networks—we can enable irresponsible behavior by others who use our legitimate, but open, wireless subscription services. We not only expose ourselves and our organizations, but we become the “legitimate” wireless access point for another who may be pursuing illicit Internet activities, activities rendered more anonymous by piggybacking on our valid signals.
Mobile devices are widely characterized as another attack surface. This understates the reality: Mobile devices are frequently attach surfaces; information attaches to them informally in ad hoc network configurations; devices can then tunnel in and attach to more formal information networks. The conceptualization of an attack surface does not fully capture the complications inherent in mobile devices. The term “surface” resonates with more two-dimensional perimeter models, in which the internal or trusted environment is clearly differentiated from the external or untrusted environment. Mobile devices behave more like skin, however: porous, capable of two-way transmissions, and composed of multiple layers. They operate in free space, and so are more elusive and more pervasive than just another attack surface.
And like skin, mobile devices and wireless systems generally can be compromised at different levels and yet can be made more resilient to certain environmental conditions than some fixed, hardwired devices and systems. Mobile devices can also be observed for early symptoms indicating that the entire system of information connectivity, wired and wireless, is gone amiss. They gather information as well as communicate it. And as with skin, wireless security begins with good, basic hygiene.
Just because it is wireless does not mean it is unconnected, wherein lie risk and opportunity. The “radio” aspect of wireless is where some trouble begins. Adapted from the Latin root for “radiate,” the word itself captures one-half of the essential nature of radios and other devices that incorporate radio wave technology: They broadcast or transmit electromagnetic signals that announce “I’m here.” Radio is a chatty medium. In terms of security appetite, it tends to the permissive/promiscuous side, rather than the prudent/paranoid.
The other piece of the essential nature of wireless devices is that they can also receive electromagnetic signals. In that transmission/reception pairing is the opportunity for interference, whether from changes in power line signals (e.g., when turning on the light in the TV room interrupts the signal from the exterior-mounted antenna), competing frequencies (e.g., the crosstalk heard over cell phones), eavesdropping, interception, or loss of signal strength. Such interference can be incidental, annoying, ephemeral, or malicious. In the latter case, interference can be deliberately used to capture or divert signal content, compromise signal capacity, discover vulnerabilities in the transmitting system, and otherwise interrupt communication signal flow, including the sending of misleading feedback or communication content.
I remember as a child in the mid-1950s that our black-and-white Magnavox TV could not compete with the electric Mixmaster in the kitchen. Mashed potato preparation meant that Lassie’s canine grace was reduced to audio static and visual turbulence. Portable TVs were not easily moved without a TV cart, and frequent adjustments of the rabbit ear antennae were required. My sisters and I took turns changing stations, acting as remote controler for our parents and grandparents while they checked for programs being broadcast in color. And receiving a transistor radio for Christmas meant that I could, magically, enjoy music wherever I walked (after I found static-free stations).
Now in the mid-2010s, my granddaughter casually picks up my smartphone and downloads games, shares photos, and streams music videos without questioning that things should be otherwise. Meanwhile, I worry about whether she understands that some games will volunteer information about my phone and its configuration, that not all websites are safe, and that her musical preferences might be shared with marketers (along with my business contact information). Were I using my phone to access the university’s network or my clients’ financial information, I would be even more concerned. Were my granddaughter older, I would be worried about smart cars (training smarter drivers seems more desirable to me) and smart highways.
Closet Luddite though I may be, I am nonetheless delighted that the technology that enables the portability of devices and the mobility of information can promote productivity, learning, medical successes, public safety, entertainment, and general social value. At the same time, it’s evident that the technology to subvert those good outcomes may be developing at an even faster pace. To paraphrase Symbolist poet William Blake, the road of wireless access leads to the palace of rueful wisdom for the unprepared cyber traveler.
This book is about preparing our organizations, our governments, and ourselves for making good connectivity choices. We need to develop thicker (or at least more resilient) skin, as it were. We can define how, when, and what we want to communicate to others through shared, especially wireless, connections. In many cases, we can use technology to implement those decisions more efficiently and, as organizational leaders, to substantiate that we have made acceptable, reasonable, and responsible decisions to protect our constituents, clients, and business partners. Protection will not be perfect; those with malicious intent, like Deuteronomy’s poor, “will never cease out of the land.” We can, however, become less successful targets for hacking. To do this, we must determine first to understand what our security negotiating position is, collect only what information we need, communicate only what data we must, use only the wireless services that support our current activities, and protect signals and systems prudently (but not paranoically).
Wireless Devices, Simplified
Our wireless devices are wonders to behold. Consider a typical smartphone. It is first and foremost a computer with an operating system. As with any computer, the rules of security hygiene apply: Keep your operating system up to date, use anti-virus (AV) software, and do not use easily guessable passwords.
The smartphone typically supports one or two technologies associated with the mobile carrier, a Wi-Fi connection so the smartphone can use a home network or commercial hotspot (in order to save minutes or megabytes associated with mobile carrier limits), and a Bluetooth connection to support a wireless headset and hands-free communications while operating an automobile or treadmill.
How does a smartphone vendor know what features to provide in its products? It reviews a set of technology standards with its mobile carrier partners to determine what features are mandatory for the product to function and what features provide a competitive advantage to the vendor. We will talk about technology standards in the next section.
With few exceptions, users typically refuse to pay more for devices with additional security features. Vendors and carriers may have security features turned off or set to minimum capabilities out of the box so that naïve users do not complain about being unable to access certain sites or features. This means that we as individuals and corporate or governmental staff must determine how to use mobile technology responsibly and in compliance with prevailing policy in our respective environments. We can determine what security features our smartphone has and what settings provide the appropriate security for our devices.
The Telecommunications Standards Landscape
Telecommunications standards are important in that they provide a mechanism that allows interoperability—a common vocabulary, in effect—and thus enables competition among device manufactures and carriers. Without standards, a user may conceivably need to have a device for each network or function within a network.
There are a number of international, regional, and country-specific standards bodies and consortia that contribute to the standards making process. Since the technology is constantly evolving, a key role of the standards organizations and consortia is to specify the functionality of existing and future standard releases.
At the international level exists the International Standards Organization (ISO) and International Telecommunications Union (ITU). The ISO is a nongovernmental body composed of the standards organization of member countries. The ITU specializes in information and communications technologies (ICTs), and has governmental (voting) members as well as nonvoting members such as carriers, equipment and software vendors, and international and regional telecommunications organizations.
Regional standards organizations include European Telecommunications Standards Institute (ETSI) and the Alliance for Telecommunications Industry Solutions (ATIS) in North America. ETSI is responsible for the standardization of ICTs within Europe; meanwhile, ATIS performs a similar function for the United States. Within the United States, the National Institute of Standards and Technology (NIST) is the federal agency that works with the telecommunications industry to articulate applied technology measurements and standards.
A number of consortia are responsible for development of telecommunications technical standards. These include the Third Generation Partnership Project (3GPP), the Internet Engineering Task Force (IETF), and the Institute of Electrical and Electronics Engineers (IEEE). 3GPP is responsible for a number of mobile (cellular) technologies. IETF is responsible for a number of the protocols used in both wireless and wireline networks. IEEE is responsible for a number of local area network (LAN) technologies, including Wi-Fi and Bluetooth.
All standards organizations and consortia consist of subgroups that focus on specific aspects of the technologies, such as functionality, provisioning and operational considerations, interoperability testing, and security. Organizations like the IEEE can be assisted by forums devoted to specific technologies, such as the Wi-Fi Alliance.
Specific organizations and consortia of interest to the exploration of protecting wireless access points from hacking have established rules of engagement based on a shared understanding of key factors (i.e., processes or layers) at play in interconnecting any two communicating devices.
Telecommunications Rules of Engagement
The ISO has provided a key standard for use in our discussions: the Open Systems Interconnection (OSI) model. The model is composed of seven layers:
1. Physical: The mechanisms for a device to attach to the media and to communicate over the media.
2. Link: The mechanisms for a device to identify (address) other devices on the media and to communicate with these devices.
3. Network: The mechanisms for a device to identify (address) other devices on different networks and to communicate with these devices.
4. Transport: The mechanisms to provide different quality of service (QoS) capabilities to applications, such as packet loss or recovery.
5. Session: The mechanisms to identify the start and end of a conversation between two devices.
6. Presentation: The mechanisms to help applications present the context of the messages being sent (e.g., converting a web page to fit on a smartphone screen).
7. Application: The programs and functions that use the communications.
Based on the application, the transport layer determines the protocol used to send the packets to the destination. Device B may expect packets in order with no loss, or may be willing to accept packets in any order with packet loss. The transport layer may also determine whether the packets need to be resized to send over the network. These packets are then passed to the network layer. The network layer applies the appropriate network addresses (typically Internet Protocol or IP addresses) to the packets and sends the packets to the link layer. The link layer applies the appropriate link addresses (typically Media Access Control or MAC addresses) to the packets and transmits the packets over the physical layer.
The advantage of OSI layering approach is that one layer can be modified and upgraded to take advantages of newer technology without impacting the functioning of the other layers. This is why web browsing works over cable connections, Wi-Fi, and on mobile phones. The disadvantage of the OSI layering approach is that each layer has security risks (e.g., phishing attack at an email application, telephone number spoofing at the session layer, transmitting device identification information in the open at the link layer). We will discuss these security risks in later chapters.
The ITU is celebrating its sesquicentennial. Established in 1865 as the International Telegraph Union, it is the oldest international organization and, since 1947, has been the United Nations agency that specializes in ICTs. ITU is “committed to connecting all the world’s people” and performs by allocating radio spectrum and satellite orbits, developing technical interconnectivity standards, and promoting ICT benefits among underserved populations.
Pertinent to our discussions, ITU has proposed a defense-in-depth approach for communications systems that covers three distinct planes of network activity—management, control, and end-user—that must be protected to achieve eight security objectives at the different layers of the OSI stack, which it groups as infrastructure, services, and applications. In its Recommendation X.805 for security architecture, the objectives identified are access control, authentication, nonrepudiation, data confidentiality, communication security, data integrity, availability, and privacy.4
Communications media (e.g., copper, cable, satellite, optical, radio) and network topologies differ inherently in how the identified security objectives can be realized. Signals transmitted over copper, for example, are more conducive to communication security without additional security mechanisms than are signals transmitted via radio waves. Network topologies also differ inherently in how well they support end-to-end security in communications along all dimensions. Point-to-point connectivity, for example, is highly conducive to achieving privacy objectives, but is vulnerable to single point of failure issues, thus compromising the availability objective unless redundancy is provided.
Anyone who has traveled to Europe with a US-based mobile phone has had the experience of choosing how (or whether) to manage service coverage while there to accommodate GSM service preferences. Interoperability of systems that span governmental jurisdictions is abetted by cooperation between standards organizations and commercial industry. ETSI is one of the key certifying bodies for wireless standards like GSM. Other kinds of global services under development—smart grid, for example—are coordinated through standards organizations that include NIST (USA) and the European Union’s Smart Grid Coordination Group (SG-CG). The latter represents private sector standards organizations: ETSI, the European Committee for Standardization (CEN), and the European Committee for Electrotechnical Standardization (CENELEC).
Wireless Communications Rules of Engagement
Basic wireless functionality is enabled when a radio device, at once receiver and transmitter, announces its presence to make a connection. Along the wireless spectrum, frequencies vary in wavelength, signal intensity, error rate, mobility, and broadcast cone. How, then, is connection negotiated? As mentioned earlier interference from other systems and devices can be an issue in wireless systems, as can problems with interoperability. The latter is one of the challenges encountered by ad hoc teams of public safety or rescue personnel from different jurisdictions (in the United States, that would mean from different counties or states, as in a firefighting or natural disaster situation) when they assemble under emergency conditions and experience incompatible radio signaling.
Standards organizations convene technical researchers and practitioners to establish common approaches, as do some industry consortia. The three main groups of interest with respect to wireless communications are 3GPP, IETF, and IEEE.
3GPP is the organization responsible for the standards associated with GSM, UMTS, and LTE technologies, as well as the future “5 G” technology International Mobile Telecommunications (IMT) 2020. According to its website,6 3GPP unites seven standards development organizations (including ATIS and ETSI) and provides them with an environment to produce 3GPP technology reports and specifications. The focus of 3GPP is on cellular telecommunications network technologies, including radio access networks, core transport networks, and the services using these technologies. 3GPP also provides specifications for connecting nonradio (i.e., wireline) access to the core network and Wi-Fi internetworking.
The IETF is an international organization open to anyone interested in understanding or progressing the architectures and technologies used in the Internet.7 Working group topics and discussions are mostly handled by mailing lists. Face-to-face meetings occur three times a year (typically in the Americas, Europe, and Asia); participants who cannot attend the meetings in person can access working group sessions through the Internet. The IETF is responsible for the standards associated with the IP suite of network, transport, and session layers. Many of the protocols developed by the IETF assumed a level of trust that could be exploited by hackers. Determining how to secure the protocols currently in use is one of the many efforts currently being worked on by the IETF.
The IEEE is the world’s largest organization for technology professionals, with more than 426,000 members (of whom US professionals represent less than half) and a presence in at least 160 countries. It was established in 1963 from the joining together of the American Institute of Electrical Engineers and the Institute of Radio Engineers, respectively founded in 1884 and 1912.8
The Wi-Fi Alliance, founded by a group of technology companies that helped pioneer higher speed wireless networking with the IEEE 802.11b specification (3Com; Aironet, a Cisco acquisition; Harris Semiconductor, now Intersil; Lucent, now Alcatel-Lucent; Nokia; and Symbol Technologies, now Motorola),9 has grown to include more than 600 leading global technology companies whose shared vision is “Connecting everyone and everything, everywhere.”10 With some two billion Wi-Fi devices sold in 2013 and at least 25% of homes worldwide Wi-Fi-enabled, the Alliance continues to build on the IEEE 802.11i foundational work for securing transmissions by incorporating both encryption and authentication mechanisms into the replacement, partial security solutions to wireless equivalent privacy (WEP) for Wi-Fi protected access, WPA and WPA2.
WEP is part of the original 1997 802.11 standard for wireless networking. The increase in processing speeds, which averaged about 25% annually between 1997 when the standard was first ratified until 2002, has a twofold significance. On the one hand, more complex encryption algorithms can be implemented without an unacceptable compromise in performance. On the other hand, tools for breaking encryption are also more sophisticated, fast, and accessible. An encryption algorithm deemed acceptable in 1997 is now considered too easily broken.11
Additional security solutions should be layered into the nonresidential Wi-Fi environment, in particular, to address casual (or malicious) signal detection from the access points and the connecting devices, as well as the unauthorized deployment of wireless access points (also known as rogue access points). Given the existence of easily accessible tools for identifying information broadcast about the service set identifier (SSID) and MAC address, organizations should determine whether applying security controls to those potential exposure points will deliver the anticipated risk mitigation.
IEEE 802 Categories for Networking Standards
The IEEE networking standards continue to evolve to reflect technological and behavioral changes since the initial working group for IEEE Standards Project 802 meeting was convened in October 1979. There were significant expansions in the 2014 version to reflect the increasingly varied use of interconnected wireless technologies. Networks described by the IEEE 802 standards, from least to most geographically extensive, are the personal area network (PAN), local area network (LAN), wide area network (WAN), metropolitan area network (MAN), and regional area network (RAN).12
The wireless discussion covers those networks and devices that communicate over “free” space, rather than through fixed (e.g., optical fire, copper wire, cable) facilities. The wireless and wired networks do not exist in strictly parallel universes, of course. Signals travel over a variety of channels; wired and wireless worlds can converge in the course of a single communications transmission. Therein lies a key challenge for building resilient, secured, and assured communications: It is essential that the specific properties, including vulnerabilities, of each communication medium (copper, cable, radio, or optical) transmitting or receiving a specific signal be understood.
The reference model used by IEEE 802 is based on the lowest two layers of the familiar seven-layer OSI reference model, the physical and data link layers. The standard further divides the data link layer into the MAC and logical link control sublayers. Although creation of a technical advisory group with a focus on 802 security has been proposed, at present only four of the 802 family branch standards include discussions of security, as noted in Figure 1.1. Specific considerations for wireless networking functionality is captured in five IEEE 802 standards:
Wireless LAN or Wi-Fi (802.11x)
In the LAN articulation, the 802.11 protocol family displays different characteristics that are relevant to a variety of communications scenarios. These standards address wireless management functions: configuration, fault, performance, security, and accounting. The general characteristics of different 802.11 connectivity standards are indicated in Table 1.1, which captures hypothetical as well as typical data transmission rates achieved. These rates vary according to signal strength and are affected by distance traveled, environmental factors, frequency band noise, and service-level configurations (e.g., encryption, authentication, or authorization processes). Other standards have been defined for robust audio video streaming (802.11aa) and television white space (TVW) operation (802.11af).
Currently the most common new wireless network infrastructure deployments follow 802.11g and 802.11n, although legacy deployments may include 802a and 802b. The recently ratified (late 2013) 802.11ac standard has the potential for impressive throughput and is being built into mobile user devices, but its actual performance is dependent on the capacity of the wireless routers and access points to which devices are connected. Routing through devices that perform at a lower level degrades the hoped-for performance of higher-end devices. In addition to transmission and connectivity standards within the 802.11 standards family are security protocols like 802.11i and 802.11w-2009. The latter standard addresses prevention of incidents like denial of service (DoS) attacks through additional encryption security features. Information about the official IEEE 802.11 timeline for working groups assigned to specific projects is available through the IEEE website.15
Wireless MAN or WiMAX (802.16)
Originally known as worldwide interoperability for microwave access, WiMAX is not now considered an acronym but, rather, the trademark for the private sector industry trade association, WiMAX Forum. The technology refers to large WMANs, usually managed by an Internet service provider (ISP), government entity, or business. Examples of a business delivering WiMAX services would be a hospital in a large, somewhat rural area that offers area businesses and residents broadband access over the infrastructure that it is building for connecting with medical offices throughout the region. WiMAX specifies two basic security services: authentication and confidentiality (viewing data messages is restricted to authorized devices). More robust security is enabled through additional security services not specified in the standard. In addition to susceptibility to the same security challenges of 802.11 and wired networks, WiMAX networks are also vulnerable to various disruptions between WiMAX nodes, whether deployed as a nonline-of-sight or line-of-sight system.16
Wireless PAN (802.15)
WPANs are characterized by casual, ad hoc interconnections between devices typically in close range to one another (up to 33 feet for Class 2 devices like mobile devices and smart card readers and up to 3 feet for Class 3 devices like Bluetooth adapters for connecting a computer and keyboard or a mobile phone to a car’s speaker). Class 1 devices—for example, some USB adapters and access points—can operate over distances of up to 328 feet or about 100 meters, however.
Bluetooth devices do not necessarily connect on a one-to-one basis. One interconnectivity model is a piconet, which is composed of two or more Bluetooth devices within close physical proximity, operating on the same channel, and using the same frequency hopping sequence, as in the example of the Class 3 devices above. Bluetooth operates in the same frequency band as 802.11b/g networks, a fairly crowded band. Unlike 802.11b/g networks, which have fixed frequencies, Bluetooth employs frequency hopping spread spectrum (FHSS) technology for transmissions. Although this will not resolve transmission security concerns significantly, using FHSS does reduce transmission errors and signal interference. Transmission power is also negotiated between Bluetooth devices using radio link power control, whereby the devices gauge received signal strength and request that another device adjust its radio power level up or down.
Another Bluetooth networking topology is the scatternet, a chain of piconets in which a Bluetooth device may be designated as master in one piconet, but as a slave in one or more other piconets simultaneously. A specific device can only be master of one piconet and devices must have point-to-multipoint capability to participate in a scatternet.17 The dynamic topology created can change during a given session, depending on a device’s location or relationship with respect to the master device.
Although the Bluetooth specifications define several security modes, security controls are initiated at different points in the challenge–response handshake process, thus leaving connections potentially vulnerable. As with any wireless networking technology, Bluetooth connections are vulnerable to a variety of threats including DoS, eavesdropping, man-in-the-middle (MITM), message corruption, resource misappropriation, and spoofing. Because end-to-end protection cannot be assured, organizations and individuals should follow a practice of “use as needed/use when needed” and change manufacturer default settings that enable Bluetooth in mobile devices.
Authentication, confidentiality, and authorization are the three basic security services specified in the Bluetooth standard. Devices operate in one of four security modes, with Security Mode 1 on NIST’s do-not-use list because it offers no protection: A device in this mode is indiscriminate, although it will participate in security mechanisms if another device does the initiating. Security Mode 2 is enforced at the service level and allows for authorization; rules for access to some services and not others can be specified. In Security Mode 3, security procedures are initiated at the link layer, so prior to completion of the physical link, unlike Mode 2. Still, NIST recommends using service-level security as well to control for authentication abuse. Security Mode 4 uses Secure Simple Pairing (SSP) passing keys between devices, but because the security procedures initiate after the physical and logical links are established, and because Bluetooth v2.0 and earlier devices do not support the SSP feature, NIST recommends Mode 3.18
The Bluetooth Low Energy (BLE) guideline was released in 2010 in the Bluetooth v4.0 specification and, as its name indicates, is a power-saving technology that is especially useful in environments where availability is a high priority. It is also more expansive in terms of the number of slaves a master device can associate with in a piconet: unlimited, as opposed to the earlier versions’ limitation of up to 255 inactive slaves. BLE does not, on the other hand, support scatternet topology. BLE is embedded in smartphones, laptops, medical devices, sensors, and other applications that benefit from the technology’s key differentiators: lower power consumption, reduced memory requirements, efficient discovery and connection procedures, short packet lengths, and simple protocols and services.19 Wi-Fi Direct has been touted as a competitor to BLE on the basis of both data exchange rate speeds and operating distances.
Radio Frequency Identification (RFID)
Another significant wireless technology that now has implications for networking had its roots in World War II. Initially designed as a way of identifying aircraft as friend or foe, RFID is a form of automatic identification and data capture (AIDC) technology that uses radio wave spectrum to pass information between two objects: an identifying tag (like the inventory control devices used in retail stores or public libraries to reduce the likelihood of items leaving the premises undetected) and a reader (like the wands waved over ski passes in lift lines or an employee’s building access badge). Tags may be passive (no internal power supply), active (internal power supply), semi-passive (internal power supply for circuitry or sensor support, but not communication) or semi-active (internal power supply but dormant, not communicating, until energized by a reader).
Because they can be miniaturized, RFID tags can also be used to track living objects; one use encouraged by the US Department of Agriculture was to record which livestock had received hormones or medications so that dosages could be controlled without human error. (A more recent use is as microchips in pets: Dog tags are so 20th century.) Other early uses were for tracking hazardous cargo (e.g., nuclear materials) and vehicle location and other information. The latter led indirectly to the development of automated toll payment systems by a group of enterprising scientists from Los Alamos in the mid-1980s.20
As various industries recognized the applicability of RFID technology platforms to automate processes to manage, control, and audit key business functional areas—inventory, warranty, fleet, warehousing, facilities access, payment processing, antitheft, for example—information about RFID-tagged objects was increasingly transmitted over the Internet. Research labs opened by the Auto-ID Center developed associated interface protocols, an identification scheme for data (Electronic Product Code or EPC system), and network architecture. The Uniform Code Council licensed this technology in 2003, then joined with European Article Numbering (EAN International) to promote the technology and standards for use, ultimately merging into Electronics Product Code Global Incorporated (EPCglobal). The other standards body for RFID is the ISO. Along with the International Electrotechnical Commission (IEC), it has issued several standards that address recommended development and deployment:
RFID technology deployments are a key part of the IoT landscape, often crossing organizational boundaries to streamline processes within a supply chain, for example. Negotiating agreements and implementing security mechanisms about how the links in that chain are managed by different organizational jurisdictions are challenges that must be coordinated by both the business and technical teams of those organizations.
Supervisory Control and Data Acquisition
Supervisory Control and Data Acquisition (SCADA) and other related industrial control systems (ICS) technologies are embedded in many of our critical infrastructure sectors on the list of 16 published by the US Department of Homeland Security (DHS), for example, energy; dams; water and wastewater; nuclear reactors, materials, and waste; transportation (including air traffic and high-speed rail control); government facilities (especially prisons and correctional facilities); chemical; and critical manufacturing. These technologies support, automate, and control certain physical, mechanical, electrical, hydraulic, pneumatic, or distribution processes. Initially deployed as self- or facility-contained, independent systems, digital technology is increasingly replacing the manual or human component. This allows remote diagnostics and maintenance, in addition to concatenating distributed systems into a system of systems, as in smart power grids, buildings, and manufacturing.
This shift to dependence on digital technology, the insertion of IT capabilities to replace or supplement physical control mechanisms, is not seamless. Underlying expectations differ. For one, ICS legacy technical components are characterized by stability and have, typically, been deployed for decades; components like sensors, actuators, and controllers are not swapped out and upgraded in three-year cycles, but are “built to last.” Operating systems for computers within the ICS may have exceeded manufacturer end-of-life and no longer be supported with patches. Likewise, replacement parts for infrastructure components can be difficult to source. And yet, the first priority for these systems is robustness: Availability, consistent uptime within tight latency and mean time between failure boundaries, is the primary concern to meet the objectives of real-time monitoring and response. Any software changes must be fully tested under operational environment conditions, but rollouts cannot have a negative impact on the actual operational performance. System outages should be scheduled weeks in advance. In addition, increased interdependency of system elements must be balanced with concerns about cascading failures. Any changes in one part of the system that could affect another must be anticipated and mitigating responses prepared. The 2003 Northeast US power failure that affected 50 million people, although not a consequence of a cyberattack, is just one reminder of the butterfly wing vulnerability in the critical infrastructure arena.
Distributed SCADA systems, such as those in an electrical distribution scenario, gather information from remote sensors in the field and send it to a centralized facility where a human operator observes the information in textual or graphic format. Such SCADA systems are designed for fault-tolerance. According to the specific implementation, communications may use a variety of different telemetry media: copper, cable, fiber, or radio frequency (e.g., broadcast, microwave, or satellite). Communications topologies also vary and can include point-to-point (simplest but most expensive because of the number of individual channels required), series, series-star, and multi-drop. The series configuration reduces cost, but the channel-sharing approach has a negative impact on SCADA operation efficiency and system complexity, as does the one-channel-per-device configuration of series-star and multi-drop topologies.22
Concern about the resiliency of SCADA and other ICS implementations in critical infrastructure sectors has increased with the latter’s obvious vulnerability to a variety of cyberattacks. The energy sector, for example, experienced 41% of the 198 incidents addressed by DHS’ ICS cyber response team in 2012. Of the 200 executives from critical utility enterprises in 14 countries who responded to a survey conducted in late 2010, 85% reported that they had experienced a network intrusion and 80% said they had experienced a large-scale DoS attack.23 Understanding how to select and implement security control mechanisms and policies at all levels of these complex, increasingly Internet-based, and wirelessly connected systems will benefit the critical infrastructure enterprises themselves and all organizations, government, and individuals that depend on them for completing even the most mundane tasks like boiling water for a cup of tea or turning on lights in a critical care unit.
Where Do We Go From Here?
As can be seen from the above discussion, there are a lot of moving parts to consider in how wireless devices talk and connect to one another. Almost any wireless devices can be construed as a wireless access point, with an accompanying set of risks. The operating environment for devices, the data that they carry or transmit, figures largely in whether and how those risks should be addressed. With mobile devices the operating environment is less certain than for fixed devices; a database server, by contrast, is located in a highly controlled operating environment. The security exposure of mobile devices is more situationally dependent—but can also be configured by the astute user when appropriate. Risks can be grouped into commonly encountered scenarios and addressed in a straightforward manner.
The enthusiastic adoption of wireless communications by individuals, corporations, organizations, educational institutions, and governments lends credence to the suggestion floated among IT professionals that the OSI model should be modified to include end users as Layer 8. By understanding trends in who is using wireless devices, the purposes behind their use, and the locations from which/to which communications are sent, specific techniques for hacking—or for shielding from hacking—can be proposed.
Comments
Post a Comment