Overview
As wireless technology emerges into the mainstream of the networking and communications markets, the wireless development community has a unique opportunity to be proactive, rather than reactive, in its approach to security. At this early point in the wireless industry, developers can anticipate future security needs and integrate security considerations into every stage of the development process. Wireless Security and Privacy shows developers how to take advantage of this exceptional opportunity.Written for wireless development professionals new to security, as well as security professionals moving into the wireless arena, this book presents the foundation upon which to design and develop secure wireless systems. It looks in depth at the key issues faced by those who develop wireless devices and applications, describes the technology and tools that are now available, and offers a proven methodology for designing a comprehensive wireless risk management solution.
In particular, Wireless Security and Privacy documents the I-ADD process, which offers a standardized, systematic approach for identifying targets, analyzing vulnerabilities, defining strategies, and designing security into the entire development lifecycle of a wireless system.
The book also examines such important topics as:
- Fundamental wireless and security principles
- Specific wireless technologies, including 802.11b, Bluetooth, and WAP
- The security implications of the architecture of PDAs, cell phones, and wireless network cards for laptops
- The security shortcomings of wireless development languages
- Development of a riskmodel for a wireless system
- Cryptography essentials
- The role of COTS products in a comprehensive security solution
- Privacy policy and legal issues
- Analysis of known and theoretical attacks
- Security, financial, and functionality tradeoffs
Several case studies run throughout the book, illustrating the application of important concepts, techniques, strategies, and models.
In all, this practical guidebook builds a framework for understanding the present and future of wireless security and offers the specific security strategies and methodologies that are critical for success in this fast-moving market.
Editorials
From Barnes & Noble
The Barnes & Noble ReviewEveryone loves wireless -- especially hackers. It’s terrifying how insecure many wireless systems are “out of the box.” Fortunately, many of tomorrow’s most important wireless systems haven’t been built yet. It’s not too late to dramatically improve their security. This book will show you how.
The authors go far beyond the reactive “penetrate and patch” cycle that plagues current wired and wireless systems. Instead, they present a complete methodology for identifying potential vulnerabilities, analyzing mitigations and protections, and designing the best solutions into systems upfront, when they can do the most good. Much of this coverage takes the form of “whiteboard exercises” in which you systematically identify exactly what must be protected in each of six high-level wireless system components, and exactly whom it must be protected from.
The book presents security-oriented discussions of each key wireless platform, device, and development language -- including 802.11b, Bluetooth, WAP, PDAs, cell phones, and J2ME. With healthy skepticism, the authors also explore what can and can’t be accomplished with cryptography, or with commercial off-the-shelf solutions such as VPNs and biometrics.
The authors have implemented wireless and wired security for leading financial institutions -- as well as the U.S. Department of Justice and the CIA. Whether you’re a wireless systems developer, a security professional, or a business decision maker who wants to ask the right questions before committing to new wireless technologies, they can help you, too. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.