Audit-based access control in nomadic wireless environments

Abstract

Wireless networks have been rapidly growing in popularity, both in consumer and commercial arenas, but their increasing pervasiveness and wide-spread coverage raises serious security concerns. Client devices can potentially migrate, usually passing through very light access control policies, between numerous diverse wireless environments, bringing with them software vulner-abilities and possibly malicious code. To cope with this new security threat we propose a new active third party authentication, authorization and audit/examination strategy in which, once a device enters an environment, it is subjected to security analysis by the infrastructure, and if it is found to be dangerously insecure, it is immediately taken out from the network and denied further access until its vulnerabilities have not been fixed. Encouraging results have been achieved utilizing a proof-of-concept model based on current technology and standard open source networking tools. © Springer-Verlag Berlin Heidelberg 2006.