Like any other business
decision, these trade-offs must be made with eyes open.
2.2.5.2 Confidentiality and Encryption
Confidentiality (preventing unauthorized access to message contents) is achieved by
protecting the data contents with encryption. Encryption is optional in 802.11 WLANs, but
without it, any similar standards-compliant device within range can read all network traffic.
There have been three major generations of security approaches for WLANs. In
chronological order of introduction, these are:
??? WEP (Wired Equivalent Privacy)
??? WPA (Wi-Fi Protected Access)
??? 802.11i / WPA2 (Wi-Fi Protected Access, version 2)
To address vulnerabilities in WEP, the IEEE established the 802.11i working group in
2001. Based on early drafts from the working group, the Wi-Fi Alliance trade group
Guide to Wireless LAN Analysis
21
established WPA at the beginning of 2003. WPA was intended as an interim solution that
could be achieved with existing equipment, using only firmware and software updates. The
Wi-Fi Alliance refers to their implementation of the more robust security features defined
in the final 802.11i document (July, 2004) as WPA2.
Pages:
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114