Musings on WMN Security
After getting to know more about wireless mesh networks (WMN), let us take a look at some of the possible security areas that affect it. Since, this involves networking it would probably be easier for the reader if this where discussed in terms of ISO-OSI network layers (roughly).
| Layer | Possible Issues |
| Physical | Signal interference - distortion and blockage such as jamming. With wireless networks, it is definitely trivial to catch, block and interfere with its signals. Radio signals are easier to “tap” into that physical signaling media such as copper or fiber. In additional to things that affect radio signals, there are pieces of hardware technology that can potentially improve the security of this network such as the use of smart card, dedicated crypto devices and entropy generators. |
| Data Link | Frame corruption and sniffing, exploiting crypto (WEP/WPA) weaknesses, link state manipulation. These weaknesses involve interference at the frame level. Full access to data can be obtained due to crypto weaknesses. Link state manipulation and frame corruption can cause a denial service. |
| Network | IP packet corruption and sniffing. Mis-routing of packets. IP packets can be redirected (mis-routed) to evil sinks (and maybe even played back to mis-represent transactions). Of course, these packets can also be corrupted. |
| Transport | As a higher layer protocol, problems here are typically not the exclusive domain of WMNs. |
| Session | False authorization, Illegal access, Access control failure, Repudiation and trust issues. These are mostly identity issues. Who you are? What you are? What and when are you allowed to do it? Are you sure it is you? However, these issues are not limited to WMNs. |
| Presentation | As a higher layer protocol, problems here are typically not the exclusive domain of WMNs. |
| Application | Of course, we cannot get rid of application specific attacks. These attacks can attack the weaknesses of particular application protocols such as HTTP, SMTP, FTP and others. But, these are not the exclusive domain of WMNs. |
Anything I have missed? I will try to update this posting whenever I think of something.
The most obvious issues are denial of service related issues. Being wireless it is relatively easy to get a signal jammer to corrupt the wireless signal. In the security triad, this is definitely an integrity and availability hit. These issues are no only limited to end user connectivity (which is well documented). Since, this is a wireless mesh network. It affects connectivity between nodes in the mesh. This peer-to-peer interaction creates a whole new set of problems. Who is part of the mesh? What are they allowed to do? Who are they allowed to connect to? Who manages all of these relationships and trusts?
In the history of information security, convenience has always had a reverse impact on security. The more secure the system the harder to use. However, there are some security issues that cannot be ignored. Thus, the importance of some “reasonable” level of security. Now the question is … What is reasonable?
UNRELATED NOTE: Forum Nokia now has a wiki. This makes information potentially easier to find. Being a wiki makes it extremely collaborative so the growth of materials on this site should increase dramatically. Nice going Nokia!
