Shipping, RFID tags, Mobile Device Security and Wireless Communication - Part 2

Loading...

From the course by University at Buffalo

Cyber Security in Manufacturing

44 ratings

University at Buffalo

Cyber Security in Manufacturing

44 ratings

Course 7 of 9 in the Specialization Digital Manufacturing & Design Technology

The nature of digital manufacturing and design (DM&D), and its heavy reliance on creating a digital thread of product and process data and information, makes it a prime target for hackers and counterfeiters. This course will introduce students to why creating a strong and secure infrastructure should be of paramount concern for anyone operating in the DM&D domain, and measures that can be employed to protect operational technologies, systems and resources. Acquire knowledge about security needs and the application of information security systems. Build the foundational skills needed in performing a risk assessment of operational and information technology assets. Gain valuable insights of implementing controls to mitigate identified risks. Main concepts of this course will be delivered through lectures, readings, discussions and various videos. This is the seventh course in the Digital Manufacturing & Design Technology specialization that explores the many facets of manufacturing’s “Fourth Revolution,” aka Industry 4.0, and features a culminating project involving creation of a roadmap to achieve a self-established DMD-related professional goal. To learn more about the Digital Manufacturing and Design Technology specialization, please watch the overview video by copying and pasting the following link into your web browser: https://youtu.be/wETK1O9c-CA

From the lesson

Protecting Operational Technologies and Intellectual Property

The purpose of this module is to describe how the various operational steps of digital manufacturing – that includes - supply chain, shipping process, mobile device usage and the associated communication – can be protected, along with the Intellectual Property (IP) items that arise during digital manufacturing and design.

Shipping, RFID tags, Mobile Device Security and Wireless Communication - Part 16:05

Shipping, RFID tags, Mobile Device Security and Wireless Communication - Part 26:25

Meet the Instructors

Shambhu Upadhyaya
Professor
Computer Science and Engineering

We will now look at three wireless network security protocols.

First, Wired Equivalent Privacy, also called WEP.

This protocol is a security mechanism defined in the IEEE 802.11 standard.

It is intended to provide confidentiality over

a wireless network by encrypting information sent over that network.

But, since the encryption technique used by WEP is weak

and the encryption key can be guessed easily using brute-force attack,

it is not considered safe to use it nowadays.

Second, W-Fi Protected Access, also called WPA.

This is a wireless security protocol designed to

address and fix the known security issues in WEP.

WPA is a stronger encryption mechanism by use of what is called

the Temporal Key Integrity Protocol or TKIP for data encryption.

In 2008, TKIP was also compromised, meaning,

broken, and attackers successfully sniffed

the data packets or the network and were able to manipulate content.

Therefore, TKIP is no longer considered secure.

To overcome the shortcomings of WPA,

WPA2 was then introduced with an even stronger encryption mechanism.

This leads us to the third protocol: Wi-Fi Protected Access 2 our WPA2.

This is based on the IEEE 802.11i standard.

WPA2 supports stronger cryptographic mechanism,

such as Advanced Encryption Standard or AES mentioned in module two,

and stronger authentication protocol,

such as Extensible Authentication Protocol,

also called EAP, which we will elaborate a little later.

Along with that, it also provides enhanced key management,

protection from replay attack,

and better data integrity.

Next, let us see how authentication is actually implemented in a wireless network.

Access points use different authentication mechanisms

for access control to a wireless network.

The simplest one is the Open Authentication Protocol.

Open Authentication allows any device to

authenticate and then communicate with the access point.

Using Open Authentication, any wireless device in

the vicinity can authenticate with the access point.

This is how it is done in Wi-Fi hotspots such as coffee-shops.

In reality, it means no security.

A somewhat secured authentication is the Shared Key Authentication.

Here, the access point sends a challenge text to a device which is requesting connection.

The device that is requesting

authentication encrypts it and send it back to the access point.

If the text is encrypted correctly,

then the access point knows that the device uses

the correct shared key and allows the requesting device to connect.

But this protocol has some serious flaws.

The packets transferred between the access point and

the device can be monitored and manipulated easily by an opponent.

Also, notice that the access point does not

do anything to prove to the mobile device that it knows the key.

Therefore, this authentication mechanism is considered unsafe.

A more secure and currently prevalent mechanism is

the Extensible Authentication Protocol.

EAP provides the highest level of security for a wireless network.

Extensible Authentication Protocol performs mutual authentication.

That is, both device and access point can authenticate each other for reliability.

The generic EAP involves an elaborate eight-stage authentication in which

the mobile device first sends authentication request to

the access point which in turn asks for the identity of device.

Thereafter, the access point conforms the identity of device by communicating with

the authentication server which stores the identity and other credentials of devices.

Once this process is done,

the access point allows the device to connect to the wireless network.

Optionally, the device can also authenticate

access point's identity by requesting for access point identifier.

Let us conclude this lesson with an analogy to describe EAP-based authentication,

which is the most secure authentication protocol in Wi-FI.

Let us say you are pulled over by a traffic police on a highway.

The first thing the officer does is asking

for your driver's license and vehicle registration.

You obliged, but asked for the officer's badge number.

You might normally recognize and trust the officer and

you rarely ask the officer for identification, but,

on the internet, such a two-way handshake is essential because,

who knows, it could be a rogue access point you might be dealing with.

The details of EAP are outside the scope of this course,

but rest assured that it is a very secure authentication protocol.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2018 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play