Vonage Packet8 Google Talk VoIP Comes of Age VoIP Service Providers Choosing the Pipe Peer to Peer VoIP Wireless VoIP
VoIP Links VoIP Calling Plans Telecommunications News Voice over IP News Wireless Broadband News Cellular Industry News, Reviews WiMax Technology News Vonage Forum RSS Feeds
Unified Communications The Converged Network The IPT Network Lifecycle VoIP Over Wi-Fi Networks VoIP Security Threats WiMAX, VoIP, & Metro Area Net
The Apple iPhone Motorola MOTO Q gsm Nokia Eseries - E61i The Nokia E65 The Linksys iPhone
Cellular Net Neutrality Internet Freedom Preservation
Signaling Protocol H.323 Simple Gateway Control Protocol Media Gateway Control Protocol Megaco-H.248 Session Initiation Protocol

 


Home Residential VoIP VoIP for Business IPT Technology WiMAX and VoIP Internet Phones Social Implications VoIP Resources About Us
Vonage Packet8 Google Talk VoIP Comes of Age VoIP Service Providers Choosing the Pipe Peer to Peer VoIP Wireless VoIP
VoIP Links VoIP Providers Plans Telecommunications News Voice over IP News Wireless Broadband News Cellular Industry News WiMax Technology News Vonage Forum RSS Feeds
Unified Communications The Converged Network The IPT Network Lifecycle VoIP Over Wi-Fi Networks VoIP Security Threats
The Apple iPhone Motorola MOTO Q gsm Nokia Eseries - E61i The Nokia E65 The Linksys iPhone
Cellular Net Neutrality The Net Neutrality Act
WiMax, VoIP, and the MAN WiMAX Security WiMAX Deployments Today
Signaling Protocol H.323 SGCP MGCP Megaco Session Initiation Protocol

Visit
VoIP Facts:
the Blog

Compare
VoIP Providers
Plans & Services

WiMAX, VoIP,
and the
Metro Area Network

 

WiMAX Security Issues and Threats

If the goal of the 802.16 standards technology is to provide for a wireless broadband carrier network, then you can bet that security is no joke. In order to compete at all with existing broadband cable or DSL providers, the resulting WiMAX network must be at least as secure.

The IEEE and the WiMAX Forum are painfully aware of the lack of security provided for in the early development of the 802.11 WiFi standard, and have taken measures to ensure that WiMAX incorporates a robust security environment as its minimum.

It can be said today that the committee has succeeded in setting a standard of security comparable to the cable networks. WiMAX security supports both DES3 and AES encryption standards, and requires a dedicated security processor be present on base stations. End to end authentication is provided for using PKM-AES, a transport layer security method using public key encryption, adopted from the DOCSIS BPI+ protocol.

Still, there are two questions that need to be asked about WiMAX security:

  1. Is it enough? That depends on who you are talking to.
  2. What do we have to fear? (Besides fear itself)

WiMAX Security Threats

WiMAX is a network that is based on the Internet Protocol, and wireless or not, it is subject to the vulnerabilities of any IP network. A denial of service (DOS) attack by a malicious hacker can cripple any network, and precautions such as vigilant intrusion detection must be taken by IT professionals.

Security Threats Percieved or Real

  • Rogue Base Stations
  • Denial of Service Attacks
  • Session Tampering and Highjacking
  • Man in the Middle

Certain applications like VoIP come with their own vulnerabilities. VoIP security threats can take the form of eavesdropping, session hijacking, SPIT, and spoofing of IP addresses, each of which must be guarded against.

A Rouge Base Station in a WiMAX network will impersonate a legitimate base through spoofing, and can hijack sessions and gain access to sensitive information.

Most of these attacks are not new, but variations on old themes that security professionals, appliance, and software developers have long been in the business of dealing with. As WiMAX is an emerging technology, wide spread hacking has not really occurred, but the opportunity is there, and the WiMAX service provider should know it, and prepare.


Locking Down WiMAX

Whether or not a WiMAX network is secure enough, as mentioned before, depends on who you are asking. Different people and organizations require different levels of security. The 802.16 standards are basically that, a standard from which to start from. It is incumbent upon device manufacturers to build on the base security standards, and on the carrier network to offer the appropriate level of security for the appropriate cost.

For example, a carrier may offer a CPE (wireless modem) to the residential consumer that is a no frills device, suitable for residential access. The standards are there, comparable to a cable network, and the consumer is well protected at an affordable price. However, that same CPE would not be suitable for a health care provider, where conforming to the stringent HIPPA regulations is a must. In this case the carrier would offer a more expensive CPE with a premium feature set to allow for more robust security requirements. Both the residential consumer and the health care provider are using the same network, albeit at different costs, each with the appropriate level of security. Not unlike putting a firewall between the modem and the network.

Hardware vendors may clamor that WiMAX is not secure and that there product will give you a higher level of protection. This is a good thing in that it promotes competition, leads to robust technological development, and in the end, lower prices for consumers.

4/5/07

More WiMAX>
WiMax, VoIP, and the Metropolitan Area Network
WiMAX Deployments Today: Conquering the Digital Divide

Subscribe to Our Feed

Register
Login
Forgot Password

Bookmark this Site!

Free Whitepaper

The VoIP
Signaling Protocols

8x8, Inc.


CaRP
RSS to HTML Converter

VRZ Free RAZR V3m

Net2Phone.com