Previous | Table of Contents | Next |
Many applications take advantage of the strong authentication capabilities of smart cards. The most common application is electronic money. Another example of smart-card flexibility is in a building security system protected by card access that otherwise requires a large network of cables connecting the door reader, door controllers, and host computer. By converting systems to a smart-card system and using the onboard data base and encryption capabilities, the miles of network cabling and host computer may be eliminated. However, the need for a special card reader coupled with the mobile users desire to travel light all but eliminates the smart-card as a practical security mechanism in todays mobile arena.
Cellular Digital Packet Data. Cellular digital packet data (CDPD) technology is rapidly building its infrastructure right alongside the traditional analog cellular infrastructure. In fact, much of the existing analog base stations are being used. Similar to most public communications efforts, a coalition of common carriers have cooperated to ensure interoperability. CDPD was developed by a group of major cellular communications companies. This prestigious group makes it clear that by leveraging existing technologies and infrastructures, they will have a nationwide network available within a very short time.
As the caller moves from one analog cell to the next, the ability to transmit data digitally means faster transmission speeds and a solution to the current problem of lost or repeated transmission. The user will be able to send and receive data while in a moving car.
Technologists believe that because existing common protocols are used, todays applications can use CDPD without modification. The one drawback that may impede CDPD deployment is the development of effective modems that support CDPD.
Three types of CDPD services are provided. CDPD Network allows subscribers to transfer data through their applications as an extension of their internal network. In CDPD Networked Applications Services, the cellular provider provides specific application services like E-mail, directory services, and virtual terminal services to subscribers. CDPD Network Support Services provides network management, use accounting, and network security. The security practitioner should not assume that cellular carriers security interpretation or objectives are the same as those of the organization. The carriers direction is intended to protect its investment in the CDPD Network and principally to ensure that only authorized paying subscribers use the network. A secondary concern is providing data privacy. It is not practical for the carrier to comply with each subscribers security policies.
The user should already be aware of the security risk associated with cellular transmissions. Cellular (analog or digital) transmission is a miniature radio station broadcasting to everyone who has the receiving equipment. Digital transmission will be able to scramble the transmission by channel hopping, which makes interception more difficult but not impossible for the motivated eavesdropper. Therefore, the best solution to maintain data integrity and confidentiality is through digital signaturing and encryption. Because of the administrative overhead associated with key management of symmetric keys (the same passphrase is used to encrypt and decrypt the message), public and private key encryption is recommended.
Wireless Communication. Although cellular communication is a desirable tool for mobile users, wireless communication may be a valuable capability for those roving from place to place within the confines of their own building. Wireless networking employs a number of different methods. One of the most popular of these methods is spread- spectrum radio. Wireless adapters connect into a computer either internally or through the parallel port, and they then communicate to a base-station or what could be called a wireless hub. The communication receiving area of the base station is usually several hundred feet, and the microcomputer and adapter may be placed anywhere within that radius. Other methods use a line-of-sight transmission technology.
Previous | Table of Contents | Next |