Compaq Evo n800c Wireless Security - Page 7

Available Device-specific Security Measures - wireless card

Get Compaq Evo n800c - Notebook PC PDF manuals and user guides View all Compaq Evo n800c manuals
Add to My Manuals
Save this manual to your list of manuals

Page 7 highlights

Wireless Security White Paper 7 Available Device-specific Security Measures Many security measures are available for mobile access devices. Some of these are outlined in the subsections below. For various reasons they are often not fully implemented. Passwords Mobile devices, especially handhelds, have small user interfaces and keypads, leading many users to choose simpler passwords. For example, keypads that associate multiple letters with each key require repeated presses to type certain letters. Users often choose passwords that use the first letter typed by a given key. This practice substantially reduces the number of possible passwords. Also, mobile device users often cache their passwords on the devices in order to automate connections to servers. A further consideration is whether or not to permit single sign-on from the mobile device. While doing so is more convenient given the cumbersome nature of password entry on mobile devices, it raises the level of risk that intruders may penetrate the network. The straightforward solution is to endure the trade-off in convenience and make password protection more robust by avoiding weak passwords, refraining from password caching, and avoiding single sign-on. Smart Cards Smart cards offer a partial solution to the problem of securing data transmissions to and from mobile devices. The smart card is a tamper-resistant piece of hardware on which passwords, private keys, digital certificates, and cryptographic algorithms can be stored. Simply keeping the smart card separate from the device, in a wallet for example, adds a level of security to the device in the event of theft. Moreover, a person attacking a smart card must not only possess the card but also have sophisticated tools and expertise. There are two main types of smart cards: contact and contactless. The contact smart card consists of a plastic card with gold-plated contacts embedded in the plastic. These contacts are connected to an integrated circuit sandwiched between layers of plastic inside the card. The contactless smart card typically connects to the smart card reader through an internal antenna. Smart cards are easy to use, and the newer, more complex ones offer relatively strong encryption. A smart card is most effective when paired with a personal identification number (PIN). Whereas a stolen smart card can be used just like a stolen password, the association with a PIN presents thieves with a further barrier to obtaining access to a wireless network, even with the card. Smart card readers offer different levels of security. The basic smart card reader reads the smart card in conjunction with a PIN. The enhanced smart card reader also reads the card in conjunction with a PIN, but in addition does not allow the PIN back out to the serial port, thus preventing PIN information from being intercepted via the serial port. The enhanced reader typically can perform its own protocol and cryptological processing, unlike smart cards that do not perform such processing themselves.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
Wireless Security White Paper
7
Available Device-specific Security Measures
Many security measures are available for mobile access devices. Some of these are outlined in the
subsections below. For various reasons they are often not fully implemented.
Passwords
Mobile devices, especially handhelds, have small user interfaces and keypads, leading many users
to choose simpler passwords. For example, keypads that associate multiple letters with each key
require repeated presses to type certain letters. Users often choose passwords that use the first
letter typed by a given key. This practice substantially reduces the number of possible passwords.
Also, mobile device users often cache their passwords on the devices in order to automate
connections to servers.
A further consideration is whether or not to permit single sign-on from the mobile device. While
doing so is more convenient given the cumbersome nature of password entry on mobile devices,
it raises the level of risk that intruders may penetrate the network.
The straightforward solution is to endure the trade-off in convenience and make password
protection more robust by avoiding weak passwords, refraining from password caching, and
avoiding single sign-on.
Smart Cards
Smart cards offer a partial solution to the problem of securing data transmissions to and from
mobile devices. The smart card is a tamper-resistant piece of hardware on which passwords,
private keys, digital certificates, and cryptographic algorithms can be stored. Simply keeping the
smart card separate from the device, in a wallet for example, adds a level of security to the device
in the event of theft. Moreover, a person attacking a smart card must not only possess the card but
also have sophisticated tools and expertise.
There are two main types of smart cards: contact and contactless. The contact smart card consists
of a plastic card with gold-plated contacts embedded in the plastic. These contacts are connected
to an integrated circuit sandwiched between layers of plastic inside the card. The contactless
smart card typically connects to the smart card reader through an internal antenna.
Smart cards are easy to use, and the newer, more complex ones offer relatively strong encryption.
A smart card is most effective when paired with a personal identification number (PIN). Whereas
a stolen smart card can be used just like a stolen password, the association with a PIN presents
thieves with a further barrier to obtaining access to a wireless network, even with the card.
Smart card readers offer different levels of security. The basic smart card reader reads the smart
card in conjunction with a PIN. The enhanced smart card reader also reads the card in conjunction
with a PIN, but in addition does not allow the PIN back out to the serial port, thus preventing PIN
information from being intercepted via the serial port. The enhanced reader typically can perform
its own protocol and cryptological processing, unlike smart cards that do not perform such
processing themselves.