1. Chintan M Bhatt CSPIT CHARUSAT Mobile Computing Chapter 10 Wireless LAN

2. Wireless Local Area Network (WLAN) WLAN is a local area data network without wires. Mobile users can access information and network resources through wireless LAN as they attend meetings, collaborate with other users, or move to other locations in the premises. WLAN is not a replacement for the wired infrastructure. It is implemented as an extension to a wired LAN within a building or campus. Wireless LAN is commercially known as WiFi or Wi-Fi. Wi-Fi is an acronym for Wireless Fidelity 3. Advantages of WLAN Mobility Low Implementation Costs Installation Speed and Simplicity Network Expansion Reduced Cost-of-Ownership Reliability Scalability Usage of ISM band 4. Applications of WLAN Office/Campus Environment Factory Shop Floor Homes Workgroup Environment Heritage Buildings Public Places War/Defense Sites 5. IEEE Standards related to WLAN 6. IEEE Standards related to WLAN 7. Types of WLAN 802.11 HyperLAN (or HiperLAN) HomeRF Bluetooth MANET 8. Adhoc versus Infrastructure Mode In an ad hoc mode, there is no access point or infrastructure. A number of mobile stations form a cluster communicate with each other. In an infrastructure mode, the mobile stations (MS) are connected to a base station or Access Point (AP). This is similar to a star network where all the mobile stations are attached to the base station. Through a protocol the base station manages the dialogues between the AP and the MS. 9. Adhoc Mode 10. Independent Basic Service Set (IBSS) A Basic Service Set (BSS) which forms a self- contained network in which no access to a Distribution System is available A BSS without anAccess-Point 11. Infrastructure Mode 12. Basic Service Set (BSS) A set of stations controlled by a single Coordination Function(=the logical function that determines when a station can transmit or receive) Similar to a cell in pre IEEE terminology 13. IEEE 802.11 Architecture In the 802.11 one cell or a BSS is controlled by one Base Station. This base station is called Access Point or AP in short. Although a wireless LAN may be formed by a single cell, with a single Access Point, most installations will be formed by several cells, where the access points are connected through some kind of backbone. This backbone is called Distribution System (or DS). This backbone is typically Ethernet and, in some cases, is wireless itself. The whole interconnected Wireless LAN, including the different cells, their respective Access Points and the Distribution System, is seen as a single 802 network to the upper layers of the OSI model and is called as Extended Service Set (ESS). 14. IEEE 802.11 Stack The 802.11 standards cover definitions for both MAC (Medium Access Control) and Physical Layer. The standard currently defines a single MAC, which interacts with three PHYs: Frequency Hopping Spread Spectrum, Direct Sequence Spread Spectrum and InfraRed. 15. Physical Layer Architecture The architecture of the Physical layer comprises of the two sub layers for each station: Physical Layer Convergence Procedure (PLCP): PLCP sub layer is responsible for the Carrier Sense (CS) part of the Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) protocol. PLCP layer prepares the MAC Protocol Data Unit (MPDU) for transmission. The PLCP also delivers the incoming frames from the wireless medium to the MAC layer. Physical Medium Dependent (PMD): The PMD provides the actual transmission and reception of physical layer entities between stations through the wireless media. This sub layer provides the modulation/demodulation of the transmission. 16. FHSS Physical Layer In Frequency Hopping Spread Spectrum (FHSS) mode, the layer carries the clocking information to synchronize the receiver clock with the clock of the transmitted packet. FHSS PMD is responsible for converting the binary bit sequence into analog signal and transmit the PPDU frame into the air. FHSS PMD does this using the frequency hopping technique. 17. FHSS PLCP 18. DSSS Physical Layer DSSS PLCP is responsible for synchronizing and receiving the data bits correctly. DSSS PMD translates the binary digital sequence into analog radio signals and transmits the PPDU frame into the air. The DSSS physical layer operates within the ISM band. 19. DSSS PLCP Protocol Data Unit 20. Hidden Station Problem 21. Exposed Station Problem 22. Hidden and Exposed Station Problems HiddenTerminal More collisions Wastage of resources ExposedTerminal Underutilization of channel Lower effective throughput 23. Access Method: CSMA/CA 1. When a wireless station (a wireless LAN device) wants to communicate, it first listens to its media (radio spectrum) to check if it can sense radio wave from any other wireless station. 2. If the medium is free for a specified time then the station is allowed to transmit. This time interval is called Distributed Inter Frame Space (DIFS). If the current device senses carrier signal of another wireless device on the same frequency, as it wants to transmit on, it backs off (does not transmit) and initiates a random timeout. 3. After the timeout has expired, the wireless station again listens to the radio spectrum and if it still senses another wireless station transmitting, continues to initiate random timeouts until it does not detect or senses another wireless station transmitting on the same frequency. 24. CSMA/CA 4. When it does not sense another wireless station transmitting, the current wireless station starts transmitting its own carrier signal to communicate with the other wireless station, and once synchronized, transmits the data. 5. The receiving station checks the CRC of the received packet and sends an acknowledgment packet (ACK). Receipt of the acknowledgment indicates to the transmitter that no collision occurred. If the sender does not receive the acknowledgment then it retransmits the fragment until it receives acknowledgment or is abandoned after a given number of retransmissions. 25. CSMA/CA It can be seen from the above that the more times a wireless station has to back off or go into a random timeout, the less opportunity it has to transmit its data. This reduced opportunity for data transmission leads to less effective access to wireless bandwidth. This reduces the speed of the operation. In a worse case scenario the system would, after a number of retries, completely timeout and the wireless connection would be lost. 26. Virtual Carrier Sense In order to reduce the probability of two stations colliding because they cannot sense each others presence, the standard defines a Virtual Carrier Sense mechanism: A station wanting to transmit a packet first transmits a short control packet called RTS (Request To Send), which includes the source, destination, and the duration of the following transaction (the data packet and the respective ACK). The destination station after receiving this request packet responds with a response control packet called CTS (Clear to Send), which includes the same duration information. 27. Frame Fragmentation Send-and-WaitAlgorithm 28. 32 Interframe Spacing in 802.11. 29. Mobility in WLAN When a station wants to access an existing BSS (either after power-up, sleep mode, or physically entering into the BSS area), the station needs to get synchronization information from the AP (or from the other stations when in ad hoc mode). The station can get this information by one of two means: 1. Passive Scanning. In this case, the station just waits to receive a Beacon Frame from the AP. 2. Active Scanning. In this case the station tries to locate an Access Point by transmitting Probe Request Frames, and waits for Probe Response from the AP. 30. Mobility in WLAN - Authentication Once a wireless station has located an AP and decides to join its BSS, it goes through the authentication process. This is interchange of authentication information between the AP and the station, where the WLAN device proves its identity. 31. Mobility in WLAN - Association Once the station is authenticated, it then starts the association process which is the exchange of information about the stations and BSS capabilities, and which allows the DSS (the set of APs) to know about the current position of the station. A station is capable of transmitting and receiving data frames only after the association process is completed. 32. Mobility in WLAN Roaming Roaming is the process of moving from one cell (or BSS) to another without losing connection. This function is similar to the cellular phones handover, with two main differences: 1. On a packet-based LAN system, the transition from cell to cell may be performed between packet transmissions, as opposed to telephony where the transition may occur during a phone conversation. 2. On a voice system, a temporary disconnection during handoff does not affect the conversation. However, in a packet-based environment it significantly reduces performance because retransmission is performed by the upper layer protocols. 33. Mobility in WLAN Roaming The 802.11 standard does not define how roaming should be performed, but defines the basic tools. These include active/passive scanning, and a re-association process, where a station that is roaming from one AP to another becomes associated with the new AP. The Inter-Access Point Protocol (IAPP) specification addresses a common roaming protocol enabling wireless stations to move across multivendor access points. IAPP is the scope of IEEE standard 802.11f. 34. Mobility in WLAN Roaming IAPP defines two basic protocols, viz., Announce protocol and Handover protocol. The announce protocol provides coordination information between access points. This information relates to network wide configuration information about active APs. The handover protocol allows APs to coordinate with each other and determine the status of a station. When a station associates with a different AP, the old AP forwards buffered frames for the station to the new AP. The new AP updates the necessary tables in the MAC layer to ensure that the MAC level filtering will forward frames appropriately. This type of roaming is called horizontal roaming. 35. Mobility in WLAN Roaming Mobile IP is another protocol that is used to allow application layer roaming. Using Mobile IP, a mobile station can move from one type of network to another type of network. For example in an IMT-200 situation, the station moves from wireless LAN environment to a 3G wireless MAN environment. 36. Deploying WLAN Network Design The following are the issues to be dealt with in network design: 1. Scaling Capacity and Bandwidth 2. Channel Selection 3. AP Transmission Power 37. Deploying WLAN Configuring the Network Configuration of a wireless LAN includes configuration of both the access point and the mobile station. The first level of configuration is to assign an IP address to the AP. The Wired Equivalent Privacy (WEP) security, the shared key needs to be set both in the AP and the mobile station. The AP can also be configured as a Dynamic Host Configuration Protocol (DHCP) server where the AP will supply the IP address to the connecting client. Depending on the situation, security parameters for 802.1x or WEP are configured in the AP. This will include configuring the Remote Authentication Dial In User Service (RADIUS) server or other authentication servers like Kerberos etc. Other parameters like Service Set Identifier (SSID), channel selection, beacon interval etc. will be set on the AP. 38. Deploying WLAN Configuring the Network In the client we need to define the network type. Network types can be either infrastructure mode or ad hoc mode. The SSID needs to be defined in the client for the network identification and attachment. The shared WEP key needs to be installed in the client. 39. Deploying WLAN Managing the Network Two key components to a successful wireless network deployment are good management and monitoring tools. Providing a stable and manageable network infrastructure with effective support, problem detection, and problem resolution is dependent upon a good foundation of network products and tools. For the 802.11 wireless network, this includes utilities on the client computer that allow the user to monitor the health of their radio connection, and the infrastructure tools used by IT to manage and monitor the wireless network. Most of the clients provide tools to check the health of the link. Two main issues to be dealt with are: 1. Managing Access Points 2. Client Tools 40. MOBILE AD HOC NETWORK (MANET) A MANET is an autonomous system of mobile stations connected by wireless links to form a network. This network can be modeled in the form of an arbitrary graph. Ad hoc networks are peer-to-peer, multi-hop networks where data packets are transmitted from a source to a destination via intermediate nodes. Intermediate nodes serve as routers in this case. In an ad hoc network there will be situations when some of the nodes could be out of range with respect to some other nodes. When this happens, the network needs to reconfigure itself and ensure that the paths between two nodes are available. In an ad hoc network, communication links could be either symmetric (bidirectional) or asymmetric (unidirectional). 41. MOBILE AD HOC NETWORK 42. MOBILE AD HOC NETWORK To design a good wireless ad hoc network be it a sensor network or an information network, we need to account for various challenges. These are: 1. Dynamic topology 2. Limited security 3. Limited Bandwidth 4. Routing 43. Wireless Sensor Networks Wireless sensor networks are a class of ad hoc networks. Sensor networks are very useful in unpredictable, unreliable environments. Sensor networks are primarily data collection points. They are widely used in defense, environmental, meteorological, and study of nature. A wireless sensor network is a collection of low-cost, low- power disposable devices. Each of these devices holds sensing, memory, and communication modules. Study of the movement of glaciers is done through wireless ad hoc networks. Sensor networks are generally unmanned. Sensors may not have any power source other than small batteries. Therefore, power control is a major challenge in sensor networks to ensure long life of the network. 44. Wireless LAN Security In a wired network one has to be physically connected to transfer or receive data. This implies that it is possible to control the users in the network by controlling the physical access. Using a wireless network means using a radio transmitter and receiver. With varying degrees, radio signals will penetrate most building materials. Therefore, it is not possible to set up absolute physical boundary and expect that no outsider will be able to intrude into the network. With wireless networks, we have no control of who might be receiving and listening to the transmissions. Therefore, it is important that we understand the vulnerabilities of the wireless LAN and take necessary precautions. 45. RF Transmission pattern of Antennas 46. Limiting RF transmission It is important to consider controlling the range of RF transmission by an access point. It is possible to select proper transmitter/antenna combination that will help transmission of the wireless signal only to the intended coverage area. Antennas can be characterized by two featuresdirectionality and gain. Omni-directional antennas have a 360-degree coverage area, while directional antennas limit coverage to better-defined areas 47. Service Set Identifier (SSID) According to the 802.11 standard, a mobile station has to use the SSID of the access point for association between the Network Interface Card (NIC) in the client and the AP. The SSID is a network name (Id of the BSS or Cell) that identifies the area covered by an AP. The AP periodically broadcasts its SSID as a part of the management frame (beacon packet). The broadcast of beacon packet is necessary for clock synchronization. The wireless station wishing to associate with the AP must have its SSID configured to that of the AP. If the SSID is not known, management frames sent to the AP from the wireless station will be rejected. It is also advised that the SSID of the AP is changed from the factory set defaults to some name, which is difficult to guess. 48. MAC Address Access Control Many access points support MAC address filtering. This is similar to IPFiltering. The AP manages a list of MAC addresses that are allowed or disallowed in the wireless network. The idea is that the MAC address of the network card is unique and static. By controlling the access from known addresses, the administrator can allow or restrict the access of network only to known clients. 49. Authentication Modes Two types of client authentication are defined in 802.11: Open System Authentication and Shared Key Authentication. 1. Open system authentication is no authentication at all. 2. Shared key authentication is based on the fact that both stations taking part in the authentication process have the same shared key. 50. Wired Equivalent Privacy (WEP) WEP was designed to protect users of a WLAN from casual eavesdropping and was intended to offer following facilities: Reasonably strong encryption - It relies on the difficulty of recovering the secret key through a brute force attack. The difficulty grows with the key length. Self-synchronizing - Each packet contains the information required to decrypt it. There is no need to deal with lost packets. Efficient - It can be implemented in software with reasonable efficiency. Exportable - Limiting the key length leads to a greater possibility of export beyond US. 51. Possible Attacks Passive attacks Active attacks Active attacks to decrypt traffic Dictionary-building attack Hijacking a session 52. 802.1X Authentication To prevent attacks on wireless LAN, the IEEE specification committee on 802.11 included the 802.1x authentication framework. The 802.1x framework provides the link layer with extensible authentication, normally seen in higher layers. 802.1x requires three entities: 1. The supplicant Resides on the wireless LAN client 2. The authenticator Resides on the access point 3. The authentication server Resides on the server authenticating the client (e.g., RADIUS Kerberos, or other servers) 53. 802.1X Authentication 54. Wireless VPN Virtual Private Network (VPN) technology has been used to secure communications among remote locations via the Internet since the 1990s. It is now being extended to wireless LAN. VPNs were traditionally used to provide point-to-point encryption for long Internet connections between remote users and the enterprise networks. VPNs have been deployed in wireless LANs as well. When a wireless LAN client uses a VPN tunnel, communications data remains encrypted until it reaches the VPN gateway, which sits behind the wireless AP. Thus, intruders are effectively blocked from intercepting all network communications. 55. 802.11i Task Group i within IEEE 802.11, is developing a new standard for WLAN security. The proposed 802.11i standard is designed to embrace the authentication scheme of 802.1x and EAP while adding enhanced security features, including a new encryption scheme and dynamic key distribution. Not only does it fix WEP, it takes wireless LAN security to a higher level. The proposed specification uses the Temporal Key Integrity Protocol (TKIP) to produce a 128-bit temporal key that allows different stations to use different keys to encrypt data. TKIP introduces a sophisticated key generation function, which encrypts every. 56. 3G versus Wifi 57. 3G versus Wifi