Standards Will Fill Holes in WEP Authentication and Encryption
Wireless networking standards initiatives go several steps beyond WEP to provide WLAN security.The security built into Wi-Fi is better than no security at all—but not by much. Standards bodies are at work, though, on a framework that will free IT managers from some of the heavy lifting they have to do to get WLANs up to enterprise code. During the past two years, the IEEE has been working on the 802.11i security standard. This standard is designed to address known WEP (Wired Equivalent Privacy) vulnerabilities and provide significant enhancements to 802.11-based equipment. 802.11i calls for a better authentication scheme—via 802.1x—and two new encryption protocols that will replace WEP.
The IEEE-ratified 802.1x, which provides a framework for stronger user authentication and a centralized security management model, comprises three components: the supplicant, a client machine trying to access the wireless LAN; the authenticator, a Layer 2 device that provides the physical port to the network (such as an access point or a switch); and the authentication server, which verifies user credentials and provides key management.