Corporate wireless LAN security 267 Biographical notes: Dr. Young B. Choi is Assistant Professor of the Madison University in Harrisonburg, Virginia. His current research interests are human factors in telecommunications. wireless telecommunications service nanagement, security management in HIPAA, data mining and visualisation for telecommunications service delivery chain optimisation, and public healthcare. He has a diverse intemational experience of working in industry research and academia in telecommunications and computer networking since 1978. He received his interdisciplinary Phd degree in C networking and Telecommunications from the University of Missouri Jeffrey Muller is undergraduate scholar at James Madison University. He is ence and tec nation knowledge management and media arts and design and on digital ctive multimedia. His research interests are in telecommu security, bioterrorism defense and education using multimedia Christopher V. Kopek is undergraduate student at James Madison University and graduated in May 2005 with a Bs degree in Computer Science. His research interests are network technologies and database structures. Jennifer M. Makarsky is a student at James Madison University 1 Introduction "Today, end users have an increasing selection of different terminals and devices that support wireless access, as well as support for new technologies like 802.11 based WLANS"(Maunuksela and Nieminen, 2005 ) Wireless Local Area Network (WLAN) technology is an important method of extending corporate networks, but the new technology brings greater security risks. An understanding of the types of security risks and attacks as well as the developing security standards and how to implement them will enable firms to stay protected WLANs have the same risks and vulnerabilities that exist in a conventional wired network and there are also numerous other types of threats specific to them. Some examples of particular Wlan threats are passive attacks, active attacks, loss of confidentiality, loss of integrity and loss of network availability As todays technologies advance, so do the techniques and skills of hackers. New wireless security standards are now being created and released in order to stay one step ahead of hackers. The old Wired Equivalent Privacy (WEP) protocol has been proven to be insecure and does not protect WLANS efficiently. A new 802. 1li protocol is being released in 2005 that will protect corporations from WLAN attacks. In conjunction with 802. 1li, there are several other security standards that are being used such as WiFi Protected Access (WPA)and Virtual Private Network (VPN). With these new technologies, companies and firms can now have confidence that their WLaNs are secure. With wireless becoming such a mainstream technology, there is a growing interest creasing its usage in the enterprise environment (Varshney, 2003). However, all the standards and security techniques under development will be in vain unless they areCorporate wireless LAN security 267 Biographical notes: Dr. Young B. Choi is Assistant Professor of the Information Technology and Management Science Programme at James Madison University in Harrisonburg, Virginia. His current research interests are human factors in telecommunications, wireless telecommunications service management, security management in HIPAA, data mining and visualisation for telecommunications service delivery chain optimisation, and public healthcare. He has a diverse international experience of working in industry, research and academia in telecommunications and computer networking fields since 1978. He received his interdisciplinary PhD degree in Computer Networking and Telecommunications from the University of Missouri-Kansas City in 1995. Jeffrey Muller is undergraduate scholar at James Madison University. He is double-majoring in Integrated Science and Technology with a concentration on information knowledge management and media arts and design and on digital interactive multimedia. His research interests are in telecommunications security, bioterrorism defense and education using multimedia. Christopher V. Kopek is undergraduate student at James Madison University and graduated in May 2005 with a BS degree in Computer Science. His research interests are network technologies and database structures. Jennifer M. Makarsky is a student at James Madison University. 1 Introduction “Today, end users have an increasing selection of different terminals and devices that support wireless access, as well as support for new technologies like 802.11 based WLANs” (Maunuksela and Nieminen, 2005). Wireless Local Area Network (WLAN) technology is an important method of extending corporate networks, but the new technology brings greater security risks. An understanding of the types of security risks and attacks as well as the developing security standards and how to implement them will enable firms to stay protected. WLANs have the same risks and vulnerabilities that exist in a conventional wired network and there are also numerous other types of threats specific to them. Some examples of particular WLAN threats are passive attacks, active attacks, loss of confidentiality, loss of integrity and loss of network availability. As today’s technologies advance, so do the techniques and skills of hackers. New wireless security standards are now being created and released in order to stay one step ahead of hackers. The old Wired Equivalent Privacy (WEP) protocol has been proven to be insecure and does not protect WLANs efficiently. A new 802.11i protocol is being released in 2005 that will protect corporations from WLAN attacks. In conjunction with 802.11i, there are several other security standards that are being used such as WiFi Protected Access (WPA) and Virtual Private Network (VPN). With these new technologies, companies and firms can now have confidence that their WLANs are secure. With wireless becoming such a mainstream technology, there is a growing interest in increasing its usage in the enterprise environment (Varshney, 2003). However, all the standards and security techniques under development will be in vain unless they are