Wireless Network Authentication Protocols

1.1. Introduction

Wireless network technology is mostly used in modern network. This is mostly because of its ease of access and the increasing advantages it provides on basis of wired network. A wireless networking point or device is a networking hardware device that allows a WIFI enabled device to connect to a wired network. Authentication is wireless network is essential for improving the security of the wireless devices. Appropriate authentication allows only the trusted individuals to access a network of wireless devices thus ensuring its secure usage (Vilius, Liu,  Panneerselvam & Stimpson, 2015). Authentication of a network is a security process that validates the authenticity or identity of a user by making use of a valid username and a password. The different wireless data security protocols and wireless network authentication process related to personal network, home and enterprise network are discussed in the following paragraphs.

1.2. Personal/Home wireless Authentication 

For home wireless authentication, three wireless authentication protocols can be used, which are WEP, WPA and WPA2. For home or personal wireless authentication, WPA2 is mostly used.

WEP or Wired Equivalent privacy is a security algorithm that is generally used for IEEE 802.11 wireless networks (Waliullah, Moniruzzaman & Rahman, 2015).  It makes use of a four step challenge response handshake for authentication and security. It is one of the most primitive methods of authentication and is hardy used nowadays because of the different security issues associated with WEP.

WPA or WiFi protected access is another wireless authentication protocol that can be used for solving certain security problems associated with the use of wireless networks. It provides a more sophisticated data encryption and authentication over WEP (Sari & Karay, 2015). The WPA used for secure home or personal network is also called WPA-PSK or WPA personal.

WPA 2 or Wifi protected access II is a authentication protocol that is mostly used in home networks. This authentication protocol is based on IEEE 802.11i technology of standard encryption. WPA 2 provides an additional layer of security to the wireless network in comparison to WPA (Khasawneh, Kajman,  Alkhudaidy & Althubyani, 2014). WPA2 for personal use mainly utilize manually configured keys for authentication. The clients in this method make use of same master key. This standard was finalized in June 2004 and it makes use of counter mode and CCMP protocol which is based on advanced encryption standard algorithm for authentication and data encryption. WPA2 is one of most secure authentication protocol and therefore is widely used for protecting the home and the personal wireless networks.

WEP

Appropriate administration of the devices associated with home or personal wireless network is essential in order to ensure that no data is lost. With the use of appropriate wireless authentication protocols, the administrative burden could considerably be reduced. WPA2 mainly works on basis of a pre shared key that ensures accurate security of the devices connected to the home network.

The WPA-PSK or WPA II is generally designed for home users. The configuration process of the devices includes configuration of the router by making use of a Temporal key integrity protocol (Adnan et al., 2015). This protocol is mainly used for generation of a unique encryption key for each wireless client associated with the network.

1.3. Corporate/ Enterprise wireless authentication

Wired Equivalent privacy or WEP is incapable of providing adequate security to the corporate or wireless network. This is mainly because it is more prone to hacking. Therefore, for authentication and security of corporate or wireless authentication network, WPA or Wireless protected access authentication and encryption protocol is mainly used. WPA-enterprise is a wireless security protocol that is mainly designed for all types of enterprises, be it small, medium or large. It is an enhancement to the existing wireless security protocol that makes use of certain advanced authentication and encryption protocol (Kumar & Gambhir, 2014). The user authentication in WPA-enterprise is managed by making use of Remote Authentication Dial-in User service or RADIUS. WPA-enterprise is similar to WPA-PSK in a number of aspects; however, WPA-enterprise requires each user to self authentication through a RADIUS server for improved protection. In this authentication protocol, a long encryption key is generally assigned to each of the connected devices (Sharma, Mishra & Singh, 2013). Furthermore, the key that is shared with the users are invisible which makes it practically impossible to break the security. This authentication protocol mainly makes use of AES or advanced encryption standard for ensuring extra protection.

Thus it can be said that the enterprise variant of WPA is secure as it makes use of RADIUS server for user authentication. This is one of the primary reasons behind the fact that WPA enterprise provides an additional security in comparison to WPA2. WPA2 is mainly used for personal users and it operates on basic of pre shared keys. For accessing the wireless network, the said pre shared key is used which is vulnerable to attack (Cassola, Robertson,  Kirda & Noubir, 2013). However, in WPA enterprise, the authentication is based on a back end RADIUS server and therefore, it needs and access to username and password for gaining an access to the wireless network thus providing an additional layer of security.

WPA

Since WPA enterprise provides the much needed security for enterprise network, it considerably reduces the administrative burden. Configuration of devices in WPA enterprise includes configuration of the RADIUS server and self authentication of the same by each of the users. For user authentication, a long encryption key is assigned to each of the connected devices in the network (Narayan, Jayawardena Wang & Ma, 2015). The user authentication associated with the access of the network is mainly based on their account certificates.

WPA enterprise is the latest security protocol that is developed by WI-Fi Alliance along with the WPA-PSK (Kurup, Shah & Shah, 2014). The system requirements for configuration of WPA enterprise include Microsoft windows server, Microsoft active directory and RADIUS authentication service and IIS.

Use of wireless networks has mostly seen a rise in the recent years mainly because of the advantages and benefits it provides. Wireless network is quite easy to set up and is easy to use as well in comparison to wired network. However, one of the major concerns associated with the use of wireless network is that, it is quite prone to attacks. In order to ensure that the security risks and issues will be minimized, it is essential to make use of appropriate security and authentication protocols for secure use. Therefore, for home or personal uses, WPA2 is recommended while that of enterprise use, WPA enterprise is recommended. Both the protocols ensures user authentication that in turn ensures that any unauthorised access to the network is prevented.

2.1. Introduction 

DSC or desired state configuration is an important feature in windows server 2012and Powershell 4.0. It helps the windows administrators in managing and deploying the configuration data of the services. The desired state configuration provides a set of power shell language for declarative scripting. An accurate use of desired state configuration can possibly help different organization in avoiding certain drifts in configuration and during modification of any default settings (Bukowiec, Gaspar & Smith, 2017). Thus it can be said that desired state configuration is important for system administrators as well. The aim of this section of report is to understand the concept of desired state configuration and its importance for the system administrators. The details of desired state configuration are provided in the following sections.

2.2. Desired State Configuration 

A desired state configuration is a special function of PowerShell that helps in defining the process by which one can configure a system. Thus DSC can be described as a PowerShell extension that has a number of roles to play. PowerShell desired state configuration helps in installation or removal of different server roles and features (Wilson, 2014 ). It helps in management of the registry settings, management of files and directories and so on. Powershell DSSC is important for a number of other functions as well. It helps in controlling and management of different services and processes and further helps in managing the local groups and user accounts (Zacker, 2014). PowerShell DSC is important for installation and management of different packages that includes .msi and .exe packages. Apart from that, the PowerShell DSC is important for discovery of the actual or default configuration of a particular node.

WPA2

Desired state configuration is therefore can be described as a declarative platform that is mainly used for configuration, management and deployment of certain system. The three primary concepts of DSC include configurations, resources and local configuration manager (Wilson, 2015). Configurations can be described a declarative power-shell scripts that defines and configures the instances of the associated resources. The net component, which is the resources, contains certain codes that help in keeping the target of a configuration in a specified state (Herry, Anderson & Rovatsos, 2013). The local configuration manger on the other hand acts as an engine that helps the DSC in facilitating the interaction between their resources and the configuration of the resources.

The PowerShell desired state configuration is flexible enough to provide reliable and consistent functions in each state of deployment life cycle. It can be seen that the desired state configuration mainly centres around configurations, which is an easy to read document having specific characteristics. One of the significant benefits of desired state configuration is that it helps in making the deployment of specific sets of machines considerably less error prone (Hermanns & Steffens, 2015). With desired state configuration, both on premise and off premise deployments can be managed. The pull server associated with the desired state configuration is used for centralizing the management of machines and their status reporting.

2.3. Importance of DSC for system Administrators 

Working with desired state configuration can bring about certain advantages for the system administrators. One of the major advantages is the easy deployment. This is possible mainly because the desired state configuration is a versatile feature that enables consistent deployment and maintenance of virtual machines (Karthikeyan, 2018). The desired state configuration is a great tool for providing a high level of automated management. With PowerShell desired state configuration, system administrators can easily configure the multiple virtual machines. However, for that accurate writing of the script is essential. With the powershell desired state configuration, the system administrators can easily enable or disable the individual windows server. The desired state configuration tool can further help the system administrators in managing large scale environments. The configuration of a large number of web servers is possible with the PowerShell desired state configuration. Thus it can be said that the desired state configuration tool is extremely useful for server configuration, which helps the system administrators in managing a large number of servers at a time. Furthermore with PowerShell desired state configuration, automation of virtual machine deployment is possible, which is advantageous for the system administrators as well.

2.4. Impact on Administrative Burden and Alternative Technology

Wireless Network Authentication for Home and Personal Use

The desired state configuration provides a number of advantages, out of which, the major one being easier server configuration. This definitely reduces administrative burden as it is extremely useful.

The PowerShell desired state configuration is a configuration management platform built into windows. The desired state configuration provides enough flexibility and consistency in each stage of deployment. However, there are certain alternative technologies that can be used instead of PowerShell desired state configuration. One such technology is Ansible. Ansible is a radically simple IT automation engine that is used for automation of cloud provisioning along with configuration management. It is mainly designed for multi tier deployments. Ansible helps in modeling the IT infrastructure as well apart from managing the same. With Ansible, the systems can be easily deployed as it makes use of simple language. Puppet is another alternative to DSC (Bukowiec, Gaspar & Smith, 2017). Puppet is an automation solution that helps in saving time, gaining visibility and ensures consistency of the IT infrastructure. Another technology is Salt, which is a powerful and remote execution manager that administers and provisions the servers in a fast and efficient manner. Salt allows the associated commands to be executed over a large group of servers that helps in easier management of the systems.  Furthermore, it helps in quick introspection into the running systems. Another significant alternative to PowerShell desired state configuration is Chef. It is an open source system integration framework that helps in achieving similar results as that provided by Microsoft PowerShell desired state configuration. With Chef, source code is written each part of the infrastructure and later, those descriptions are used for configuration of the servers.

Conclusion 

Desired state configuration is considered to be an essential part of configuration management associated with the Windows based servers. PowerShell desired state configuration helps in easier management of server configuration and proves to be a great tool for the system administrators. It is associated with the PowerShell script that helps in easy configuration of the servers. Along with the concept of desired state configuration, the importance of Microsoft PowerShell desired state configuration is discussed in the report. The desired state configuration provides a number of advantages, yet there are certain alternative solutions of technologies that can help in achieving similar results. Those alternatives are discussed in the report as well.

References 

Adnan, A. H., Abdirazak, M., Sadi, A. S., Anam, T., Khan, S. Z., Rahman, M. M., & Omar, M. M. (2015, December). A comparative study of WLAN security protocols: WPA, WPA2. In Advances in Electrical Engineering (ICAEE), 2015 International Conference on (pp. 165-169). IEEE.

Wireless Network Authentication for Corporate or Enterprise Use

Bukowiec, S., Gaspar, R., & Smith, T. (2017, October). Windows Terminal Servers Orchestration. In Journal of Physics: Conference Series (Vol. 898, No. 8, p. 082025). IOP Publishing.

Bukowiec, S., Gaspar, R., & Smith, T. (2017, October). Windows Terminal Servers Orchestration. In Journal of Physics: Conference Series (Vol. 898, No. 8, p. 082025). IOP Publishing.

Cassola, A., Robertson, W. K., Kirda, E., & Noubir, G. (2013, February). A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication. In NDSS.

Hermanns, J., & Steffens, A. (2015). The current state of ‘Infrastructure as Code’and how it changes the software development process. Full-scale Software Engineering, 19.

Herry, H., Anderson, P., & Rovatsos, M. (2013, October). Choreographing configuration changes. In Network and Service Management (CNSM), 2013 9th International Conference on (pp. 156-160). IEEE.

Karthikeyan, S. A. (2018). Automated Provisioning and Performance Fine-Tuning. In Practical Microsoft Azure IaaS(pp. 191-230). Apress, Berkeley, CA.

Khasawneh, M., Kajman, I., Alkhudaidy, R., & Althubyani, A. (2014, March). A survey on Wi-Fi protocols: WPA and WPA2. In International Conference on Security in Computer Networks and Distributed Systems (pp. 496-511). Springer, Berlin, Heidelberg.

Kumar, U., & Gambhir, S. (2014). A literature review of security threats to wireless networks. International Journal of Future Generation Communication and Networking, 7(4), 25-34.

Kurup, L., Shah, M. V., & Shah, D. (2014). Comparative Study of Attacks on Security Protocols. Int. J. Adv. Res. Comput. Eng. Technol. IJARCET Univ. Mumbai India, 3(8).

Narayan, S., Jayawardena, C., Wang, J., & Ma, W. (2015, January). Performance test of IEEE 802.11 ac wireless devices. In Computer Communication and Informatics (ICCCI), 2015 International Conference on (pp. 1-6). IEEE.

Sari, A., & Karay, M. (2015). Comparative analysis of wireless security protocols: WEP vs WPA. International Journal of Communications, Network and System Sciences, 8(12), 483.

Sharma, S., Mishra, R., & Singh, K. (2013, January). A review on wireless network security. In International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness (pp. 668-681). Springer, Berlin, Heidelberg.

Vilius, K., Liu, L., Panneerselvam, J., & Stimpson, T. (2015, September). A critical analysis of the efficiencies of emerging wireless security standards against network attacks. In Intelligent Networking and Collaborative Systems (INCOS), 2015 International Conference on (pp. 472-477). IEEE.

Waliullah, M., Moniruzzaman, A. B. M., & Rahman, M. S. (2015). An experimental study analysis of security attacks at IEEE 802.11 wireless local area network. International Journal of Future Generation Communication and Networking, 8(1), 9-18.

Wilson, E. (2014). Windows PowerShell best practices. Pearson Education.

Wilson, E. (2015). Windows PowerShell Step by Step. Microsoft Press.

Zacker, C. (2014). Installing and Configuring Windows Server 2012 R2: Exam 70-410. Wiley.