Security Implications of Personal Digital Assistants (PDA) Connected to a Wireless Network: A Case Study
Randy Faulk
University of Houston – Victoria
Dr. Meledath Damodaran
University of Houston –Victoria
Abstract
Many network professionals today are being asked to provide wireless network access through PDA’s. Several questions immediately spring to mind. What extra hardware/software is required? What will this do to the current integrity? Do security policies need to be modified? To answer these questions, one needs to look at the current network security structure and the critical resources that utilize it. In a typical case, application servers are accessed through a classic client/server, wired network. The applications used are the typical email, file services, internet and intranet. They communicate using a network infrastructure according to industry standards. If security policies are sufficient for the current network, no other policies should be necessary. The wireless network required for wireless PDA access simply lies over the existing network via Virtual Local Area Network. The obvious problem with a wireless network is wireless access is achieved through radio waves which are not necessarily confined within a building. It is not uncommon to walk up to an exterior wall of a facility with wireless access and be able to see that there is a network available and, in some cases, access its traffic. To counteract this, intrusion detection software is installed on the VLAN. This software performs a few critical functions. It forces logins to the network and prevents walk-up signal acquisition allowing further exploitation of network traffic. In conclusion, installing a wireless network is not as difficult as it may seem. If an infrastructure exists, the added hardware and software is minimal.