HP Evo Notebook n200 Wireless Security

HP Evo Notebook n200 Manual

Get HP Evo Notebook n200 PDF manuals and user guides View all HP Evo Notebook n200 manuals
Add to My Manuals
Save this manual to your list of manuals

HP Evo Notebook n200 manual content summary:

  • HP Evo Notebook n200 | Wireless Security - Page 1
    White Paper December 2001 Prepared by: Access Business Group Compaq Computer Corporation Contents Introduction 3 Security in General 3 Essential Elements of Security 4 Security and the Pipe 4 Device Security 5 Connectivity Technologies ........ 9 Access Points 24 Corporate Firewalls 27
  • HP Evo Notebook n200 | Wireless Security - Page 2
    the U.S. and/or other countries. Microsoft and Windows are trademarks of Microsoft Corporation in the U.S. and/or other countries. All other product names mentioned herein may be trademarks of their respective companies. ©2002 Compaq Information Technologies Group, L.P. Wireless Security White Paper
  • HP Evo Notebook n200 | Wireless Security - Page 3
    because many users are not aware of specific security vulnerabilities or don't understand the magnitude Please see the Compaq Technical Guide titled "Safe Compaq Global Services at http://www.compaq.com/services . To plan a security business model, key elements of security must be considered as
  • HP Evo Notebook n200 | Wireless Security - Page 4
    . This quality makes electronic transactions legally binding. Non-repudiation is supported by digital signatures and trusted timestamps. • System Management -- all model should also provide management mechanisms for performance and security. Key elements of the pipe are the following: 1. Security at
  • HP Evo Notebook n200 | Wireless Security - Page 5
    security models. Each element of the pipe, along with the security problems and solutions associated with it, is discussed in the next five subsections in the United States is still the notebook computer (in Europe it is the mobile telephone). Notebook computers are used for online connectivity,
  • HP Evo Notebook n200 | Wireless Security - Page 6
    Compaq notebook computers, see http://www.compaq.com/showroom/notebooks specific to mobile access devices, the first link in the pipe on the client side, and possible solutions to those problems. Usage in Public Mobile devices employing a cellular service in monitoring their hacking because of the open
  • HP Evo Notebook n200 | Wireless Security - Page 7
    Available Device-specific Security Smart Cards Smart cards offer a partial solution to the problem of securing data transmissions to and from mobile devices. tamper-resistant piece of hardware on which passwords, private keys, digital certificates, and cryptographic algorithms can be stored. Simply
  • HP Evo Notebook n200 | Wireless Security - Page 8
    Compaq FIT is currently available only for Compaq Armada and Evo notebook computers. For more information on Compaq FIT, see http://www.compaq.com/products/notebooks/security.html or http://www.compaq Security While desktop operating systems such as Windows 2000 offer an encrypted file system, this
  • HP Evo Notebook n200 | Wireless Security - Page 9
    power-off • Key recovery ensures that corporate data is not lost if the pass-phrase is forgotten Compaq iPAQ Pocket PC WAP micro-browser called EzWAP.3 Device-Specific Firewalls Industry best practices dictate the use device; either because of the small hard drives of handheld devices or through lack
  • HP Evo Notebook n200 | Wireless Security - Page 10
    Wireless Security White Paper 10 • Individual users can connect between various personal devices wherever they are, such as from a cell phone to a handheld to a desktop computer without cables to synchronize data or gain access to a wireless connection. Wireless personal area networks (WPANs)
  • HP Evo Notebook n200 | Wireless Security - Page 11
    networks (WPANs) can use Bluetooth, a radio frequency (RF) specification for point-to-multipoint voice and data transfer. They can also Historically, wireless wide-area networks (WWANs) have been used to support voice transmission for mobile telephones. WWANs use one of three digital wireless
  • HP Evo Notebook n200 | Wireless Security - Page 12
    now. WWAN via CDPD, for example, provides packet-switched connections to the Internet, Internet e-mail, enterprise intranet and corporate e-mail. Compaq offers an optimized MS Exchange e-mail solution with InfoWave. Nationwide (U.S.) coverage is available. Wireless WAN via GSM, as another example
  • HP Evo Notebook n200 | Wireless Security - Page 13
    vendors like Baltimore Technologies, Inc. and Entrust do not have PKI support for access devices. Smaller companies have point solutions to specific applications that run on the various operating systems. Public Key Infrastructure Most approaches to achieving security for the wireless exchange of
  • HP Evo Notebook n200 | Wireless Security - Page 14
    of that algorithm. Figure 6 illustrates symmetric and asymmetric keys. Symmetric Key vs Public Key Symmetric key (shared secret) systems Same key used for encryption and decryption Public key systems private key public key Different keys for encryption and decryption Figure 6: Symmetric and
  • HP Evo Notebook n200 | Wireless Security - Page 15
    the certificate and the holder's e-mail address • The holder's public key, which can be used to encrypt sensitive information for the certificate US Serial #: 8391037 Start:1/5/97 1:02 End:7/5/98 1:02 CRL:cn=CRL2, o=ACME, c=US SubjectAltName: IP, DNS, email Key: CA DN: o=ACME, c=US Unique name
  • HP Evo Notebook n200 | Wireless Security - Page 16
    the digital signature by generating a hash value of the original message, decrypting the original hash value in the digital signature with the public key, then comparing the original hash value with the recipient's hash value. If the two hash values match, the signature is deemed authentic. Another
  • HP Evo Notebook n200 | Wireless Security - Page 17
    private. • Data Encryption. The VPN must encrypt information transmitted on the public network. • Key Management. The VPN must generate and refresh encryption keys for the client and server. • Multiprotocol Support. The VPN must handle common protocols used on the public network. Figure 9 (next page
  • HP Evo Notebook n200 | Wireless Security - Page 18
    service keys and authenticate the sender with digital certificates. IPSec also has the advantage that security arrangements can be handled without requiring changes to the computers of individual users. Cisco Systems has been prominent in proposing IPSec as a standard, and includes IPSec support
  • HP Evo Notebook n200 | Wireless Security - Page 19
    however, are available from third parties for the Compaq iPAQ Pocket PC: movianVPN by Certicom: • client directly to application server) Security Specific to WWAN Carrier Technologies All digitized identification key. When the user makes a connection with a mobile base station, a session key is
  • HP Evo Notebook n200 | Wireless Security - Page 20
    lies in making prohibitively expensive the monitoring and interception of random or bulk problems specific to mobile network devices, including their limited processing power, memory was released in June 2001 and adds support for Wireless Public Key Infrastructure (WPKI) by describing methods for
  • HP Evo Notebook n200 | Wireless Security - Page 21
    convergence with the IETF and W3C. The WAP gateway is optional and WAP has now adopted the Internet standards TCP, HTTP, and TLS with wireless-specific profiles. Similarly, WML is effectively a profile of XHTML. Much work has been done, as well, on end-to-end security. It may be some time
  • HP Evo Notebook n200 | Wireless Security - Page 22
    users. Infowave requires that a single configurable port be opened in the firewall and set up as follows: • must be encrypted with the server's public key, and must contain a valid logon packet Protocol -- TCP, and does not provide the service of dividing messages into packets and reassembling them
  • HP Evo Notebook n200 | Wireless Security - Page 23
    Windows NT domain name is combined with other information and encrypted with the server's public key, which keeps an attacker from impersonating a valid user. Possible Security Problem There may be a significant problem design decision was made to support server public key download at the cost of
  • HP Evo Notebook n200 | Wireless Security - Page 24
    supports one Compaq is an active participant in this effort. In the current draft specification , a strengthened version of the RC-4/per-frame IV encryption algorithm, and a 128-bit AES encryption algorithm are proposed. Per-user authentication eliminates the WEP key-distribution problem
  • HP Evo Notebook n200 | Wireless Security - Page 25
    to protect all authenticated end stations from unauthenticated stations, since intruders could bypass authentication authenticated successfully. The scenario sounds simple in principle. Where it The Authenticator intercepts the status and, if successful, opens the port. There are a few issues to
  • HP Evo Notebook n200 | Wireless Security - Page 26
    feasible in a wireless environment. It is much more difficult to monitor and enforce the air space around office buildings than the ports a fundamental problem with key distribution and update. Since WEP keys are typically symmetrical (the same on the Access Point and all connecting stations) they
  • HP Evo Notebook n200 | Wireless Security - Page 27
    weaknesses of WEP; however, it does open the door for future versions of WEP to Specific to WWAN Carrier Technologies." Generally speaking, when data travels along the phone lines to the corporate firewall, the data is secure barring phone line tapping. This is not a unique security problem
  • HP Evo Notebook n200 | Wireless Security - Page 28
    final key juncture in the pipe, after mobile access devices, wireless networking technologies, access points, and firewalls, centers on the application and data servers that reside inside corporate firewalls. The security vulnerabilities associated with using data servers, desktops with hard drives
  • HP Evo Notebook n200 | Wireless Security - Page 29
    http://activeanswers.compaq.com/ActiveAnswers/Render/1,1027,1317-6-100-225-1,00.html) the Compaq technical guide cited Issues such as subscription fraud, eavesdropping, and denial-of-service attacks acquire even greater weight because of the difficulty in key points in the pipe and should address the
  • HP Evo Notebook n200 | Wireless Security - Page 30
    Safe Computing and E-Business: Protecting the Enterprise to Assure E-Business Success" (Compaq Technical Guide, February 2000). "MultiPort Bluetooth Communication (Compaq White Paper, March 2001), http://www.compaq.com/support/techpubs/whitepapers/14zn-0501a-wwen.html. "MultiPort Technology Overview
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
White Paper
December 2001
Prepared by:
Access Business Group
Compaq Computer Corporation
Contents
Introduction
.................................
3
Security in General
.....................
3
Essential Elements of
Security
.....................................
4
Security and the Pipe
.................
4
Device Security
.........................
5
Connectivity Technologies
........
9
Access Points
..........................
24
Corporate Firewalls
.................
27
Application and Data Servers.. 28
Conclusion
................................
29
Bibliography
..............................
30
Wireless Security
Abstract:
People and corporations are using wireless technologies
at astonishing rates to take advantage of the benefits of wireless-
enabled productivity to gain and maintain a competitive edge.
Market researcher Cahners In-Stat estimates that 6.2 million wireless
devices will be shipped worldwide this year (2001), and double that
in two years.
This paper looks at the pieces of the “pipe” of access from the device
to the corporate firewall in an attempt to bring an awareness to both
the user and the corporate IT manager as to where the security
vulnerabilities lie and what can be done to improve security. Many
of the vulnerabilities can be alleviated easily by implementing
policies for users and adding security layers to the pipe. To put the
subject of wireless security into context, the paper is organized as
follows: First, securing wireless systems in general is discussed, then
securing each point along the access pipe is discussed.