Pre-engineered modules such as the MatchPort b/g Pro embedded wireless device server from Lantronix can help developers meet wireless standards and security protocols.
By Daryl Miller
Over the past decade, wireless networks have been key to revolutionising access to technology. From the office to the home, wireless connectivity for most computing devices is common. But the appeal of wireless connectivity extends beyond these typical scenarios. Increasingly, users and manufacturers in physical security, healthcare, fleet management, retail, industrial automation, and other businesses seek to improve the value of their products and services by adding untethered network connectivity.
However, designers who want to capitalise on the growing acceptance of wireless technologies must also consider factors such as wireless communications standards, certification and regulatory requirements, power usage, data throughput, data security, and physical size when contemplating their design. Balancing these requirements with the need to bring products to market quickly can often pose a challenge for designers who are new to wireless implementations.
To ensure customer acceptance, companies need to understand the advances in today’s complex wireless landscape, including security protocols and the standards that relate to them. This enables manufacturers to offer effective networking solutions that provide reduced installation and maintenance costs, mobility, and the data security that customers demand.
Once a decision is made to deploy a wireless network, the overriding question then becomes one of standards. So what are the standards? Short-range wireless technology includes networks with ranges of 100 metres or less.
The IEEE 802.11 set of standards defines wireless local-area network (WLAN) computer communication in the 2.4GHz and 5GHz frequency bands. The IEEE LAN/MAN Standards Committee (IEEE 802) manages these specifications.
The 802.11 family includes overthe- air modulation techniques that use the same basic protocol. The most popular are those defined by the 802.11b and 802.11g protocols and are amendments to the original standard. 802.11-1997 was the first wireless networking standard, but 802.11b was the first widely accepted one, followed by 802.11g and 802.11n (currently in draft). 802.11g boasts up to a 54Mbit/s net bit rate, and 802.11n offers up to a huge 600Mbits/s. (Your actual “mileage” may vary.)
Security was originally purposefully weak due to the export requirements of some governments, and it was later enhanced via the 802.11i amendment after governmental and legislative changes. 802.11a and 802.11n allow for equipment in the 5GHz frequency band. This is exciting in many applications where the 2.45GHz band is saturated. Hospitals, for example, look to segment their wireless traffic between these two bands depending on the application. For instance, all computer platforms operate at 2.45GHz, and all medical devices function at 5GHz.
IEEE 802.15.4 specifies the physical layer (PHY) and media access control (MAC) for low-rate wireless personal-area networks (LR-WPANs). Maintained by the IEEE 802.15 working group, it’s the basis for the ZigBee, WirelessHART, and MiWi specifications, each of which further attempts to offer a complete networking solution by developing the upper layers that are not covered by the standard. Alternatively, it can be used with 6LoWPAN and standard Internet protocols to build a wireless embedded network.
Also, 802.15.4 intends to offer the fundamental lower network layers a type of WPAN that focuses on low-cost, low-speed (< 100kbits/s), low-power communication between devices (in contrast with other approaches that are oriented more toward end users, such as Wi-Fi).
IEEE802.15.1 is another WPAN protocol deployed in transient devices. It’s ubiquitous in mobile phones and earpieces. It’s also found in some human interface device (HID) products like keyboards, mice, and gaming controllers. It typically consumes more power than 802.15.4 devices and costs more per node but supports higher data throughput (1 to 3Mbits/s) and wider range.
Just like the doors of a building, a secure network requires at least one key to enter, or “authenticate” the user. Depending on the implementation, these keys may be static pre-shared keys, or they may be exchanged using a public-key/ private-key method relying on certificates for authenticity. Once a “user/device” is validated, encryption (AES, IPSec, etc.) is used to obfuscate the data. So what’s available to provide suitable protection from hackers?
Wired Equivalent Privacy (WEP) is a deprecated algorithm used to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are more susceptible to eavesdropping and cracking than wired networks as a result. When it was introduced in 1997, WEP was intended to provide confidentiality comparable to that of a traditional wired network (thus the name).
Beginning in 2001, cryptanalysts identified several serious weaknesses with the result that a WEP connection can be cracked today with readily available software within minutes. Despite its weaknesses, WEP is still widely in use due to ease of setup and lack of knowledge.
Wi-Fi Protected Access (WPA and WPA2) is a certification program created by the Wi-Fi Alliance. WPA implemented a subset of the IEEE 802.11i standard, and it was intended as an intermediate measure to take the place of WEP while 802.11i was being finalised. Specifically, the Temporal Key Integrity Protocol (TKIP) was included in WPA.
The later WPA2 certification mark indicates compliance with an advanced set of protocols that implement the full IEEE802.11i standard. Products that have successfully completed testing by the Wi-Fi Alliance for compliance with the protocol can bear the WPA certification mark.
WIRELESS ISN'T EASY; MODULES HELP
Wireless technology is complex, which is why many developers turn to pre-engineered modules in a drive to meet these standards and security protocols (see the figure). Most importantly, these modules can cut product development time by six to 18 months and reduce time-to-market, a factor that is crucial in the current economic climate. One often overlooked benefit is the pre-certification these modules carry, saving the implementer much time, money, and the headaches associated with agency (EN, FCC, IC, etc.) testing.
WHAT'S IN STORE FOR THE FUTURE?
Wireless standards are constantly evolving. Here is a quick overview of a few interesting specifications on the horizon:
• IEEE 802.11k is an amendment to the IEEE 802.11-2007 standard for radio resource management. It defines and exposes radio and network information to facilitate the management and maintenance of a mobile WLAN.
• IEEE 802.11r, or fast BSS transition (FT), is an amendment to the IEEE 802.11 standard that permits continuous connectivity aboard wireless devices in motion, with fast and secure handoffs from one access point to another managed seamlessly.
• IEEE 802.11s is a draft IEEE 802.11 amendment for mesh networking, defining how wireless devices can interconnect to create an ad-hoc network by communicating via one another.
ACHIEVING TOP-NOTCH WIRELESS SECURITY
Today’s advanced data security methods allow companies to deploy wireless connectivity and embed remote monitoring applications in their end devices with confidence. The authentication and encryption embodied in products conforming to IEEE802.11i offer robust security. By layering authentication and encryption with secure protocols like Secure Shell (SSH) and Secure Sockets Layer (SSL), implementers can feel confident that machines added to the wireless network are highly protected.
Modules that have implemented these standards enable companies creating wirelessly connected products to focus on their core competencies without the burden of integrating the security protocols and methods themselves. By coupling end-to-end device networking to secure remote monitoring applications, it is now possible to provide scalable, affordable, and secure options for virtually any situation.