Abstract
The topic of wireless Security issues in pervasive computing is a very dynamic area given that the technology keeps on changing. The change in technology comes with different challenges especially when it comes to integration of two or more technologies to satisfy human needs in life. Pervasive computing(PC), for instance, can represent an entry point for many of attacks.It can compromise users’ data, crash the complete system, render services unavailable, and possibly result to the loss of property and even lives. This paper examines and reports various security concerns in wireless security within the context of PC. The analysis of various vulnerabilities with reference to technological changes led to the conclusion that no perfect security system has ever been developed. However, the vulnerabilities can be reduced by improving on the design of security system before full implementation (Li, Lou & Ren, 2010, Gubbi et al., 2013).
Introduction
Pervasive computing can be described as the increasing combination of information and communication technology into the lives of people and environments by means of converging advanced electronics especially, wireless - technologies along with the Internet. It is considered as the third Wave computing era where millions of computers are embedded in the environment. In PC system several objects are embedded with computing capabilities which are linked by means of wired or wireless connections (Li, Lou & Ren, 2010, Gubbi et al., 2013).The rest of this report is organized into the following sections: Summary of fundamental ideas presented, issues addressed and how they might have been addressed in the past.Also, the Core Idea presented, potential applications of technology presented and Future directions respectively. The report ends with the conclusion derived from the findings (Zhou, Marshall & Lee, 2010)
Summary of fundamental ideas presented in the paper
The entire paper is all about pervasive computing systems (PCS), Wi-Fi vulnerabilities, Wireless security as well as ARP spoofing. PSC involves the idea of having information and communication technology, highly developed wireless electronic technologies and internet all joined together in the same environment for better services. The Wi-Fi vulnerabilities are looked at in terms of Wi-Fi MAC protocol and Wi-Fi security protocol weakness and possible remedies with reference to the historical timeline. The countermeasures against ARP spoofing is also discussed which notices all kinds of wireless ARP spoofing. Different wireless technologies such as Zigbee, Bluetooth among others used in pervasive computing are also mentioned. The description on how they can be connected for use in a given environment (Zhou, Marshall & Lee, 2010).
Issues addressed and how they might have been addressed in the past
Different Wireless technologies do share a common feature by means of broadcast technology in a shared medium. This common feature brings about vulnerability issues such as physical jamming, message injection and active eavesdropping, message deletion and interception, inside attacks to breach data confidentiality as well as denial of service attack. Other vulnerability concerns include Passive eavesdropping and traffic investigation plus Masquerading and malicious access base stations. Therefore, the various types of attack that comes via wireless access to pervasive computing system are a big issue which results to compromise for user’s data. The attacks can also make the required services unavailable, crash the whole system in addition to the loss of properties along with lives (Zhou, Marshall & Lee, 2010, Cook, & Das, 2012).
In Wi-Fi Protocol vulnerability, denial of service attack (DoS) can be launched by an attacker by means of exploiting clear channel assessment (CCA). Denial of service attack is inherited from MAC mechanisms and the safety measures like encryption and authentication cannot be employed to solve it. This vulnerability has been addressed by use of latest 802.11w technology. The issues of confidentiality, integrity and availability have been maintained by means of ratifying a number of Wi-Fi security standards. This ratification has been done by the IEEE 802.11 working group. The issues of authentication and privacy were addressed by wired equivalent privacy (WEP). (Zhou, Marshall & Lee, 2010, Cook, & Das, 2012).
This WEP was defined in IEEE 802.11 and was the initial Wi-Fi security protocol. The security weakness discovered later in wired equivalent privacy was addressed using proprietary light weight extensible authentication protocol (LEAP) developed by Cisco. LEAP was also cracked later on with time. WPA-TKIP was introduced in the year 2003 to address the vulnerability in LEAP. WPA-TKIP was also prone to crack within few minutes by the year 2008. WPA2 was also launched in the year 2004 for the purpose of enhancing the security of Wi-Fi. However, this also became vulnerable for attack by the year 2010 despite measures of security that were in place (Zhou, Marshall & Lee, 2010, Cook, & Das, 2012).
A denial of service attack against temporal key identity protocol is addressed using temporal key identity protocol (TKIP). IEEE 802.11w is the security amendment introduced in the year 2009 to Wi-Fi networks for safeguarding management frames that maintain 802.11 state machines. Nevertheless, most Wi-Fi vulnerabilities like EAP spoofing, security level roll back, jamming and others are outside the scope of IEEE 802.11w. The insider attacks for instance man in the middle (MITM) attack can be reduced by employing group temporal key (GTK). The GTK is shared among all authorized clients in WPA2 network where group data are encrypted using GTK via authentication protocol. The same data is decrypted by clients again using GTK. However, this standard is still open to spoofed GTK by malicious clients. Las but not least, ARP spoofing can be minimized through the combination of little changes at an authentication protocol, an intrusion detection system with wireless sensor. The combination of these is capable of detecting every kind of wireless ARP spoofing (Zhou, Marshall & Lee, 2010, Cook, & Das, 2012).
The Core Idea presented
One of the core ideas presented is the countermeasure proposal against wireless ARP spoofing. According to the author, this countermeasure involves making minor changes to authentication protocol (AP). The changes if made will ensure that all ARP packets are forwarded to an intrusion detection system by the authentication protocol. In this case the intrusion detection system will communicate with the wireless sensor to terminate the link amid the attacker and the authentication protocol when ARP spoofing is noticed. As long as the attacker is disconnected from the network, it becomes impossible to carry out any further attack from inside. This idea is very instrumental since it leads to the solution that can detect all wireless ARP spoofing. In addition, it can also detect WPA2 Hole based ones given that any wireless ARP packet can be capture and examined. The fact that inside attackers like man-in-the –middle are the most severe makes this idea most significant (Cook, & Das, 2012).
Potential applications of technology presented
A number of available and emerging wireless technologies can be used to serve pervasive computing applications. Zigbee and Bluetooth technologies can be applied in the connection of sensors and actuators that have low energy consumption within short distances up to ten meters. Wi-Fi technology, on the other hand, is applicable in linking of devices in middle ranges of several hundreds of meters. Wimax, LTE, 3rd and 4th-generation technologies can be used to connect home gateway to the internet in long ranges of several to tens of kilometers. These ranges of potential applications of pervasive computing have many applications. They imply that sensitive data such as personal information, bank account details, trading secret and others will be transmitted over such networks(Zhou, Marshall & Lee, 2010, Cook, & Das, 2012).
Future directions that can be inferred from the topic
The major future direction that can be inferred from the topic of pervasive computing is the need to design and implement integrated wireless security systems that are more reliable and free from various attackers. It is because the Wi-Fi security time line presented shows clearly that attackers can study and break into network security system after short period when any security system is introduced. It also means that the counter measures proposed against ARP spoofing should be designed and implemented with the mind that attackers are still able to study it in the future and break into it after implementation. As a result, the designers should be able to close any loop hole or gaps in advance before the security system is fully implemented.
Conclusion
It can be concluded from the paper that there is no perfect security system that has ever been introduced even as technology continues to advance in the area of pervasive computing system. It implies that there is no guarantee that the proposal of the countermeasures provided by the authors will be the perfect one forever. In fact, the countermeasures proposed against ARP spoofing may be perfect in detecting all types of wireless ARP spoofing although problem detection does not imply being able to solve it. Therefore, something has to be done further during the design of this proposed system for countermeasure.
References
Zhou, B., Marshall, A., & Lee, T. H. (2010, December). Wireless Security Issues in pervasive computing. In Genetic and Evolutionary Computing (ICGEC), 2010 Fourth International Conference on (pp. 509-512). IEEE.
Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7), 1645-1660.
Li, M., Lou, W., & Ren, K. (2010). Data security and privacy in wireless body area networks. Wireless Communications, IEEE, 17(1), 51-58.
Cook, D. J., & Das, S. K. (2012). Pervasive computing at scale: Transforming the state of the art. Pervasive and Mobile Computing, 8(1), 22-35.