Today, Wi-Fi networks are secured by using a number of methods. Those methods protect Access Points (APs) and clients from a wide variety of attacks: connection hijacking, unauthorized connections to legitimate APs, Denial of Service (DoS) attacks, address spoofing, attempts at network bridging, rogue APs, man-in-the-middle attacks, and the list goes on.
Any sort of wireless communication is more difficult to defend than a wired network. One main reason is that radio waves propagate. Unless your network has extremely sophisticated transmitters, antennas, and wave propagation limiters, controlling the extent to which your waves are traveling is very difficult. If intruders can pick up your Wi-Fi signals, they have some amount of access to the communication taking place. But encryption helps protect the data being transmitted, and AP and client security systems help prevent intrusion and service disruption.
A number of security solutions are designed specifically to protect wireless networks, and they work reasonably well, but there is still room for improvement. In the near future, we'll see enhancements and features added to many of those solutions, and we'll undoubtedly see new solutions come to the marketplace.
At the recent Intel Developer Forum, Justin Rattner, Intel senior fellow and director of Intel's Corporate Technology Group, demonstrated some interesting new wireless networking technology that could help improve security. The technology involves wireless devices that can become aware of a person's physical location, similar to GPS technology but without the need for orbiting satellites. The company said that its client location technology is currently accurate to within a 1-meter radius.
In essence, an AP uses the new technology to determine a client's location by timing the transmission of data to and from the client. Because the rate of travel can be known, the distance between APs and clients can be calculated.
AP antennas can play a significant role in the refinement of client location systems because the antennas can be designed to transmit signals within a specific area in a given direction. A specially designed AP antenna could allow an AP to determine where a client is located relative to the AP's position. I suspect that Intel's technology takes advantage of a somewhat unique antenna design as compared to typical AP antennas in use today.
The security of wireless networks could be greatly improved by using client location awareness. In practice, an AP could be configured to allow connections only from devices that are within 30 feet. Similarly, wireless Intrusion Detection Systems (IDSs) could be set to detect any client systems attempting communication from farther away than a predefined distance from the AP.
Of course the application of such technology isn't limited to enhanced security. During his demonstration, Rattner showed how he could be tracked in an on-stage mock-up of a home. As he moved from place to place, wireless transmission of a video broadcast was switched to the screen closest to him. However, to security administrators, this peek into the near future is most interesting because of the significant implications for improved network security.